17de88981f
This allows applications to turn on MTE. The current design of MTE inside of Scudo doesn't allow us to late-enable MTE (but we can late-disable it). Thus, we have to enable tagging in the Zygote in order to allow apps and the system_server to control their own MTE behaviour. We intentionally use ASYNC mode so that we don't waste memory collecting stack traces from the zygote pre-fork. Given that the zygote is mostly Java code, the process itself should be pretty low risk for memory corruption. Bug: 135772972 Bug: 172365548 Test: On FVP: atest -s localhost:5555 \ com.android.cts.tagging.TaggingSdk30Test#testMemoryTagChecksCompatFeatureEnabled \ com.android.cts.tagging.TaggingSdk30Test#testMemoryTagChecksCompatFeatureDisabled Change-Id: I9da2c33cb6022033264f443308d5508b3ff8da9e
75 lines
2.3 KiB
Plaintext
75 lines
2.3 KiB
Plaintext
cc_binary {
|
|
name: "app_process",
|
|
|
|
srcs: ["app_main.cpp"],
|
|
|
|
multilib: {
|
|
lib32: {
|
|
// TODO(b/142944043): Remove version script when libsigchain is a DSO.
|
|
version_script: "version-script32.txt",
|
|
suffix: "32",
|
|
},
|
|
lib64: {
|
|
// TODO(b/142944043): Remove version script when libsigchain is a DSO.
|
|
version_script: "version-script64.txt",
|
|
suffix: "64",
|
|
},
|
|
},
|
|
|
|
ldflags: ["-Wl,--export-dynamic"],
|
|
|
|
shared_libs: [
|
|
"libandroid_runtime",
|
|
"libbinder",
|
|
"libcutils",
|
|
"libdl",
|
|
"libhidlbase",
|
|
"liblog",
|
|
"libnativeloader",
|
|
"libutils",
|
|
|
|
// This is a list of libraries that need to be included in order to avoid
|
|
// bad apps. This prevents a library from having a mismatch when resolving
|
|
// new/delete from an app shared library.
|
|
// See b/21032018 for more details.
|
|
"libwilhelm",
|
|
],
|
|
|
|
whole_static_libs: ["libsigchain"],
|
|
|
|
compile_multilib: "both",
|
|
|
|
cflags: [
|
|
"-Wall",
|
|
"-Werror",
|
|
"-Wunused",
|
|
"-Wunreachable-code",
|
|
],
|
|
|
|
// If SANITIZE_LITE is revived this will need:
|
|
//product_variables: {
|
|
// sanitize_lite: {
|
|
// // In SANITIZE_LITE mode, we create the sanitized binary in a separate location (but reuse
|
|
// // the same module). Using the same module also works around an issue with make: binaries
|
|
// // that depend on sanitized libraries will be relinked, even if they set LOCAL_SANITIZE := never.
|
|
// //
|
|
// // Also pull in the asanwrapper helper.
|
|
// relative_install_path: "asan",
|
|
// required: ["asanwrapper"],
|
|
// },
|
|
//},
|
|
|
|
// Create a symlink from app_process to app_process32 or 64
|
|
// depending on the target configuration.
|
|
symlink_preferred_arch: true,
|
|
|
|
// Enable ASYNC MTE in the zygote, in order to allow apps and the system
|
|
// server to use MTE. We use ASYNC because we don't expect the pre-fork
|
|
// zygote to have substantial memory corruption bugs (as it's primarily Java
|
|
// code), and we don't want to waste memory recording malloc/free stack
|
|
// traces (which happens in SYNC mode).
|
|
sanitize: {
|
|
memtag_heap: true,
|
|
},
|
|
}
|