Merge "Use -fno-sanitize-link-runtime for bionic sanitizers"
diff --git a/android/bazel.go b/android/bazel.go
index fee1de2..3046edb 100644
--- a/android/bazel.go
+++ b/android/bazel.go
@@ -449,6 +449,9 @@
"apex_manifest_proto_java", // b/215230097, we don't handle .proto files in java_library srcs attribute
+ "libc_musl_sysroot_bionic_arch_headers", // b/218405924, depends on soong_zip
+ "libc_musl_sysroot_bionic_headers", // b/218405924, depends on soong_zip and generates duplicate srcs
+
// python protos
"libprotobuf-python", // contains .proto sources
"conv_linker_config", // depends on linker_config_proto, a python lib with proto sources
diff --git a/android/licenses.go b/android/licenses.go
index e9e271b..b82d8d7 100644
--- a/android/licenses.go
+++ b/android/licenses.go
@@ -316,4 +316,7 @@
func licensesMakeVarsProvider(ctx MakeVarsContext) {
ctx.Strict("BUILD_LICENSE_METADATA",
ctx.Config().HostToolPath(ctx, "build_license_metadata").String())
+ ctx.Strict("HTMLNOTICE", ctx.Config().HostToolPath(ctx, "htmlnotice").String())
+ ctx.Strict("XMLNOTICE", ctx.Config().HostToolPath(ctx, "xmlnotice").String())
+ ctx.Strict("TEXTNOTICE", ctx.Config().HostToolPath(ctx, "textnotice").String())
}
diff --git a/bp2build/cc_library_conversion_test.go b/bp2build/cc_library_conversion_test.go
index ee19783..4c4953d 100644
--- a/bp2build/cc_library_conversion_test.go
+++ b/bp2build/cc_library_conversion_test.go
@@ -1287,6 +1287,7 @@
"strip": true,
"stubs_symbol_file": true,
"stubs_versions": true,
+ "inject_bssl_hash": true,
}
sharedAttrs := attrNameToString{}
staticAttrs := attrNameToString{}
@@ -1822,6 +1823,33 @@
)
}
+func TestLibcryptoHashInjection(t *testing.T) {
+ runCcLibraryTestCase(t, bp2buildTestCase{
+ description: "cc_library - libcrypto hash injection",
+ moduleTypeUnderTest: "cc_library",
+ moduleTypeUnderTestFactory: cc.LibraryFactory,
+ filesystem: map[string]string{},
+ blueprint: soongCcLibraryPreamble + `
+cc_library {
+ name: "libcrypto",
+ target: {
+ android: {
+ inject_bssl_hash: true,
+ },
+ },
+ include_build_directory: false,
+}
+`,
+ expectedBazelTargets: makeCcLibraryTargets("libcrypto", attrNameToString{
+ "inject_bssl_hash": `select({
+ "//build/bazel/platforms/os:android": True,
+ "//conditions:default": None,
+ })`,
+ }),
+ },
+ )
+}
+
func TestCcLibraryCppStdWithGnuExtensions_ConvertsToFeatureAttr(t *testing.T) {
type testCase struct {
cpp_std string
diff --git a/cc/config/tidy.go b/cc/config/tidy.go
index fdc246c..ba1043b 100644
--- a/cc/config/tidy.go
+++ b/cc/config/tidy.go
@@ -62,8 +62,9 @@
}, ",")
// clang-analyzer-* checks are too slow to be in the default for WITH_TIDY=1.
// nightly builds add CLANG_ANALYZER_CHECKS=1 to run those checks.
+ // The insecureAPI.DeprecatedOrUnsafeBufferHandling warning does not apply to Android.
