OSDN Git Service
Gina Dimino [Tue, 5 Jan 2016 23:00:36 +0000 (15:00 -0800)]
Docs: Encode URL input to search box
Bug:
26287939
Change-Id: Ica656034412b517e182333f5fe4f6e9bc5f300f3
Elliott Hughes [Tue, 5 Jan 2016 17:36:09 +0000 (17:36 +0000)]
Merge "Clean up Mac OS hacks in acp slightly."
Elliott Hughes [Tue, 5 Jan 2016 17:26:54 +0000 (09:26 -0800)]
Clean up Mac OS hacks in acp slightly.
Change-Id: I7cba3a345cd8907ae050961cc4f173003ac90f39
Narayan Kamath [Tue, 5 Jan 2016 17:15:35 +0000 (17:15 +0000)]
Merge "CopyFile: Remove bogus reference to HAVE_VALID_STAT_ST_INO"
Narayan Kamath [Tue, 5 Jan 2016 16:16:37 +0000 (16:16 +0000)]
CopyFile: Remove bogus reference to HAVE_VALID_STAT_ST_INO
This was never defined anywhere and only Windows doesn't have
a valid st_ino field on struct stat.
bug:
26355387
Change-Id: I40b8779606057281e2e6a2723ef93cd2f2d99a68
Dan Willemsen [Tue, 5 Jan 2016 05:47:43 +0000 (05:47 +0000)]
Merge "Prevent changes to COMMON_GLOBAL_C(PP)FLAGS"
Tao Bao [Mon, 4 Jan 2016 19:46:55 +0000 (19:46 +0000)]
Merge "Build delta_generator for A/B update."
Tao Bao [Mon, 4 Jan 2016 17:57:32 +0000 (09:57 -0800)]
Build delta_generator for A/B update.
delta_generator computes the OTA package (aka payload) for A/B update.
Also add its dependent libraries into otatools.zip.
Bug:
25715402
Change-Id: Iddf4b9ac188cc4c8bf3f89ce3641d68451632ba1
Christopher Wiley [Mon, 4 Jan 2016 16:59:58 +0000 (16:59 +0000)]
Merge "Fix compiler warnings on Windows in CopyFile.c"
Christopher Wiley [Wed, 30 Dec 2015 20:24:40 +0000 (12:24 -0800)]
Fix compiler warnings on Windows in CopyFile.c
direct.h declares _mkdir() on Windows.
Prevent future compiler warnings with -Wall and -Werror.
Bug:
26355209
Test: `mmma -j30 build/libs/host` for aosp_arm64-eng is successful.
Change-Id: I6d6e4edca98bef57d62829e9d1ef4e2a96cdad3d
Christopher Wiley [Wed, 30 Dec 2015 19:06:32 +0000 (19:06 +0000)]
Merge "Fix unused parameter warnings in CopyFile.c"
Christopher Wiley [Wed, 30 Dec 2015 18:43:22 +0000 (10:43 -0800)]
Fix unused parameter warnings in CopyFile.c
Bug:
26355209
Test: Compiles
Change-Id: I6f804f150ec08de5a1b3272ae59bc921dd6d0c9c
Narayan Kamath [Wed, 30 Dec 2015 11:43:35 +0000 (11:43 +0000)]
Merge "Revert "Temporary workaround to build bouncycastle / nist-pkits""
Narayan Kamath [Thu, 24 Dec 2015 12:39:51 +0000 (12:39 +0000)]
Revert "Temporary workaround to build bouncycastle / nist-pkits"
This reverts commit
3006881f84c9abf1ab85b77ecd4e815c4cb880d0.
Narayan Kamath [Thu, 24 Dec 2015 11:56:45 +0000 (11:56 +0000)]
Merge changes from topic 'aosp-merge-24-12'
* changes:
Temporary workaround to build bouncycastle / nist-pkits
Build: Build changes for multi oat/image support.
Allow modules to override the default NOTICE file.
Track introduction of libopenjdkjvm.
Allow for 5200 words in dump-words-to-file
Update the package whitelist for the boot image.
Use core-oj alongside core-libart wherever required.
