Merge "Add components to enable CFI for."
diff --git a/core/config_sanitizers.mk b/core/config_sanitizers.mk
index 9ea1ff4..aa591ec 100644
--- a/core/config_sanitizers.mk
+++ b/core/config_sanitizers.mk
@@ -34,6 +34,16 @@
endif
endif
+# Global integer sanitization doesn't support static modules.
+ifeq ($(filter SHARED_LIBRARIES EXECUTABLES,$(LOCAL_MODULE_CLASS)),)
+ my_global_sanitize := $(filter-out integer_overflow,$(my_global_sanitize))
+ my_global_sanitize_diag := $(filter-out integer_overflow,$(my_global_sanitize_diag))
+endif
+ifeq ($(LOCAL_FORCE_STATIC_EXECUTABLE),true)
+ my_global_sanitize := $(filter-out integer_overflow,$(my_global_sanitize))
+ my_global_sanitize_diag := $(filter-out integer_overflow,$(my_global_sanitize_diag))
+endif
+
# Disable global CFI in excluded paths
ifneq ($(filter cfi, $(my_global_sanitize)),)
combined_exclude_paths := $(CFI_EXCLUDE_PATHS) \
@@ -132,10 +142,12 @@
my_sanitize_diag := $(filter-out cfi,$(my_sanitize_diag))
endif
-# Disable CFI for host targets
+# Disable sanitizers which need the UBSan runtime for host targets.
ifdef LOCAL_IS_HOST_MODULE
my_sanitize := $(filter-out cfi,$(my_sanitize))
my_sanitize_diag := $(filter-out cfi,$(my_sanitize_diag))
+ my_sanitize := $(filter-out signed-integer-overflow unsigned-integer-overflow integer_overflow,$(my_sanitize))
+ my_sanitize_diag := $(filter-out signed-integer-overflow unsigned-integer-overflow integer_overflow,$(my_sanitize_diag))
endif
# Support for local sanitize blacklist paths.
@@ -212,23 +224,26 @@
endif
ifneq ($(filter integer_overflow,$(my_sanitize)),)
- ifneq ($(filter SHARED_LIBRARIES EXECUTABLES,$(LOCAL_MODULE_CLASS)),)
- ifneq ($(LOCAL_FORCE_STATIC_EXECUTABLE),true)
+ # Respect LOCAL_NOSANITIZE for integer-overflow flags.
+ ifeq ($(filter signed-integer-overflow, $(strip $(LOCAL_NOSANITIZE))),)
+ my_sanitize += signed-integer-overflow
+ endif
+ ifeq ($(filter unsigned-integer-overflow, $(strip $(LOCAL_NOSANITIZE))),)
+ my_sanitize += unsigned-integer-overflow
+ endif
+ my_cflags += $(INTEGER_OVERFLOW_EXTRA_CFLAGS)
- # Respect LOCAL_NOSANITIZE for integer-overflow flags.
- ifeq ($(filter signed-integer-overflow, $(strip $(LOCAL_NOSANITIZE))),)
- my_sanitize += signed-integer-overflow
- endif
- ifeq ($(filter unsigned-integer-overflow, $(strip $(LOCAL_NOSANITIZE))),)
- my_sanitize += unsigned-integer-overflow
- endif
- my_cflags += $(INTEGER_OVERFLOW_EXTRA_CFLAGS)
-
- # Check for diagnostics mode (on by default).
- ifneq ($(filter integer_overflow,$(my_sanitize_diag)),)
+ # Check for diagnostics mode.
+ ifneq ($(filter integer_overflow,$(my_sanitize_diag)),)
+ ifneq ($(filter SHARED_LIBRARIES EXECUTABLES,$(LOCAL_MODULE_CLASS)),)
+ ifneq ($(LOCAL_FORCE_STATIC_EXECUTABLE),true)
my_sanitize_diag += signed-integer-overflow
my_sanitize_diag += unsigned-integer-overflow
+ else
+ $(call pretty-error,Make cannot apply integer overflow diagnostics to static binary.)
endif
+ else
+ $(call pretty-error,Make cannot apply integer overflow diagnostics to static library.)
endif
endif
my_sanitize := $(filter-out integer_overflow,$(my_sanitize))
diff --git a/core/definitions.mk b/core/definitions.mk
index e259e19..93decc4 100644
--- a/core/definitions.mk
+++ b/core/definitions.mk
@@ -471,8 +471,8 @@
###########################################################
## Find test data in a form required by LOCAL_TEST_DATA
## $(1): the base dir, relative to the root of the source tree.
-## $(3): the file name pattern to be passed to find as "-name"
-## $(2): a list of subdirs of the base dir
+## $(2): the file name pattern to be passed to find as "-name"
+## $(3): a list of subdirs of the base dir
###########################################################
define find-test-data-in-subdirs