if ctx.Config().IsEnvTrue("CLANG_ANALYZER_CHECKS") {
- checks += ",clang-analyzer-*"
+ checks += ",clang-analyzer-*,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling"
}
return checks
})
diff --git a/cc/library.go b/cc/library.go
index de5d46f..5d40820 100644
--- a/cc/library.go
+++ b/cc/library.go
@@ -386,6 +386,21 @@
Stubs_versions: compilerAttrs.stubsVersions,
}
+ for axis, configToProps := range m.GetArchVariantProperties(ctx, &LibraryProperties{}) {
+ for config, props := range configToProps {
+ if props, ok := props.(*LibraryProperties); ok {
+ if props.Inject_bssl_hash != nil {
+ // This is an edge case applies only to libcrypto
+ if m.Name() == "libcrypto" {
+ sharedTargetAttrs.Inject_bssl_hash.SetSelectValue(axis, config, props.Inject_bssl_hash)
+ } else {
+ ctx.PropertyErrorf("inject_bssl_hash", "only applies to libcrypto")
+ }
+ }
+ }
+ }
+ }
+
staticProps := bazel.BazelTargetModuleProperties{
Rule_class: "cc_library_static",
Bzl_load_location: "//build/bazel/rules:cc_library_static.bzl",
@@ -2602,4 +2617,5 @@
Stubs_symbol_file *string
Stubs_versions bazel.StringListAttribute
+ Inject_bssl_hash bazel.BoolAttribute
}
diff --git a/mk2rbc/cmd/mk2rbc.go b/mk2rbc/cmd/mk2rbc.go
index 8e23a53..e84eacd 100644
--- a/mk2rbc/cmd/mk2rbc.go
+++ b/mk2rbc/cmd/mk2rbc.go
@@ -40,7 +40,6 @@
)
var (
- rootDir = flag.String("root", ".", "the value of // for load paths")
// TODO(asmundak): remove this option once there is a consensus on suffix
suffix = flag.String("suffix", ".rbc", "generated files' suffix")
dryRun = flag.Bool("dry_run", false, "dry run")
@@ -71,7 +70,6 @@
quit("cannot alias unknown flag " + target)
}
flagAlias("suffix", "s")
- flagAlias("root", "d")
flagAlias("dry_run", "n")
flagAlias("convert_dependents", "r")
flagAlias("error_stat", "e")
@@ -91,6 +89,10 @@
}
flag.Parse()
+ if _, err := os.Stat("build/soong/mk2rbc"); err != nil {
+ quit("Must be run from the root of the android tree. (build/soong/mk2rbc does not exist)")
+ }
+
// Delouse
if *suffix == ".mk" {
quit("cannot use .mk as generated file suffix")
@@ -228,17 +230,16 @@
const androidProductsMk = "AndroidProducts.mk"
// Build the list of AndroidProducts.mk files: it's
// build/make/target/product/AndroidProducts.mk + device/**/AndroidProducts.mk plus + vendor/**/AndroidProducts.mk
- targetAndroidProductsFile := filepath.Join(*rootDir, "build", "make", "target", "product", androidProductsMk)
+ targetAndroidProductsFile := filepath.Join("build", "make", "target", "product", androidProductsMk)
if _, err := os.Stat(targetAndroidProductsFile); err != nil {
- fmt.Fprintf(os.Stderr, "%s: %s\n(hint: %s is not a source tree root)\n",
- targetAndroidProductsFile, err, *rootDir)
+ fmt.Fprintf(os.Stderr, "%s: %s\n", targetAndroidProductsFile, err)
}
productConfigMap := make(map[string]string)
if err := mk2rbc.UpdateProductConfigMap(productConfigMap, targetAndroidProductsFile); err != nil {
fmt.Fprintf(os.Stderr, "%s: %s\n", targetAndroidProductsFile, err)
}
for _, t := range []string{"device", "vendor"} {
- _ = filepath.WalkDir(filepath.Join(*rootDir, t),
+ _ = filepath.WalkDir(t,
func(path string, d os.DirEntry, err error) error {
if err != nil || d.IsDir() || filepath.Base(path) != androidProductsMk {
return nil
@@ -254,10 +255,9 @@
}
func getConfigVariables() {
- path := filepath.Join(*rootDir, "build", "make", "core", "product.mk")
+ path := filepath.Join("build", "make", "core", "product.mk")
if err := mk2rbc.FindConfigVariables(path, mk2rbc.KnownVariables); err != nil {
- quit(fmt.Errorf("%s\n(check --root[=%s], it should point to the source root)",
- err, *rootDir))
+ quit(err)
}
}
@@ -270,11 +270,11 @@
if name != "BUILD_SYSTEM" {
return fmt.Sprintf("$(%s)", name)
}
- return filepath.Join(*rootDir, "build", "make", "core")
+ return filepath.Join("build", "make", "core")
}
func getSoongVariables() {
- path := filepath.Join(*rootDir, "build", "make", "core", "soong_config.mk")
