|
|
|
@ -206,8 +206,8 @@ $(KATI_obsolete_var PRODUCT_FULL_TREBLE,\
|
|
|
|
|
variables like PRODUCT_SEPOLICY_SPLIT should be used until that is \
|
|
|
|
|
possible.)
|
|
|
|
|
|
|
|
|
|
# Sets ro.actionable_compatible_property.enabled to know on runtime whether the whitelist
|
|
|
|
|
# of actionable compatible properties is enabled or not.
|
|
|
|
|
# Sets ro.actionable_compatible_property.enabled to know on runtime whether the
|
|
|
|
|
# allowed list of actionable compatible properties is enabled or not.
|
|
|
|
|
ifeq ($(PRODUCT_ACTIONABLE_COMPATIBLE_PROPERTY_DISABLE),true)
|
|
|
|
|
ADDITIONAL_DEFAULT_PROPERTIES += ro.actionable_compatible_property.enabled=false
|
|
|
|
|
else
|
|
|
|
@ -1119,7 +1119,7 @@ ifdef FULL_BUILD
|
|
|
|
|
ifneq (true,$(ALLOW_MISSING_DEPENDENCIES))
|
|
|
|
|
# Check to ensure that all modules in PRODUCT_PACKAGES exist (opt in per product)
|
|
|
|
|
ifeq (true,$(PRODUCT_ENFORCE_PACKAGES_EXIST))
|
|
|
|
|
_whitelist := $(PRODUCT_ENFORCE_PACKAGES_EXIST_WHITELIST)
|
|
|
|
|
_allow_list := $(PRODUCT_ENFORCE_PACKAGES_EXIST_ALLOW_LIST)
|
|
|
|
|
_modules := $(PRODUCT_PACKAGES)
|
|
|
|
|
# Strip :32 and :64 suffixes
|
|
|
|
|
_modules := $(patsubst %:32,%,$(_modules))
|
|
|
|
@ -1129,10 +1129,10 @@ ifdef FULL_BUILD
|
|
|
|
|
_nonexistent_modules := $(filter-out $(ALL_MODULES),$(_modules))
|
|
|
|
|
_nonexistent_modules := $(foreach m,$(_nonexistent_modules),\
|
|
|
|
|
$(if $(call get-32-bit-modules,$(m)),,$(m)))
|
|
|
|
|
$(call maybe-print-list-and-error,$(filter-out $(_whitelist),$(_nonexistent_modules)),\
|
|
|
|
|
$(call maybe-print-list-and-error,$(filter-out $(_allow_list),$(_nonexistent_modules)),\
|
|
|
|
|
$(INTERNAL_PRODUCT) includes non-existent modules in PRODUCT_PACKAGES)
|
|
|
|
|
$(call maybe-print-list-and-error,$(filter-out $(_nonexistent_modules),$(_whitelist)),\
|
|
|
|
|
$(INTERNAL_PRODUCT) includes redundant whitelist entries for nonexistent PRODUCT_PACKAGES)
|
|
|
|
|
$(call maybe-print-list-and-error,$(filter-out $(_nonexistent_modules),$(_allow_list)),\
|
|
|
|
|
$(INTERNAL_PRODUCT) includes redundant allow list entries for non-existent PRODUCT_PACKAGES)
|
|
|
|
|
endif
|
|
|
|
|
|
|
|
|
|
# Check to ensure that all modules in PRODUCT_HOST_PACKAGES exist
|
|
|
|
@ -1174,21 +1174,21 @@ ifdef FULL_BUILD
|
|
|
|
|
is_asan := $(if $(filter address,$(SANITIZE_TARGET)),true)
|
|
|
|
|
ifneq (true,$(or $(is_asan),$(DISABLE_ARTIFACT_PATH_REQUIREMENTS)))
|
|
|
|
|
# Fakes don't get installed, and NDK stubs aren't installed to device.
|
|
|
|
|
static_whitelist_patterns := $(TARGET_OUT_FAKE)/% $(SOONG_OUT_DIR)/ndk/%
|
|
|
|
|
static_allowed_patterns := $(TARGET_OUT_FAKE)/% $(SOONG_OUT_DIR)/ndk/%
|
|
|
|
|
# RROs become REQUIRED by the source module, but are always placed on the vendor partition.
|
|
|
|
|
static_whitelist_patterns += %__auto_generated_rro_product.apk
|
|
|
|
|
static_whitelist_patterns += %__auto_generated_rro_vendor.apk
|
|
|
|
|
static_allowed_patterns += %__auto_generated_rro_product.apk
|
|
|
|
|
static_allowed_patterns += %__auto_generated_rro_vendor.apk
|
|
|
|
|
# Auto-included targets are not considered
|
|
|
|
|
static_whitelist_patterns += $(call product-installed-files,)
|
|
|
|
|
static_allowed_patterns += $(call product-installed-files,)
|
|
|
|
|
# $(PRODUCT_OUT)/apex is where shared libraries in APEXes get installed.
|
|
|
|
|
# The path can be considered as a fake path, as the shared libraries
|
|
|
|
|
# are installed there just to have symbols files for them under
|
|
|
|
|
# $(PRODUCT_OUT)/symbols/apex for debugging purpose. The /apex directory
|
|
|
|
|
# is never compiled into a filesystem image.
|
|
|
|
|
static_whitelist_patterns += $(PRODUCT_OUT)/apex/%
|
|
|
|
|
static_allowed_patterns += $(PRODUCT_OUT)/apex/%
|
|
|
|
|
ifeq (true,$(BOARD_USES_SYSTEM_OTHER_ODEX))