Narayan Kamath [Thu, 24 Dec 2015 11:35:24 +0000 (11:35 +0000)]
Temporary workaround to build bouncycastle / nist-pkits
Change-Id: I20bb834f08eeff03f627ab7d8f422a5ba9f3eb1a
Jeff Hao [Thu, 17 Dec 2015 01:20:11 +0000 (17:20 -0800)]
Build: Build changes for multi oat/image support.
Use the --multi-image option to generate a preopted boot image. This
generates a separate oat file and image file output for each dex file
input.
Stop inlining core.
(cherry picked from commit
d1d3fd933f3d79dfffc12c68a21ae1a1e1b21cc0)
Change-Id: Ibd23bc06d346ff404cabd88f7461f041af6016dd
Narayan Kamath [Tue, 22 Dec 2015 14:34:09 +0000 (14:34 +0000)]
Allow modules to override the default NOTICE file.
It's useful in projects where different top level modules have
different licenses associated with them.
(cherry picked from commit
3026f4daf11b2d4729559d49624e748a82f15495)
Change-Id: I71b20d6f979c0f50562f4f44b2af1f3ec2909444
Narayan Kamath [Fri, 18 Dec 2015 11:10:53 +0000 (11:10 +0000)]
Track introduction of libopenjdkjvm.
(cherry picked from commit
2eb52037e8c06473d0d8de7fb68acc5beccdc6ba)
Change-Id: Ib8683d7e628ae4b09f359ecedc93f77199205cef
Przemyslaw Szczepaniak [Fri, 20 Nov 2015 15:05:03 +0000 (15:05 +0000)]
Allow for 5200 words in dump-words-to-file
After switching to OpenJdk, doc-comment-check target
started to fail due to "Too many words (5082)" while
generating out/target/common/docs/doc-comment-check-timestamp.rsp
This change extends number of dumped words to 5200.
Bug:
25758743
(cherry picked from commit
972a2681c6cb1992886195b9e69234ef786cb876)
Change-Id: I9b8516d1e7c113d667dcfb7963ee352972677afa
Narayan Kamath [Tue, 17 Nov 2015 18:34:53 +0000 (18:34 +0000)]
Update the package whitelist for the boot image.
.. to track the inclusion of OpenJdk.
(cherry picked from commit
b3c9e4a22ee6d32a99a5c9a7b833e2644a690c82)
Change-Id: Ie7277a0403dee9ccd114d9dcb7bf95cdaf5688a0
Piotr Jastrzebski [Tue, 17 Feb 2015 16:55:52 +0000 (16:55 +0000)]
Use core-oj alongside core-libart wherever required.
With some core classes moved to separate core-oj jar
we need to use the new jar.
(cherry picked from commit
89b94c827f92e107b286ab60876ff9f75ba22a33)
Change-Id: I025c0adc70535bf23def3ab0ce28a1bfaef72514
Nick Kralevich [Wed, 23 Dec 2015 20:22:30 +0000 (20:22 +0000)]
Merge "set ro.adb.secure=1 for user builds"
Daniel Micay [Wed, 16 Dec 2015 21:42:49 +0000 (16:42 -0500)]
set ro.adb.secure=1 for user builds
In user builds, adb without authentication is always disabled. However,
it doesn't work with the defaults because authentication doesn't work
without having ro.adb.secure=1 set. It makes sense to offer builds with
no adb but not builds with adb present in an unusable state (especially
as the default).
Bug:
22220212
Bug:
21862859
Change-Id: Ic22300a70586fd57692ac59d6873ab16dde70919
Tao Bao [Tue, 22 Dec 2015 22:22:44 +0000 (22:22 +0000)]
Merge "Makefile: Clean up the condition for RECOVERY_RESOURCE_ZIP."
Dan Willemsen [Tue, 22 Dec 2015 22:05:30 +0000 (22:05 +0000)]
Merge "Default LOCAL_MULTILIB:=both for HOST_NATIVE_TEST"
Tao Bao [Tue, 22 Dec 2015 17:47:46 +0000 (09:47 -0800)]
Makefile: Clean up the condition for RECOVERY_RESOURCE_ZIP.
