StrixOS/build_soong
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add path interposer

Browse Source 
This will allow us to track (and eventually limit) the commands that the
build references via $PATH. These are mostly implicit dependencies on
the host system -- for Linux, we assume something similar to Ubuntu
14.04 with a few extra packages, but this will let us better define
that.

This will not catch uses of tools with absolute paths (/bin/bash, etc),
but most uses shouldn't be relying on absolute path names anyways.

Adds ~400ms on the first startup, ~140ms on subsequent runs, and
overhead of a few ms for every forwarded execution.

Test: m
Test: build/soong/build_test.bash
Test: Add `gcc --version`, TEMPORARY_DISABLE_PATH_RESTRICTIONS=true m
Change-Id: Id68cbb1c8ceef65bbbb10751e83722c7662d2351
This commit is contained in:
Dan Willemsen
2017-10-28 22:57:22 -07:00
parent 6af008fc0f
commit a14704c12b
11 changed files with 997 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
python/scripts/stub_template_host.txt
View File

@@ -18,8 +18,6 @@ def SearchPathEnv(name):
for directory in search_path:
if directory == '': continue
path = os.path.join(directory, name)
if os.path.islink(path):
path = os.path.realpath(path)
# Check if path is actual executable file.
if os.path.isfile(path) and os.access(path, os.X_OK):
return path