CFI include/exclude path support (Soong)
This CL adds the ability to centrally enable or disable CFI for
components using either an environment or product config
variable. This is a better, nore manageable option that enabling CFI
across each component individually.
Bug: 67507323
Test: CFI_INCLUDE_PATHS= system/nfc m -j40
Test: CFI_EXCLUDE_PATHS = frameworks/av m -j40
Change-Id: I38b77946759121aec99ab25f31aaee2e5d993f73
diff --git a/cc/sanitize.go b/cc/sanitize.go
index aeaaf16..70aa412 100644
--- a/cc/sanitize.go
+++ b/cc/sanitize.go
@@ -187,7 +187,9 @@
}
if found, globalSanitizers = removeFromList("cfi", globalSanitizers); found && s.Cfi == nil {
- s.Cfi = boolPtr(true)
+ if !ctx.AConfig().CFIDisabledForPath(ctx.ModuleDir()) {
+ s.Cfi = boolPtr(true)
+ }
}
if found, globalSanitizers = removeFromList("integer_overflow", globalSanitizers); found && s.Integer_overflow == nil {
@@ -205,11 +207,24 @@
s.Diag.Integer_overflow = boolPtr(true)
}
+ if found, globalSanitizersDiag = removeFromList("cfi", globalSanitizersDiag); found &&
+ s.Diag.Cfi == nil && Bool(s.Cfi) {
+ s.Diag.Cfi = boolPtr(true)
+ }
+
if len(globalSanitizersDiag) > 0 {
ctx.ModuleErrorf("unknown global sanitizer diagnostics option %s", globalSanitizersDiag[0])
}
}
+ // Enable CFI for all components in the include paths
+ if s.Cfi == nil && ctx.AConfig().CFIEnabledForPath(ctx.ModuleDir()) {
+ s.Cfi = boolPtr(true)
+ if inList("cfi", ctx.AConfig().SanitizeDeviceDiag()) {
+ s.Diag.Cfi = boolPtr(true)
+ }
+ }
+
// CFI needs gold linker, and mips toolchain does not have one.
if !ctx.AConfig().EnableCFI() || ctx.Arch().ArchType == android.Mips || ctx.Arch().ArchType == android.Mips64 {
s.Cfi = nil