Change-Id: I6909d4572bd54da48f7fd6b76d4a5ee03c84206c
Yohann Roussel [Tue, 22 Dec 2015 13:59:49 +0000 (13:59 +0000)]
Merge "Always start jack server before first call to jack"
Dan Willemsen [Tue, 22 Dec 2015 00:34:25 +0000 (16:34 -0800)]
Default LOCAL_MULTILIB:=both for HOST_NATIVE_TEST
The target BUILD_NATIVE_TEST defaults to building both 32 and 64-bit
versions of the tests. Many of our host tests have opted into this
manually, but some have not. Switch the default on the host tests to
stay consistent.
To preserve script compatibility, a symlink remains pointing to the
binary that would have been built before this change.
Change-Id: I9585984e933c2ac36134fc1968736c0bb5fea7be
Shinichiro Hamaji [Mon, 21 Dec 2015 22:46:01 +0000 (22:46 +0000)]
Merge "Do not use $? in recipe"
Tao Bao [Mon, 21 Dec 2015 19:17:56 +0000 (19:17 +0000)]
Merge "Allow building recovery as boot."
Daniel Rosenberg [Wed, 11 Nov 2015 03:21:34 +0000 (19:21 -0800)]
Allow building recovery as boot.
With BOARD_USES_RECOVERY_AS_BOOT = true, we skip building the
non-ramdisk boot.img but building the recovery image as boot.img. It
contains recovery's ramdisk (e.g. with /sbin/recovery). It depends on
the bootloader parameter (skip_initramfs) to determine the actual mode
to boot into.
Change-Id: Id6e2d0a2b94383944ca8f35bba688c6401745622
(cherry picked from commit
d80bef2b9e7aa5f92ab017247442798f47736566)
Evgenii Stepanov [Mon, 21 Dec 2015 18:32:36 +0000 (18:32 +0000)]
Merge "Remove RPATH for AddressSanitizer."
Evgenii Stepanov [Mon, 21 Dec 2015 18:29:54 +0000 (10:29 -0800)]
Remove RPATH for AddressSanitizer.
RPATH was used in order for ASan executables to prefer ASan libraries
under /data. Now ASan executables use a special loader (linker_asan),
which implements this logic. RPATH is no longer needed.
Change-Id: Ic7a39b022267b80bd0ce3e95a2e822eb308a1fba
Shinichiro Hamaji [Fri, 18 Dec 2015 06:50:10 +0000 (15:50 +0900)]
Do not use $? in recipe
Kati cannot support this automatic variable as ninja doesn't
have a feature for this.
Change-Id: Ibc3a18dc5739b5008b156d2672a626621e046f5a
Yohann Roussel [Mon, 21 Dec 2015 12:57:29 +0000 (12:57 +0000)]
Merge "Do not set Jack source version, use default"
Sami Tolvanen [Mon, 21 Dec 2015 11:21:16 +0000 (11:21 +0000)]
Merge "build_image: don't call append2simg for FEC"
Sami Tolvanen [Mon, 21 Dec 2015 11:19:26 +0000 (11:19 +0000)]
Merge "build_image: remove an unnecessary call to append2simg"
Shinichiro Hamaji [Mon, 21 Dec 2015 05:48:44 +0000 (05:48 +0000)]
Merge "Disable goma/ccache with USE_XXX=false"
Elliott Hughes [Fri, 18 Dec 2015 21:36:49 +0000 (21:36 +0000)]
Merge "Enable -fstack-protector-strong for arm64."
Elliott Hughes [Fri, 18 Dec 2015 21:36:27 +0000 (21:36 +0000)]
Merge "Enable -fstack-protector-strong for arm."
Dan Willemsen [Wed, 16 Dec 2015 21:10:35 +0000 (13:10 -0800)]
Prevent changes to COMMON_GLOBAL_C(PP)FLAGS
Reorder the definitions of the core cflags so that we can prevent device
configurations from changing the global C(PP)FLAGS.
There is no reason for devices to be configuring the global cflags -- if
something needs to change for a particular device, that flag should be
defined in the BoardConfig.mk, then used in the individual makefiles
where it is needed. The common global flags also affected host tools,
which should not change between device configurations.
