2018-03-12 09:34:26 +01:00
|
|
|
// Copyright 2018 Google Inc. All rights reserved.
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
package android
|
|
|
|
|
|
|
|
import (
|
2021-10-29 00:14:04 +02:00
|
|
|
"regexp"
|
2018-03-12 09:34:26 +01:00
|
|
|
"testing"
|
2019-07-25 16:41:09 +02:00
|
|
|
|
|
|
|
"github.com/google/blueprint"
|
2018-03-12 09:34:26 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
var neverallowTests = []struct {
|
2019-08-07 16:31:07 +02:00
|
|
|
// The name of the test.
|
|
|
|
name string
|
|
|
|
|
|
|
|
// Optional test specific rules. If specified then they are used instead of the default rules.
|
|
|
|
rules []Rule
|
|
|
|
|
|
|
|
// Additional contents to add to the virtual filesystem used by the tests.
|
2021-03-17 00:41:40 +01:00
|
|
|
fs MockFS
|
2019-08-07 16:31:07 +02:00
|
|
|
|
|
|
|
// The expected error patterns. If empty then no errors are expected, otherwise each error
|
|
|
|
// reported must be matched by at least one of these patterns. A pattern matches if the error
|
|
|
|
// message contains the pattern. A pattern does not have to match the whole error message.
|
2019-08-05 16:07:57 +02:00
|
|
|
expectedErrors []string
|
2018-03-12 09:34:26 +01:00
|
|
|
}{
|
2019-07-25 16:41:09 +02:00
|
|
|
// Test General Functionality
|
|
|
|
|
|
|
|
// in direct deps tests
|
|
|
|
{
|
|
|
|
name: "not_allowed_in_direct_deps",
|
2019-08-07 16:31:07 +02:00
|
|
|
rules: []Rule{
|
|
|
|
NeverAllow().InDirectDeps("not_allowed_in_direct_deps"),
|
|
|
|
},
|
2019-07-25 16:41:09 +02:00
|
|
|
fs: map[string][]byte{
|
2019-12-14 05:41:13 +01:00
|
|
|
"top/Android.bp": []byte(`
|
2019-07-25 16:41:09 +02:00
|
|
|
cc_library {
|
|
|
|
name: "not_allowed_in_direct_deps",
|
|
|
|
}`),
|
2019-12-14 05:41:13 +01:00
|
|
|
"other/Android.bp": []byte(`
|
2019-07-25 16:41:09 +02:00
|
|
|
cc_library {
|
|
|
|
name: "libother",
|
|
|
|
static_libs: ["not_allowed_in_direct_deps"],
|
|
|
|
}`),
|
|
|
|
},
|
2019-08-05 16:07:57 +02:00
|
|
|
expectedErrors: []string{
|
2021-10-29 00:14:04 +02:00
|
|
|
regexp.QuoteMeta("module \"libother\": violates neverallow requirements. Not allowed:\n\tdep(s): [\"not_allowed_in_direct_deps\"]"),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "multiple constraints",
|
|
|
|
rules: []Rule{
|
|
|
|
NeverAllow().
|
|
|
|
InDirectDeps("not_allowed_in_direct_deps").
|
|
|
|
In("other").
|
|
|
|
ModuleType("cc_library").
|
|
|
|
NotIn("top").
