Add path interposer

This will allow us to track (and eventually limit) the commands that the build references via $PATH. These are mostly implicit dependencies on the host system -- for Linux, we assume something similar to Ubuntu 14.04 with a few extra packages, but this will let us better define that. This will not catch uses of tools with absolute paths (/bin/bash, etc), but most uses shouldn't be relying on absolute path names anyways. Adds ~400ms on the first startup, ~140ms on subsequent runs, and overhead of a few ms for every forwarded execution. Test: m Test: build/soong/build_test.bash Test: Add `gcc --version`, TEMPORARY_DISABLE_PATH_RESTRICTIONS=true m Change-Id: Id68cbb1c8ceef65bbbb10751e83722c7662d2351
2017-10-28 22:57:22 -07:00
parent 6af008fc0f
commit a14704c12b
11 changed files with 997 additions and 2 deletions
--- a/cmd/path_interposer/Android.bp
+++ b/cmd/path_interposer/Android.bp
@@ -0,0 +1,20 @@
+// Copyright 2018 Google Inc. All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+blueprint_go_binary {
+    name: "path_interposer",
+    deps: ["soong-ui-build-paths"],
+    srcs: ["main.go"],
+    testSrcs: ["main_test.go"],
+}