|
|
|
|
|
# Allow system_other odex space optimization.
|
|
|
|
|
static_whitelist_patterns += \
|
|
|
|
|
static_allowed_patterns += \
|
|
|
|
|
$(TARGET_OUT_SYSTEM_OTHER)/%.odex \
|
|
|
|
|
$(TARGET_OUT_SYSTEM_OTHER)/%.vdex \
|
|
|
|
|
$(TARGET_OUT_SYSTEM_OTHER)/%.art
|
|
|
|
@ -1204,31 +1204,32 @@ $(call dist-for-goals,droidcore,$(CERTIFICATE_VIOLATION_MODULES_FILENAME))
|
|
|
|
|
$(foreach makefile,$(ARTIFACT_PATH_REQUIREMENT_PRODUCTS),\
|
|
|
|
|
$(eval requirements := $(PRODUCTS.$(makefile).ARTIFACT_PATH_REQUIREMENTS)) \
|
|
|
|
|
$(eval ### Verify that the product only produces files inside its path requirements.) \
|
|
|
|
|
$(eval whitelist := $(PRODUCTS.$(makefile).ARTIFACT_PATH_WHITELIST)) \
|
|
|
|
|
$(eval allowed := $(PRODUCTS.$(makefile).ARTIFACT_PATH_ALLOWED_LIST)) \
|
|
|
|
|
$(eval path_patterns := $(call resolve-product-relative-paths,$(requirements),%)) \
|
|
|
|
|
$(eval whitelist_patterns := $(call resolve-product-relative-paths,$(whitelist))) \
|
|
|
|
|
$(eval allowed_patterns := $(call resolve-product-relative-paths,$(allowed))) \
|
|
|
|
|
$(eval files := $(call product-installed-files, $(makefile))) \
|
|
|
|
|
$(eval offending_files := $(filter-out $(path_patterns) $(whitelist_patterns) $(static_whitelist_patterns),$(files))) \
|
|
|
|
|
$(eval offending_files := $(filter-out $(path_patterns) $(allowed_patterns) $(static_allowed_patterns),$(files))) \
|
|
|
|
|
$(call maybe-print-list-and-error,$(offending_files),\
|
|
|
|
|
$(makefile) produces files outside its artifact path requirement. \
|
|
|
|
|
Allowed paths are $(subst $(space),$(comma)$(space),$(addsuffix *,$(requirements)))) \
|
|
|
|
|
$(eval unused_whitelist := $(filter-out $(files),$(whitelist_patterns))) \
|
|
|
|
|
$(call maybe-print-list-and-error,$(unused_whitelist),$(makefile) includes redundant whitelist entries in its artifact path requirement.) \
|
|
|
|
|
$(eval unused_allowed := $(filter-out $(files),$(allowed_patterns))) \
|
|
|
|
|
$(call maybe-print-list-and-error,$(unused_allowed),$(makefile) includes redundant allowed entries in its artifact path requirement.) \
|
|
|
|
|
$(eval ### Optionally verify that nothing else produces files inside this artifact path requirement.) \
|
|
|
|
|
$(eval extra_files := $(filter-out $(files) $(HOST_OUT)/%,$(product_target_FILES))) \
|
|
|
|
|
$(eval files_in_requirement := $(filter $(path_patterns),$(extra_files))) \
|
|
|
|
|
$(eval all_offending_files += $(files_in_requirement)) \
|
|
|
|
|
$(eval whitelist := $(PRODUCT_ARTIFACT_PATH_REQUIREMENT_WHITELIST)) \
|
|
|
|
|
$(eval whitelist_patterns := $(call resolve-product-relative-paths,$(whitelist))) \
|
|
|
|
|
$(eval offending_files := $(filter-out $(whitelist_patterns),$(files_in_requirement))) \
|
|
|
|
|
$(eval allowed := $(strip $(PRODUCT_ARTIFACT_PATH_REQUIREMENT_WHITELIST) \
|
|
|
|
|
$(PRODUCT_ARTIFACT_PATH_REQUIREMENT_ALLOWED_LIST))) \
|
|
|
|
|
$(eval allowed_patterns := $(call resolve-product-relative-paths,$(allowed))) \
|
|
|
|
|
$(eval offending_files := $(filter-out $(allowed_patterns),$(files_in_requirement))) \
|
|
|
|
|
$(eval enforcement := $(PRODUCT_ENFORCE_ARTIFACT_PATH_REQUIREMENTS)) \
|
|
|
|
|
$(if $(enforcement),\
|
|
|
|
|
$(call maybe-print-list-and-error,$(offending_files),\
|
|
|
|
|
$(INTERNAL_PRODUCT) produces files inside $(makefile)s artifact path requirement. \
|
|
|
|
|
$(PRODUCT_ARTIFACT_PATH_REQUIREMENT_HINT)) \
|
|
|
|
|
$(eval unused_whitelist := $(if $(filter true strict,$(enforcement)),\
|
|
|
|
|
$(foreach p,$(whitelist_patterns),$(if $(filter $(p),$(extra_files)),,$(p))))) \
|
|
|
|
|
$(call maybe-print-list-and-error,$(unused_whitelist),$(INTERNAL_PRODUCT) includes redundant artifact path requirement whitelist entries.) \
|
|
|
|
|
$(eval unused_allowed := $(if $(filter true strict,$(enforcement)),\
|
|
|
|
|
$(foreach p,$(allowed_patterns),$(if $(filter $(p),$(extra_files)),,$(p))))) \
|
|
|
|
|
$(call maybe-print-list-and-error,$(unused_allowed),$(INTERNAL_PRODUCT) includes redundant artifact path requirement allowed list entries.) \
|
|
|
|
|
) \
|
|
|
|
|
)
|
|
|
|
|
$(PRODUCT_OUT)/offending_artifacts.txt:
|
|
|
|
|