+ path := filepath.Join("build", "make", "core", "soong_config.mk")
err := mk2rbc.FindSoongVariables(path, fileNameScope{}, mk2rbc.KnownVariables)
if err != nil {
quit(err)
@@ -325,12 +325,11 @@
mk2starRequest := mk2rbc.Request{
MkFile: mkFile,
Reader: nil,
- RootDir: *rootDir,
OutputDir: *outputTop,
OutputSuffix: *suffix,
TracedVariables: tracedVariables,
TraceCalls: *traceCalls,
- SourceFS: os.DirFS(*rootDir),
+ SourceFS: os.DirFS("."),
MakefileFinder: makefileFinder,
ErrorLogger: errorLogger,
}
@@ -587,7 +586,7 @@
func (l *FileListMakefileFinder) Find(root string) []string {
root, err1 := filepath.Abs(root)
- wd, err2 := filepath.Abs(*rootDir)
+ wd, err2 := os.Getwd()
if root != wd || err1 != nil || err2 != nil {
return l.FindCommandMakefileFinder.Find(root)
}
diff --git a/mk2rbc/mk2rbc.go b/mk2rbc/mk2rbc.go
index 03cf21e..b8fe162 100644
--- a/mk2rbc/mk2rbc.go
+++ b/mk2rbc/mk2rbc.go
@@ -142,7 +142,6 @@
type Request struct {
MkFile string // file to convert
Reader io.Reader // if set, read input from this stream instead
- RootDir string // root directory path used to resolve included files
OutputSuffix string // generated Starlark files suffix
OutputDir string // if set, root of the output hierarchy
ErrorLogger ErrorLogger
@@ -378,7 +377,6 @@
nodes []starlarkNode
inherited []*moduleInfo
hasErrors bool
- topDir string
traceCalls bool // print enter/exit each init function
sourceFS fs.FS
makefileFinder MakefileFinder
@@ -414,11 +412,10 @@
}
func newParseContext(ss *StarlarkScript, nodes []mkparser.Node) *parseContext {
- topdir, _ := filepath.Split(filepath.Join(ss.topDir, "foo"))
predefined := []struct{ name, value string }{
{"SRC_TARGET_DIR", filepath.Join("build", "make", "target")},
{"LOCAL_PATH", filepath.Dir(ss.mkFile)},
- {"TOPDIR", topdir},
+ {"TOPDIR", ""}, // TOPDIR is just set to an empty string in cleanbuild.mk and core.mk
// TODO(asmundak): maybe read it from build/make/core/envsetup.mk?
{"TARGET_COPY_OUT_SYSTEM", "system"},
{"TARGET_COPY_OUT_SYSTEM_OTHER", "system_other"},
@@ -827,7 +824,7 @@
}
func (ctx *parseContext) findMatchingPaths(pattern []string) []string {
- files := ctx.script.makefileFinder.Find(ctx.script.topDir)
+ files := ctx.script.makefileFinder.Find(".")
if len(pattern) == 0 {
return files
}
@@ -1864,7 +1861,6 @@
starScript := &StarlarkScript{
moduleName: moduleNameForFile(req.MkFile),
mkFile: req.MkFile,
- topDir: req.RootDir,
traceCalls: req.TraceCalls,
sourceFS: req.SourceFS,
makefileFinder: req.MakefileFinder,
diff --git a/mk2rbc/mk2rbc_test.go b/mk2rbc/mk2rbc_test.go
index c499398..2083121 100644
--- a/mk2rbc/mk2rbc_test.go
+++ b/mk2rbc/mk2rbc_test.go
@@ -1387,7 +1387,6 @@
ss, err := Convert(Request{
MkFile: test.mkname,
Reader: bytes.NewBufferString(test.in),
- RootDir: ".",
OutputSuffix: ".star",
SourceFS: fs,
MakefileFinder: &testMakefileFinder{fs: fs},
diff --git a/mk2rbc/node.go b/mk2rbc/node.go
index 61aaf91..2fa6a85 100644
--- a/mk2rbc/node.go
+++ b/mk2rbc/node.go
@@ -101,7 +101,7 @@
func (i inheritedDynamicModule) emitSelect(gctx *generationContext) {
if i.needsWarning {
gctx.newLine()
- gctx.writef("%s.mkwarning(%q, %q)", baseName, i.location, "Including a path with a non-constant prefix, please convert this to a simple literal to generate cleaner starlark.")
+ gctx.writef("%s.mkwarning(%q, %q)", baseName, i.location, "Including a path with a non-constant prefix, please convert this to a simple literal to generate cleaner starlark. See https://source.android.com/setup/build/bazel/product_config/issues/includes for details.")
}
gctx.newLine()
gctx.writef("_entry = {")
diff --git a/rust/config/allowed_list.go b/rust/config/allowed_list.go
index 0962168..14fcb02 100644
--- a/rust/config/allowed_list.go
+++ b/rust/config/allowed_list.go
@@ -37,6 +37,7 @@
"system/tools/aidl",
"tools/security/fuzzing/example_rust_fuzzer",
"tools/security/fuzzing/orphans",
+ "tools/security/remote_provisioning/cert_validator",
"tools/vendor",
"vendor/",
}