GitLab

Bug: 22046423
Change-Id: I0796e14df2b523570f0c485d146273f5e5aa5494
(cherry picked from commit 2b4ff174)

This reverts commit dc30a16b.

Change-Id: Ib6af148bcaa3041b3040e525442a39b493852794

Also we can't build the ota package without these static executables.

Bug: 21785137
Change-Id: I11b35abebced4b0608378a072ece2ab2dbadeffb

Introduce a way to speed up local builds. Don't build all test
modules if ANDROID_NO_TEST_CHECK is set to true.

On master branch this reduces what is built by more than
300 apps and 50 java libraries. Time for doing this on a
12 core machine running with -j13 is about 10 minutes.

Change-Id: I90feb108695ee60d0dbbf497644f767cc3748215

These symbols need to always be resolved for each binary. Making these
symbols hidden means that we will get a build breakage if this doesn't
happen, and should also prevent the situation where one unwinder's
symbols are visible to the other.

Bug: 18471342
Bug: 19958712
Change-Id: Ieff1f10dab254b60ed120410f45998cf75bb5b9b

Do not clean installed files, only intermediate files. This way, two
consequitive builds first without, then with SANITIZE_TARGET will
produce a frankenbuild with both sets of shared libraries.

Bug: 21785137
Change-Id: I231868b15331be942c783458cf36233c2e7740d3

A fully (or even mostly) asan-instrumented device will have 2 copies of each
shared library, which might not fit on system partition. Moving instrumented
libraries to /data.

Bug: 21785137
Change-Id: I64184261da2eb24a1382c67e4931c34a5a38b3c0

This also does a bit of cleanup in config_sanitizers.mk. The result is
that `LOCAL_SANITIZE := <any arbitrary ubsan group>` should function
fine for both host and target.

This is a superset of LOCAL_DETECT_INTEGER_OVERFLOWS, so remove that.
This also checks integer division by zero.  It's supposed to cover
shifting undefined behaviors as well, but apparently it does not
(though `LOCAL_SANITIZE := shift` works fine).

Change-Id: I4ac99eafa6920a3f8cb82af37ce56ff0fdb95223

Change-Id: Ibd7b87d1364a60289609a267a287c4afa1d5e5cb

This commit adds android.hardware.ethernet.xml file for ethernet
permission to PRODUCT_COPY_FILES which will be copied to
/system/etc/permission folder on the target. Reason for adding
this permission file is for enabling the ethernet and having
functional networking until RIL backend support in ranchu is
implemented.

This requires dhcpcd_eth0 service definition in init.ranchu.rc.

Architectures that use goldfish emulator do not need ethernet
support, because networking is provided by RIL.

Change-Id: I7972f80cf78c0fdecf3fde45bf018230bbcefd38

The same as SANITIZE_HOST, but for the target.
Also, skip all LOCAL_FORCE_STATIC_EXECUTABLE targets, as ASan does not
support static linking.

Bug: 21785137
Change-Id: Ief53ff8de1fee18f230d6c7dd31845db5bbd415c

Previously with "PRODUCT_AAPT_CONFIG := normal" resource with modifier
"small" isn't included.

Bug: 21643610
Change-Id: I53940d716fb9705462b1abb882e04103e211f8af

This reverts commit 063ef330.

I've migrated all users of this to the new option now, so we can drop
this.

Dropping `SANITIZE_HOST := true` will have to wait until the build
server configs have been updated.

Change-Id: I591436e197a6c6c079a6cd6a2decb702b574cd71

Change-Id: I641cb3fe998184f8926324e3365a7a99d87263df

libthread_db hasn't been in bionic for years.

Change-Id: Ibc036d894c6b6bf9ee4653f95ff7a000a223cb2e

Add build system support for LOCAL_DETECT_INTEGER_OVERFLOWS. When enabled,
an attempt to perform an integer arithmetic operation which overflows
will result in a call to abort(). This is intended for security
sensitive code, where integer overflow operations are not expected
nor desirable.

Two classes of underflows/overflows are detected and blocked:

1) Signed integer underflow/overflow.
2) Unsigned integer underflow/overflows.

Signed integer overflows are undefined behavior, according to the
C standard. Unsigned integer overflows are defined behavior, but
still undesirable in security sensitive code.

Only clang is supported today. gcc has -ftrapv for handling signed
integer overflow, but it's widely considered broken
(https://gcc.gnu.org/bugzilla/show_bug.cgi?id=35412) and we're
deliberately avoiding it's use here.

Change-Id: Ib4918dc84e37e83d4205e5035544545d91671e5f
Vaguely-Related-Bug: 11859726

We shouldn't be using ldlibs for target libraries because it doesn't
add a real dependency.

Change-Id: Ib1ec40b95356feb521e95674b64d04d5ecc06332

Adds audit2allow to the path. No build required.

Bug: 21724977
Change-Id: Ide320a56b9cdbfa426b978443f6df07fa2a38fbc

Clang is really aggressive at optimizing a handful of cases (read:
clang will ruin your day some if you write bad code). Fortunately, it
also emits a warning when it's about to do this.

To prevent anyone from suffering from these optimizations, make these
warnings errors and make them impossible to disable.

Change-Id: I5e10bb0fc2ca23190017da716b3b84635577a0bd