Before this change, exclude paths disabled sanitization of targets that
would otherwise be enabled by SanitizeDevice product variable (aka
SANITIZE_TARGET).
With this change, in addition to the above logic, exclude path disables
sanitization of targets that would otherwise be enabled by the
corresponding include path.
Effectively, this change disables sanitization of targets that are
covered by *both* include and exclude paths.
Test: MEMTAG_HEAP_SYNC_INCLUDE_PATHS=system/extras \
MEMTAG_HEAP_EXCLUDE_PATHS=system/extras/su m su && \
readelf -n path/to/su | grep .note.android.memtag
Bug: b/184976817
Change-Id: Ifa44b85556c6468fe5a37b5e6864c4ce9561ae2b
Some libraries that go through manifest_check do not have a manifest or
APK, so there is nothing to check LOCAL_USES_LIBRARIES and
LOCAL_OPTIONAL_USES_LIBRARIES against. Handle it as if the manifest had
zero <uses-library> tags: don't fail the build unless the module has
non-empty LOCAL_USES_LIBRARIES or LOCAL_OPTIONAL_USES_LIBRARIES.
Bug: 132357300
Test: lunch cf_x86_64_phone-userdebug && m
Change-Id: I4b1317cfbd93cb6129caba51b56081307a564442
As we don't fix the grf window, we may not calculate the grf
expiration date and the required api level.
The verification of this will be covered by the tests at run time.
Bug: 176950752
Test: atest --host post_process_props_unittest
Change-Id: I1205f0d9a9da5bc508a49acbcbb7da581800bf45
It currently uses TARGET_BUILD_APPS just like tapas, but the use case is
different and it may diverge more in the future.
Test: banchan com.android.art
Test: banchan help
Test: banchan
Test: hmm
Bug: 179779520
Change-Id: Iae718e65a2a7212c741c397e03c6f9a6d5ee8951
Starting with Android R, debugfs cannot be mounted on production
devices. In order to minimize the differences w.r.t debugfs between user
and userdebug/eng builds, enforce a set of run-time and build-time
restrictions on debugfs access for S launch devices and newer. For
non-user builds, debugfs can still be accessed by root and by the
dumpstate HAL during bugreport collection.
Bug: 184381659
Test: build/boot
Change-Id: I2af49acd8a5b3440c6ecbf365ab43cdb33ff897a
Small typo in the AndroidMk sanitizer config, where adding heap MTE
ended up promoting CFI to diagnostic CFI accidentally, where this isn't
a valid transformation.
Bug: 184397138
Test: lunch aosp_sunfish-userdebug
Test: PRODUCT_MEMTAG_HEAP_ASYNC_INCLUDE_PATHS=\
Test: "hardware/qcom frameworks/opt/net/wifi" \
Test: CFI_INCLUDE_PATHS=hardware/qcom \
Test: m libwifi-hal
Change-Id: I74a03debf0042f2ee004503dd4a0e81131bd9fde
aosp/1664081 introduces a bug where if BOARD_VENDOR_RAMDISK_FRAGMENTS is
empty, then INTERNAL_VENDOR_RAMDISK_FRAGMENTS would become " " (single
whitespace).
Just unconditionally $(strip ...) the variable to remove any extra
whitespace.
Bug: 183395459
Test: m dist and check *-target_files-*.zip
Change-Id: Ic842756f3a64c073593592d22c980820664e11c1
If BOARD_BOOT_HEADER_VERSION >= 4,
BOARD_MOVE_RECOVERY_RESOURCES_TO_VENDOR_BOOT is true and
BOARD_INCLUDE_RECOVERY_RAMDISK_IN_VENDOR_BOOT is true, then build
recovery as a standalone ramdisk fragment in vendor_boot image.
The recovery ramdisk would be a vendor ramdisk fragment packaged in
vendor_boot, whose ramdisk_name is "recovery" and ramdisk_type is
"VENDOR_RAMDISK_TYPE_RECOVERY".
Bootloader can omit loading the recovery ramdisk during normal boot to
optimize the size of the initramfs.
Bug: 183395459
Test: Presubmit
Test: Modify BoardConfig of CF and m dist. Verify the vendor_boot.img
with unpack_bootimg.
Test: Strip the vendor_boot of the recovery ramdisk, and verify that CF
can boot to normal boot without the recovery ramdisk.
Change-Id: I6e9a2781ec87aece10d4844fa18bbe9a7b4674e6
