From f3918d37fb69ca442347ec3150b1b6e03dd1d61f Mon Sep 17 00:00:00 2001
From: Vishwath Mohan <vishwath@google.com>
Date: Tue, 14 Feb 2017 07:59:33 -0800
Subject: Blacklist code for CFI.

Adds the -fsanitize-blacklist option for CFI, using the built in
blacklist at external/compiler-rt/lib/cfi/cfi_blacklist.txt.

Also refactors the CFI cflags and ldflags into cc/makevars.go to
ensure they're consistent across Soong and make projects.

Bug: 30227045
Test: ENABLE_CFI=true m -j40 builds and boots.
Test: The blacklist prevents runtime errors that otherwise occur.
Change-Id: I91c5420478e7290061d89338a86abdef69c67fe2
---
 cc/makevars.go |  3 +++
 cc/sanitize.go | 14 ++++++++------
 2 files changed, 11 insertions(+), 6 deletions(-)

(limited to 'cc')

diff --git a/cc/makevars.go b/cc/makevars.go
index 06b57c94..e4d8fe61 100644
--- a/cc/makevars.go
+++ b/cc/makevars.go
@@ -64,6 +64,9 @@ func makeVarsProvider(ctx android.MakeVarsContext) {
 	ctx.Strict("ADDRESS_SANITIZER_CONFIG_EXTRA_LDFLAGS", asanLdflags)
 	ctx.Strict("ADDRESS_SANITIZER_CONFIG_EXTRA_STATIC_LIBRARIES", asanLibs)
 
+	ctx.Strict("CFI_EXTRA_CFLAGS", cfiCflags)
+	ctx.Strict("CFI_EXTRA_LDFLAGS", cfiLdflags)
+
 	ctx.Strict("DEFAULT_C_STD_VERSION", config.CStdVersion)
 	ctx.Strict("DEFAULT_CPP_STD_VERSION", config.CppStdVersion)
 	ctx.Strict("DEFAULT_GCC_CPP_STD_VERSION", config.GccCppStdVersion)
diff --git a/cc/sanitize.go b/cc/sanitize.go
index 7eb191f5..28c6ef52 100644
--- a/cc/sanitize.go
+++ b/cc/sanitize.go
@@ -28,6 +28,12 @@ const (
 	asanCflags  = "-fno-omit-frame-pointer"
 	asanLdflags = "-Wl,-u,__asan_preinit"
 	asanLibs    = "libasan"
+
+	cfiCflags = "-flto -fsanitize-cfi-cross-dso -fvisibility=default " +
+		"-fsanitize-blacklist=external/compiler-rt/lib/cfi/cfi_blacklist.txt"
+	// FIXME: revert the __cfi_check flag when clang is updated to r280031.
+	cfiLdflags = "-flto -fsanitize-cfi-cross-dso -fsanitize=cfi " +
+		"-Wl,-plugin-opt,O1 -Wl,-export-dynamic-symbol=__cfi_check"
 )
 
 type sanitizerType int
@@ -324,12 +330,8 @@ func (sanitize *sanitize) flags(ctx ModuleContext, flags Flags) Flags {
 			flags.LdFlags = append(flags.LdFlags, "-march=armv7-a")
 		}
 		sanitizers = append(sanitizers, "cfi")
-		cfiFlags := []string{"-flto", "-fsanitize=cfi", "-fsanitize-cfi-cross-dso"}
-		flags.CFlags = append(flags.CFlags, cfiFlags...)
-		flags.CFlags = append(flags.CFlags, "-fvisibility=default")
-		flags.LdFlags = append(flags.LdFlags, cfiFlags...)
-		// FIXME: revert the __cfi_check flag when clang is updated to r280031.
-		flags.LdFlags = append(flags.LdFlags, "-Wl,-plugin-opt,O1", "-Wl,-export-dynamic-symbol=__cfi_check")
+		flags.CFlags = append(flags.CFlags, cfiCflags)
+		flags.LdFlags = append(flags.LdFlags, cfiLdflags)
 		if Bool(sanitize.Properties.Sanitize.Diag.Cfi) {
 			diagSanitizers = append(diagSanitizers, "cfi")
 		}
-- 
cgit v1.2.3