Bug:
26165350
Change-Id: Icece4505ce3d2a9168087d802953378534018d47
Alex Klyubin [Fri, 18 Dec 2015 18:06:37 +0000 (18:06 +0000)]
Merge "Move signapk sources to src dir."
Sami Tolvanen [Fri, 18 Dec 2015 15:50:25 +0000 (15:50 +0000)]
build_image: don't call append2simg for FEC
append2simg can be slow, so generate error correction data before verity
data is appended, and append all metadata to the image at the same time.
Needs matching changes from
I09349368925e5e2f2a7961a712a1e933eb0b9ec8
Bug:
26251929
Change-Id: Iea8cee0aee353b4d029d9581e8fbd68ec7b7dd4b
Sami Tolvanen [Fri, 18 Dec 2015 13:24:56 +0000 (13:24 +0000)]
build_image: remove an unnecessary call to append2simg
append2simg on a large image is fairly slow, so append verity metadata to
the hash tree to avoid two calls.
Bug:
26251929
Change-Id: I5ec84dcd6e8500e990af13b1f9cef5e809b41605
Yohann Roussel [Fri, 18 Dec 2015 09:30:21 +0000 (10:30 +0100)]
Do not set Jack source version, use default
Default source version is 1.7 in Jack B and Jack C so this means no
change to default. Not forcing it in the build rules will allow to
change it in LOCAL_JACK_FLAGS.
Bug:
26257295
Change-Id: If9b5fe250eea4bc6bcb3c16ad9cf7024d399ff3c
Shinichiro Hamaji [Fri, 18 Dec 2015 06:26:17 +0000 (15:26 +0900)]
Disable goma/ccache with USE_XXX=false
Bug:
26009364
Change-Id: Ic0001e6fdc62ca2373309bfe3127c5fec64d2d85
Neil Fuller [Thu, 17 Dec 2015 10:18:28 +0000 (10:18 +0000)]
Merge "Set -Xdoclint:none"
Dan Willemsen [Wed, 16 Dec 2015 23:30:40 +0000 (23:30 +0000)]
Merge "Define __BRILLO__ only for target modules"
Dan Willemsen [Wed, 16 Dec 2015 23:14:09 +0000 (23:14 +0000)]
Merge "Move __BRILLO__ to the core build system"
Dan Willemsen [Wed, 16 Dec 2015 23:04:51 +0000 (15:04 -0800)]
Define __BRILLO__ only for target modules
__ANDROID__ is only defined for target modules, do the same for
__BRILLO__.
Change-Id: Ie1417e1a5b21c051acf05b2bd3bdb3ddd31be878
Dan Willemsen [Wed, 16 Dec 2015 21:32:27 +0000 (13:32 -0800)]
Move __BRILLO__ to the core build system
In preparation for locking down COMMON_GLOBAL_CFLAGS.
Bug:
26165350
Change-Id: Ifdfb7808c1e1b624ffb0f99ab443ec2c5503a81c
Todd Poynor [Wed, 16 Dec 2015 22:12:53 +0000 (22:12 +0000)]
Merge "Make squashfs sparse image generation optional"
Ying Wang [Wed, 16 Dec 2015 21:42:07 +0000 (21:42 +0000)]
Merge "make USER limited to 6 characters when generating BUILD_NUMBER"
Narayan Kamath [Thu, 10 Dec 2015 22:24:39 +0000 (22:24 +0000)]
Set -Xdoclint:none
Mac builds use a javadoc tool that fails on more warnings than linux
builds. Add -Xdoclint:none to all java 8 standard doclet javadoc
commands.
Don't add it to javadoc commands that use the com.google.doclava.Doclava
doclet, it doesn't understand -Xdoclint:none.
