Move MTE mode settings to a product variable.

Allow product configuration of memtag target list by moving the current set into a product variable instead of the various .bp files. The default list of memtag targets can be found in build/make/target/product/memtag-common.mk This is NFC as all targets in the list already have "memtag_heap: true" in the build files. Bug: 280343521 Test: no functional change Merged-In: I5954fde05256e00a8e01c114ad522f50ed0cfa9f Change-Id: I5954fde05256e00a8e01c114ad522f50ed0cfa9f
2023-06-08 15:40:39 -07:00
parent 6090c8ee63
commit 5c8434d1c7
6 changed files with 51 additions and 2 deletions
--- a/core/config_sanitizers.mk
+++ b/core/config_sanitizers.mk
@@ -140,6 +140,10 @@ ifeq ($(filter memtag_heap, $(my_sanitize)),)
                                    $(PRODUCT_MEMTAG_HEAP_ASYNC_INCLUDE_PATHS)
    combined_exclude_paths := $(MEMTAG_HEAP_EXCLUDE_PATHS) \
                              $(PRODUCT_MEMTAG_HEAP_EXCLUDE_PATHS)
    ifneq ($(PRODUCT_MEMTAG_HEAP_SKIP_DEFAULT_PATHS),true)
      combined_sync_include_paths += $(PRODUCT_MEMTAG_HEAP_SYNC_DEFAULT_INCLUDE_PATHS)
      combined_async_include_paths += $(PRODUCT_MEMTAG_HEAP_ASYNC_DEFAULT_INCLUDE_PATHS)
    endif
    ifeq ($(strip $(foreach dir,$(subst $(comma),$(space),$(combined_exclude_paths)),\
          $(filter $(dir)%,$(LOCAL_PATH)))),)
--- a/core/product.mk
+++ b/core/product.mk
@@ -247,6 +247,16 @@ _product_list_vars += PRODUCT_CFI_EXCLUDE_PATHS
 # Whether any paths should have HWASan enabled for components
 _product_list_vars += PRODUCT_HWASAN_INCLUDE_PATHS
 # Whether any paths should have Memtag_heap enabled for components
 _product_list_vars += PRODUCT_MEMTAG_HEAP_ASYNC_INCLUDE_PATHS
 _product_list_vars += PRODUCT_MEMTAG_HEAP_ASYNC_DEFAULT_INCLUDE_PATHS
 _product_list_vars += PRODUCT_MEMTAG_HEAP_SYNC_INCLUDE_PATHS
 _product_list_vars += PRODUCT_MEMTAG_HEAP_SYNC_DEFAULT_INCLUDE_PATHS
 _product_list_vars += PRODUCT_MEMTAG_HEAP_EXCLUDE_PATHS
 # Whether this product wants to start with an empty list of default memtag_heap include paths
 _product_single_value_vars += PRODUCT_MEMTAG_HEAP_SKIP_DEFAULT_PATHS
 # Whether the Scudo hardened allocator is disabled platform-wide
 _product_single_value_vars += PRODUCT_DISABLE_SCUDO
--- a/core/soong_config.mk
+++ b/core/soong_config.mk
@@ -123,8 +123,8 @@ $(call add_json_list, IntegerOverflowExcludePaths,       $(INTEGER_OVERFLOW_EXCL
 $(call add_json_list, HWASanIncludePaths,                $(HWASAN_INCLUDE_PATHS) $(PRODUCT_HWASAN_INCLUDE_PATHS))
 $(call add_json_list, MemtagHeapExcludePaths,            $(MEMTAG_HEAP_EXCLUDE_PATHS) $(PRODUCT_MEMTAG_HEAP_EXCLUDE_PATHS))
-$(call add_json_list, MemtagHeapAsyncIncludePaths,       $(MEMTAG_HEAP_ASYNC_INCLUDE_PATHS) $(PRODUCT_MEMTAG_HEAP_ASYNC_INCLUDE_PATHS))
+$(call add_json_list, MemtagHeapAsyncIncludePaths,       $(MEMTAG_HEAP_ASYNC_INCLUDE_PATHS) $(PRODUCT_MEMTAG_HEAP_ASYNC_INCLUDE_PATHS) $(if $(filter true,$(PRODUCT_MEMTAG_HEAP_SKIP_DEFAULT_PATHS)),,$(PRODUCT_MEMTAG_HEAP_ASYNC_DEFAULT_INCLUDE_PATHS)))
-$(call add_json_list, MemtagHeapSyncIncludePaths,        $(MEMTAG_HEAP_SYNC_INCLUDE_PATHS) $(PRODUCT_MEMTAG_HEAP_SYNC_INCLUDE_PATHS))
+$(call add_json_list, MemtagHeapSyncIncludePaths,       $(MEMTAG_HEAP_SYNC_INCLUDE_PATHS) $(PRODUCT_MEMTAG_HEAP_SYNC_INCLUDE_PATHS) $(if $(filter true,$(PRODUCT_MEMTAG_HEAP_SKIP_DEFAULT_PATHS)),,$(PRODUCT_MEMTAG_HEAP_SYNC_DEFAULT_INCLUDE_PATHS)))
 $(call add_json_bool, DisableScudo,                      $(filter true,$(PRODUCT_DISABLE_SCUDO)))
--- a/target/product/media_system.mk
+++ b/target/product/media_system.mk
@@ -76,3 +76,7 @@ PRODUCT_VENDOR_PROPERTIES += \
 # Enable CFI for security-sensitive components
 $(call inherit-product, $(SRC_TARGET_DIR)/product/cfi-common.mk)
 $(call inherit-product-if-exists, vendor/google/products/cfi-vendor.mk)
 # Enable MTE for security-sensitive components
 $(call inherit-product, $(SRC_TARGET_DIR)/product/memtag-common.mk)
 $(call inherit-product-if-exists, vendor/google/products/memtag-vendor.mk)
--- a/target/product/memtag-common.mk
+++ b/target/product/memtag-common.mk
@@ -0,0 +1,30 @@
 # Copyright (C) 2023 The Android Open Source Project
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
 # This is a recommended set of common components to enable MTE for.
 PRODUCT_MEMTAG_HEAP_ASYNC_DEFAULT_INCLUDE_PATHS := \
    external/android-clat \
    external/iproute2 \
    external/iptables \
    external/mtpd \
    external/ppp \
    hardware/st/nfc \
    hardware/st/secure_element \
    hardware/st/secure_element2 \
    packages/modules/StatsD \
    system/bpf \
    system/netd/netutil_wrappers \
    system/netd/server
--- a/target/product/module_common.mk
+++ b/target/product/module_common.mk
@@ -17,6 +17,7 @@
 $(call inherit-product, $(SRC_TARGET_DIR)/product/default_art_config.mk)
 $(call inherit-product, $(SRC_TARGET_DIR)/product/languages_default.mk)
 $(call inherit-product, $(SRC_TARGET_DIR)/product/cfi-common.mk)
 $(call inherit-product, $(SRC_TARGET_DIR)/product/memtag-common.mk)
 # Enables treble, which enabled certain -D compilation flags. In particular, libhidlbase
 # uses -DENFORCE_VINTF_MANIFEST. See b/185759877