diff options
| author | Kalle Lindström <karl.lindstrom@mullvad.net> | 2025-03-03 09:52:51 +0100 |
|---|---|---|
| committer | Kalle Lindström <karl.lindstrom@mullvad.net> | 2025-03-03 09:52:51 +0100 |
| commit | e985fd1bf5ca76798c39509bcb8d0bbcc1aed34b (patch) | |
| tree | e3ff2ed118bcc58931154b7d0997a4a1c4adc7c0 | |
| parent | 4edeccf444519b25a7f6928d9daaaf3b7dbd491b (diff) | |
| download | mullvadvpn-hwasan-android.tar.xz mullvadvpn-hwasan-android.zip | |
| -rw-r--r-- | android/app/build.gradle.kts | 27 | ||||
| -rw-r--r-- | android/app/src/main/resources/lib/arm64-v8a/wrap.sh | 3 | ||||
| -rwxr-xr-x | android/symbolize | 8 | ||||
| -rw-r--r-- | mullvad-jni/src/lib.rs | 9 |
4 files changed, 41 insertions, 6 deletions
diff --git a/android/app/build.gradle.kts b/android/app/build.gradle.kts index ec59d0a5d3..b2276aa3ab 100644 --- a/android/app/build.gradle.kts +++ b/android/app/build.gradle.kts @@ -55,10 +55,7 @@ android { warningsAsErrors = true checkDependencies = true } - - if (isReleaseBuild()) { - ndk { debugSymbolLevel = "none" } - } + ndk { debugSymbolLevel = "full" } } playConfigs { register("playStagemoleRelease") { enabled = true } } @@ -169,7 +166,12 @@ android { } packaging { - jniLibs.useLegacyPackaging = true + jniLibs { + useLegacyPackaging = true + keepDebugSymbols.add("*/arm64-v8a/*.so") + keepDebugSymbols.add("*/armeabi-v7a/*.so") + } + resources { pickFirsts += setOf( @@ -289,7 +291,14 @@ cargo { add("--package=mullvad-jni") add("--locked") } - exec = { spec, _ -> spec.environment("RUSTFLAGS", generateRemapArguments()) } + // exec = { spec, _ -> spec.environment("RUSTFLAGS", generateRemapArguments()) } + exec = { spec, _ -> + spec.environment( + "RUSTFLAGS", + generateRemapArguments() + " -Zsanitizer=hwaddress -C target-feature=+tagged-globals", + ) + spec.environment("RUSTUP_TOOLCHAIN", "nightly") + } } tasks.register<Exec>("cargoClean") { @@ -297,6 +306,12 @@ tasks.register<Exec>("cargoClean") { commandLine("cargo", "clean") } +tasks.register<Exec>("hwasanRun") { + workingDir = File(repoRootPath) + // environment("RUSTUP_TOOLCHAIN", "nightly") + finalizedBy("installOssProdDebug") +} + if ( gradleLocalProperties(rootProject.projectDir, providers) .getProperty("CLEAN_CARGO_BUILD") diff --git a/android/app/src/main/resources/lib/arm64-v8a/wrap.sh b/android/app/src/main/resources/lib/arm64-v8a/wrap.sh new file mode 100644 index 0000000000..28814abe9d --- /dev/null +++ b/android/app/src/main/resources/lib/arm64-v8a/wrap.sh @@ -0,0 +1,3 @@ +#!/system/bin/sh +LD_HWASAN=1 exec "$@" +#exec "$@" diff --git a/android/symbolize b/android/symbolize new file mode 100755 index 0000000000..53c062feb6 --- /dev/null +++ b/android/symbolize @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +LSRW_REAL_EXE=$(which llvm-symbolizer) +LLVM_SYMBOLIZER_PATH=$(which llvm-symbolizer-rust-wrapper) +export LSRW_REAL_EXE +export LLVM_SYMBOLIZER_PATH + +"$NDK_TOOLCHAIN_DIR"/../lib/clang/18/bin/hwasan_symbolize --symbols "./app/build/rustJniLibs/android/arm64-v8a/" <"$1" diff --git a/mullvad-jni/src/lib.rs b/mullvad-jni/src/lib.rs index a82acd3628..941abbe4f6 100644 --- a/mullvad-jni/src/lib.rs +++ b/mullvad-jni/src/lib.rs @@ -73,6 +73,13 @@ struct DaemonContext { running_daemon: tokio::task::JoinHandle<()>, } +fn use_after_free() -> i32 { + let boxed_int = Box::new(10); + let ptr = boxed_int.as_ref() as *const i32; + drop(boxed_int); + unsafe { *ptr } +} + /// Spawn Mullvad daemon. There can only be a single instance, which must be shut down using /// `MullvadDaemon.shutdown`. On success, nothing is returned. On error, an exception is thrown. #[unsafe(no_mangle)] @@ -107,6 +114,8 @@ pub extern "system" fn Java_net_mullvad_mullvadvpn_service_MullvadDaemon_initial let api_endpoint = api::api_endpoint_from_java(&env, api_endpoint); + use_after_free(); + log::info!("Starting daemon"); let daemon = ok_or_throw!( &env, |