(cherry-picked from commit
8bf7b5d51a6ff9a6d9b5cc5c21ecbf2ae5d0e804)
Change-Id: Ic5b8431ec2facb7989473b06ebe07246f6d2317f
Gina Dimino [Wed, 16 Dec 2015 18:49:42 +0000 (18:49 +0000)]
Merge "Docs: Replace custom search engine Bug:
25778395"
Gina Dimino [Mon, 14 Dec 2015 21:44:19 +0000 (13:44 -0800)]
Docs: Replace custom search engine
Bug:
25778395
Change-Id: I432698f63088a3e4ec285e46c7de2295c4cefad3
Than McIntosh [Wed, 16 Dec 2015 12:02:04 +0000 (12:02 +0000)]
Merge "Re-enable gold linker for aarch64."
weiqiao [Tue, 15 Dec 2015 07:57:22 +0000 (15:57 +0800)]
make USER limited to 6 characters when generating BUILD_NUMBER
BUILD_NUMBER is use to generate ro.build.description and
ro.build.display.id, if USER is long, these properties will
exceed 91 characters easily.
Change-Id: I7f99ef351f80210172a873104edd980b36c3f8f1
Signed-off-by: weiqiao <qiaowei224@gmail.com>
Todd Poynor [Wed, 16 Dec 2015 02:00:14 +0000 (18:00 -0800)]
Make squashfs sparse image generation optional
Allow non-sparse squashfs image generation, a la ext filesystems.
Bug:
26218766
Change-Id: Ifd596af16411e0cf69a2e7e05d725fd9442dc79c
Colin Cross [Wed, 16 Dec 2015 01:47:14 +0000 (01:47 +0000)]
Merge "Tell soong that it is embedded in a make build"
Dan Willemsen [Fri, 11 Dec 2015 21:50:00 +0000 (13:50 -0800)]
Tell soong that it is embedded in a make build
So that it can munge its ninja targets to not conflict with make.
Change-Id: I0c2273c0ca2fdfced1fa1590f2ea3eac8cddb905
Colin Cross [Wed, 16 Dec 2015 01:46:52 +0000 (01:46 +0000)]
Merge "Combine soong builds into make builds"
Colin Cross [Wed, 16 Dec 2015 00:56:08 +0000 (00:56 +0000)]
Merge "Remove unneccessary TARGET_BUILD_APPS conditional"
Colin Cross [Mon, 9 Nov 2015 22:53:36 +0000 (14:53 -0800)]
Combine soong builds into make builds
Bootstrap soong if necessary, and wrap the kati and soong ninja files
into a single ninja file.
Change-Id: I0000c7eaa1adda763189681c57ec27a97a12ee1f
Colin Cross [Thu, 3 Dec 2015 01:17:51 +0000 (17:17 -0800)]
Remove unneccessary TARGET_BUILD_APPS conditional
The prebuilt tools no longer conflict with the tools built from source,
remove the conditional.
Change-Id: Id334e25d9cfa2d5934450dd223bc9e30cd890062
Ying Wang [Tue, 15 Dec 2015 21:45:44 +0000 (21:45 +0000)]
Merge "Remove the prebuilt tools cleanstep logic."
Ying Wang [Tue, 15 Dec 2015 20:39:02 +0000 (12:39 -0800)]
Remove the prebuilt tools cleanstep logic.
We switched to running prebuilt host tools in place in
prebuilts/sdk/tools in TARGET_BUILD_APPS build. This logic is no longer
needed.
Change-Id: Ibf88b3c0a09fb3a1a04b25403457c48851ecc6f4
Ying Wang [Tue, 15 Dec 2015 18:56:39 +0000 (18:56 +0000)]
Merge "Disable .toc optimization for host modules."
Ying Wang [Tue, 15 Dec 2015 18:00:19 +0000 (10:00 -0800)]
Disable .toc optimization for host modules.
Host binaries may be run during the build process and the internal
implementation of the shared libraries makes a difference for the build
result. This change makes sure host tools get re-linked and re-run when
any of its dependency libraries gets updated.
DEX2OAT is such a host tool. We also changed DEX2OAT as full dependency
of dex-preoptimization, so we rebuild the odex files if DEX2OAT itself,
or any dependency libraries changed.
Bug:
24597504
Change-Id: Idf0d9be82ccebd826d9c5b405a39cff437e0af29
Alex Klyubin [Tue, 15 Dec 2015 17:08:45 +0000 (09:08 -0800)]
Move signapk sources to src dir.
This also makes source files follow the standard directory structure
based on Java package names.
