mirror of
https://github.com/GrapheneOS/hardened_malloc.git
synced 2024-10-01 01:36:01 -04:00
84 lines
2.0 KiB
Plaintext
84 lines
2.0 KiB
Plaintext
common_cflags = [
|
|
"-pipe",
|
|
"-O3",
|
|
//"-flto",
|
|
"-fPIC",
|
|
"-fvisibility=hidden",
|
|
//"-fno-plt",
|
|
"-Wall",
|
|
"-Wextra",
|
|
"-Wcast-align",
|
|
"-Wcast-qual",
|
|
"-Wwrite-strings",
|
|
"-Werror",
|
|
"-DH_MALLOC_PREFIX",
|
|
"-DZERO_ON_FREE=true",
|
|
"-DWRITE_AFTER_FREE_CHECK=true",
|
|
"-DSLOT_RANDOMIZE=true",
|
|
"-DSLAB_CANARY=true",
|
|
"-DSLAB_QUARANTINE_RANDOM_LENGTH=1",
|
|
"-DSLAB_QUARANTINE_QUEUE_LENGTH=1",
|
|
"-DCONFIG_EXTENDED_SIZE_CLASSES=true",
|
|
"-DCONFIG_LARGE_SIZE_CLASSES=true",
|
|
"-DGUARD_SLABS_INTERVAL=1",
|
|
"-DGUARD_SIZE_DIVISOR=2",
|
|
"-DREGION_QUARANTINE_RANDOM_LENGTH=256",
|
|
"-DREGION_QUARANTINE_QUEUE_LENGTH=1024",
|
|
"-DREGION_QUARANTINE_SKIP_THRESHOLD=33554432", // 32MiB
|
|
"-DFREE_SLABS_QUARANTINE_RANDOM_LENGTH=32",
|
|
"-DCONFIG_CLASS_REGION_SIZE=34359738368", // 32GiB
|
|
"-DN_ARENA=1",
|
|
"-DCONFIG_STATS=true",
|
|
"-DCONFIG_SELF_INIT=false",
|
|
]
|
|
|
|
cc_defaults {
|
|
name: "hardened_malloc_defaults",
|
|
defaults: ["linux_bionic_supported"],
|
|
cflags: common_cflags,
|
|
conlyflags: ["-std=c17", "-Wmissing-prototypes"],
|
|
stl: "none",
|
|
}
|
|
|
|
lib_src_files = [
|
|
"chacha.c",
|
|
"h_malloc.c",
|
|
"memory.c",
|
|
"pages.c",
|
|
"random.c",
|
|
"util.c",
|
|
]
|
|
|
|
cc_library {
|
|
name: "libhardened_malloc",
|
|
ramdisk_available: true,
|
|
vendor_ramdisk_available: true,
|
|
recovery_available: true,
|
|
defaults: ["hardened_malloc_defaults"],
|
|
srcs: lib_src_files,
|
|
export_include_dirs: ["include"],
|
|
static_libs: ["libasync_safe"],
|
|
target: {
|
|
android: {
|
|
shared: {
|
|
enabled: false,
|
|
},
|
|
system_shared_libs: [],
|
|
},
|
|
linux_bionic: {
|
|
system_shared_libs: [],
|
|
},
|
|
},
|
|
product_variables: {
|
|
debuggable: {
|
|
cflags: ["-DLABEL_MEMORY"],
|
|
},
|
|
device_has_arm_mte: {
|
|
cflags: ["-DHAS_ARM_MTE", "-march=armv9-a+memtag"]
|
|
},
|
|
},
|
|
apex_available: [
|
|
"com.android.runtime",
|
|
],
|
|
}
|