Bug:
25794543
Change-Id: Ie0b568057f836e56407f76d29eeacd28ab907ba8
Than McIntosh [Tue, 15 Dec 2015 14:22:06 +0000 (09:22 -0500)]
Re-enable gold linker for aarch64.
Turn back on ld.gold and W-l,--icf=safe for
aarch64, now that the prebuilt ld.gold has been updated
with support for reloc 311/312 (fixed upstream, see
https://sourceware.org/bugzilla/show_bug.cgi?id=19042)
Bug:
25642296
Bug:
26153840
Change-Id: Idceb357a48d9da4eec38ab8f2103245d500622ae
Shinichiro Hamaji [Tue, 15 Dec 2015 06:27:31 +0000 (06:27 +0000)]
Merge "Reduce unnecessary rebuilds of .dex files with restat=1"
Elliott Hughes [Mon, 14 Dec 2015 22:48:38 +0000 (22:48 +0000)]
Merge "Turn on stack protector for mips64."
Elliott Hughes [Mon, 14 Dec 2015 22:46:38 +0000 (14:46 -0800)]
Turn on stack protector for mips64.
Go straight to -fstack-protector-strong, since it works to boot the emulator.
Change-Id: I2b65a0ab4426856ae05f66c1e294951e45bd72b6
Elliott Hughes [Mon, 14 Dec 2015 22:46:23 +0000 (22:46 +0000)]
Merge "Turn on stack protector for mips."
Elliott Hughes [Mon, 14 Dec 2015 22:15:12 +0000 (14:15 -0800)]
Turn on stack protector for mips.
Go straight to -fstack-protector-strong, since it works to boot the emulator.
Change-Id: Ie44abd869355d2163dec7d9e2635b26b45255df6
Elliott Hughes [Mon, 14 Dec 2015 21:45:40 +0000 (21:45 +0000)]
Merge "Enable -fstack-protector-strong for x86-64."
Elliott Hughes [Mon, 14 Dec 2015 21:41:58 +0000 (21:41 +0000)]
Merge "Be smarter about stack-protector on the host."
Elliott Hughes [Mon, 14 Dec 2015 21:20:59 +0000 (13:20 -0800)]
Be smarter about stack-protector on the host.
Some projects are still built with our host GCC 4.8, which doesn't
support -fstack-protector-strong. The combo .mk files are used by
GCC and clang, so it's not safe to turn on -fstack-protector-strong
there. Instead, do it in the clang-specific .mk for now.
We can clean this up when elfutils (the last code built for the host
with GCC that I'm aware of) is built by clang. We'll be able to
remove the host GCC prebuilts too!
Change-Id: I314b9eab071c132a8e2cb8cc779a75ae8abb12e2
Elliott Hughes [Mon, 14 Dec 2015 21:05:21 +0000 (21:05 +0000)]
Merge "Enable -fstack-protector-strong for x86."
Elliott Hughes [Mon, 14 Dec 2015 20:31:10 +0000 (20:31 +0000)]
Merge "Enable -fstack-protector-strong for the host."
Elliott Hughes [Mon, 14 Dec 2015 19:18:24 +0000 (11:18 -0800)]
Enable -fstack-protector-strong for arm64.
This results in nearly all functions with the possibility of stack
corruption getting stack canaries, because it applies to any function
taking a reference to the frame or with a local array rather than just
the functions with arrays larger than 8 bytes. It was developed for use
in Chrome (and Chrome OS) and has also been adopted by various other
distributions (Arch, Fedora, Ubuntu, etc).
The code size increase ranges from ~1.5% to ~2.5%, compared to ~0.3% to
~0.7% with the more conservative switch. The increase in the performance
loss is usually minimal. The overall size increase once everything other
than C and C++ code is taken into account is minimal, and it greatly
improves the mitigation of stack buffer overflow vulnerabilities.
https://lwn.net/Articles/584225/
Change-Id: I2fb7f0bfccbfa5d22ca8858309a133469edbc7b6
Elliott Hughes [Mon, 14 Dec 2015 19:17:08 +0000 (11:17 -0800)]
Enable -fstack-protector-strong for arm.
This results in nearly all functions with the possibility of stack
corruption getting stack canaries, because it applies to any function
taking a reference to the frame or with a local array rather than just
the functions with arrays larger than 8 bytes. It was developed for use
in Chrome (and Chrome OS) and has also been adopted by various other
distributions (Arch, Fedora, Ubuntu, etc).
The code size increase ranges from ~1.5% to ~2.5%, compared to ~0.3% to
~0.7% with the more conservative switch. The increase in the performance
loss is usually minimal. The overall size increase once everything other
than C and C++ code is taken into account is minimal, and it greatly
improves the mitigation of stack buffer overflow vulnerabilities.
https://lwn.net/Articles/584225/
Change-Id: Iccc20852db8a5e4dd9792f9da6d5e325fc59b0a5
Elliott Hughes [Mon, 14 Dec 2015 19:16:20 +0000 (11:16 -0800)]
Enable -fstack-protector-strong for x86-64.
This results in nearly all functions with the possibility of stack
corruption getting stack canaries, because it applies to any function
taking a reference to the frame or with a local array rather than just
the functions with arrays larger than 8 bytes. It was developed for use
in Chrome (and Chrome OS) and has also been adopted by various other
distributions (Arch, Fedora, Ubuntu, etc).
The code size increase ranges from ~1.5% to ~2.5%, compared to ~0.3% to
~0.7% with the more conservative switch. The increase in the performance
loss is usually minimal. The overall size increase once everything other
than C and C++ code is taken into account is minimal, and it greatly
improves the mitigation of stack buffer overflow vulnerabilities.
https://lwn.net/Articles/584225/
Change-Id: I3ce7a73c5cf36eba5c74df37367f3d3475b0a4ed
Elliott Hughes [Mon, 14 Dec 2015 19:15:15 +0000 (11:15 -0800)]
Enable -fstack-protector-strong for x86.
This results in nearly all functions with the possibility of stack
corruption getting stack canaries, because it applies to any function
taking a reference to the frame or with a local array rather than just
the functions with arrays larger than 8 bytes. It was developed for use
in Chrome (and Chrome OS) and has also been adopted by various other
distributions (Arch, Fedora, Ubuntu, etc).
The code size increase ranges from ~1.5% to ~2.5%, compared to ~0.3% to
~0.7% with the more conservative switch. The increase in the performance
loss is usually minimal. The overall size increase once everything other
than C and C++ code is taken into account is minimal, and it greatly
improves the mitigation of stack buffer overflow vulnerabilities.
https://lwn.net/Articles/584225/
Change-Id: I55a9fdbf5777ccdeed9f2e9a23c73bb94ad7b646
Elliott Hughes [Mon, 14 Dec 2015 19:14:21 +0000 (11:14 -0800)]
Enable -fstack-protector-strong for the host.
This results in nearly all functions with the possibility of stack
corruption getting stack canaries, because it applies to any function
taking a reference to the frame or with a local array rather than just
the functions with arrays larger than 8 bytes. It was developed for use
in Chrome (and Chrome OS) and has also been adopted by various other
distributions (Arch, Fedora, Ubuntu, etc).
The code size increase ranges from ~1.5% to ~2.5%, compared to ~0.3% to
~0.7% with the more conservative switch. The increase in the performance
loss is usually minimal. The overall size increase once everything other
than C and C++ code is taken into account is minimal, and it greatly
improves the mitigation of stack buffer overflow vulnerabilities.
https://lwn.net/Articles/584225/
Change-Id: I97a2187cebac64e3b9f22b691d4676b6da083ebd
Shinichiro Hamaji [Wed, 9 Dec 2015 09:06:20 +0000 (18:06 +0900)]
Reduce unnecessary rebuilds of .dex files with restat=1
The .dex.toc files are created by dexdump, which outputs all
information in a .dex file which may affect compilation of
other modules.
For prebuilt java libraries and static java libraries, we'll
output empty .toc files and don't set restat=1. .dex.toc files
are necessary even for static java libraries because they can
be referenced by LOCAL_JAVA_LIBRARIES (instead of
LOCAL_STATIC_JAVA_LIBRARIES).
We don't use this optimization for apps build. We cannot build
dexdump for apps build due to lack of libc++.
Performance:
$ m && touch \
frameworks/base/core/java/com/google/android/util/Procedure.java \
&& time m
Before: 3m48s
After: 1m46s
Bug:
24597504
Change-Id: Id1665923b414dee705dc60af4c021390a19ea26f
Stephen Hines [Sun, 13 Dec 2015 23:06:03 +0000 (23:06 +0000)]
Merge "Revert "Change USE_CLANG_PLATFORM_BUILD default to true.""
Stephen Hines [Sun, 13 Dec 2015 22:58:22 +0000 (22:58 +0000)]
Revert "Change USE_CLANG_PLATFORM_BUILD default to true."
This reverts commit
3c8036da538bbbf259ae4d56cc808943398cc45b.
Change-Id: I930bbebce8396d7c0abd847530640a696d3418e7
Nick Kralevich [Sat, 12 Dec 2015 01:07:07 +0000 (01:07 +0000)]
Merge "sepolicy: Fix 'avc denied' issues for the emulators"
Dan Albert [Sat, 12 Dec 2015 00:09:16 +0000 (00:09 +0000)]
Merge "Use lib64 for mips64 as well."
Dan Albert [Fri, 11 Dec 2015 20:49:18 +0000 (12:49 -0800)]
Use lib64 for mips64 as well.
This was previously working because for some reason prebuilts/ndk had
a tangled mess of hand assembled symlinks that pointed lib -> lib64
for the multilib architectures.
Change-Id: I294d67f58f2008b1a53790cf676f5223df449cbc
Dan Willemsen [Fri, 11 Dec 2015 20:58:03 +0000 (20:58 +0000)]
Merge "Enforce linker version-scripts are valid"
Alex Klyubin [Fri, 11 Dec 2015 18:29:36 +0000 (18:29 +0000)]
Merge "Make signapk use Conscrypt."
Chih-hung Hsieh [Fri, 11 Dec 2015 16:54:13 +0000 (16:54 +0000)]
Merge "Change USE_CLANG_PLATFORM_BUILD default to true."
Alex Klyubin [Thu, 10 Dec 2015 21:38:50 +0000 (13:38 -0800)]
Make signapk use Conscrypt.
This makes the signapk tool use Conscrypt (where possible) instead of
the platform-default JCA providers and the Bouncy Castle JCA provider.
This speeds up (by 10-30%) APK and OTA update signing because
Conscrypt's crypto primitives are backed by BoringSSL.
Previously, the signapk tool consisted only of the signapk.jar.
Because Conscrypt is backed by native code, signapk now consists of
signapk.jar and crypto_openjdk_jni shared library. This requires that
users of the tool be updated to provide a suitable -Djava.library.path
argument to the Java runtime. This change updates all known users of
the tool inside the Android source tree to do so.
Bug:
26097626
Change-Id: I8411b37d7f771ed99269751a3007dff103083552
Miroslav Tisma [Thu, 10 Dec 2015 11:23:40 +0000 (12:23 +0100)]
sepolicy: Fix 'avc denied' issues for the emulators
This commit fixes the avc denied issues in the emulators:
- goldfish_setup is granted for network access
- netd dontaudit for sys_module
- qemu_prop is granted domain for get_prop
Critical issue was that SELinux denied reading the lcd_density property
by SurfaceFlinger via qemu_prop and this commit fixes it.
Change-Id: I633d96f4d2ee6659f18482a53e21f816abde2a5f
Signed-off-by: Miroslav Tisma <miroslav.tisma@imgtec.com>
Chih-Hung Hsieh [Thu, 10 Dec 2015 22:13:43 +0000 (14:13 -0800)]
Change USE_CLANG_PLATFORM_BUILD default to true.
When USE_CLANG_PLATFORM_BUILD is not set, default will be clang/llvm.
USE_CLANG_PLATFORM_BUILD=false can be used to select gcc as default.
BUG:
23163853
BUG:
26102335
Change-Id: I00604c2aef4849e8c3505b2c4002eb1c46cd1fd1
Alex Deymo [Thu, 10 Dec 2015 22:18:34 +0000 (22:18 +0000)]
Merge "Rename libext2 host libraries to standard suffix."