|
|
|
|
NotModuleType("cc_binary"),
|
|
|
|
},
|
|
|
|
fs: map[string][]byte{
|
|
|
|
"top/Android.bp": []byte(`
|
|
|
|
cc_library {
|
|
|
|
name: "not_allowed_in_direct_deps",
|
|
|
|
}`),
|
|
|
|
"other/Android.bp": []byte(`
|
|
|
|
cc_library {
|
|
|
|
name: "libother",
|
|
|
|
static_libs: ["not_allowed_in_direct_deps"],
|
|
|
|
}`),
|
|
|
|
},
|
|
|
|
expectedErrors: []string{
|
|
|
|
regexp.QuoteMeta(`module "libother": violates neverallow requirements. Not allowed:
|
|
|
|
in dirs: ["other/"]
|
|
|
|
module types: ["cc_library"]
|
|
|
|
dep(s): ["not_allowed_in_direct_deps"]
|
|
|
|
EXCEPT in dirs: ["top/"]
|
|
|
|
EXCEPT module types: ["cc_binary"]`),
|
2019-08-05 16:07:57 +02:00
|
|
|
},
|
2019-07-25 16:41:09 +02:00
|
|
|
},
|
|
|
|
|
2019-08-07 16:31:07 +02:00
|
|
|
// Test android specific rules
|
2019-07-25 16:41:09 +02:00
|
|
|
|
2019-07-22 13:13:55 +02:00
|
|
|
// include_dir rule tests
|
|
|
|
{
|
|
|
|
name: "include_dir not allowed to reference art",
|
|
|
|
fs: map[string][]byte{
|
2019-12-14 05:41:13 +01:00
|
|
|
"other/Android.bp": []byte(`
|
2019-07-22 13:13:55 +02:00
|
|
|
cc_library {
|
|
|
|
name: "libother",
|
|
|
|
include_dirs: ["art/libdexfile/include"],
|
|
|
|
}`),
|
|
|
|
},
|
2019-08-05 16:07:57 +02:00
|
|
|
expectedErrors: []string{
|
|
|
|
"all usages of 'art' have been migrated",
|
|
|
|
},
|
2019-07-22 13:13:55 +02:00
|
|
|
},
|
|
|
|
{
|
2021-04-27 04:31:07 +02:00
|
|
|
name: "include_dir not allowed to reference art",
|
|
|
|
fs: map[string][]byte{
|
|
|
|
"system/libfmq/Android.bp": []byte(`
|
|
|
|
cc_library {
|
|
|
|
name: "libother",
|
|
|
|
include_dirs: ["any/random/file"],
|
|
|
|
}`),
|
|
|
|
},
|
|
|
|
expectedErrors: []string{
|
|
|
|
"all usages of them in 'system/libfmq' have been migrated",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "include_dir can work",
|
2019-07-22 13:13:55 +02:00
|
|
|
fs: map[string][]byte{
|
2019-12-14 05:41:13 +01:00
|
|
|
"other/Android.bp": []byte(`
|
2019-07-22 13:13:55 +02:00
|
|
|
cc_library {
|
|
|
|
name: "libother",
|
|
|
|
include_dirs: ["another/include"],
|
|
|
|
}`),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
// Treble rule tests
|
2018-03-12 09:34:26 +01:00
|
|
|
{
|
|
|
|
name: "no vndk.enabled under vendor directory",
|
|
|
|
fs: map[string][]byte{
|
2019-12-14 05:41:13 +01:00
|
|
|
"vendor/Android.bp": []byte(`
|
2018-03-12 09:34:26 +01:00
|
|
|
cc_library {
|
|
|
|
name: "libvndk",
|
|
|
|
vendor_available: true,
|
|
|
|
vndk: {
|
|
|
|
enabled: true,
|
|
|
|
},
|
|
|
|
}`),
|
|
|
|
},
|
2019-08-05 16:07:57 +02:00
|
|
|
expectedErrors: []string{
|
|
|
|
"VNDK can never contain a library that is device dependent",
|
|
|
|
},
|
2018-03-12 09:34:26 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "no vndk.enabled under device directory",
|
|
|
|
fs: map[string][]byte{
|
2019-12-14 05:41:13 +01:00
|
|
|
"device/Android.bp": []byte(`
|
2018-03-12 09:34:26 +01:00
|
|
|
cc_library {
|
|
|
|
name: "libvndk",
|
|
|
|
vendor_available: true,
|
|
|
|
vndk: {
|
|
|
|
enabled: true,
|
|
|
|
},
|
|
|
|
}`),
|
|
|
|
},
|
2019-08-05 16:07:57 +02:00
|
|
|
expectedErrors: []string{
|
|
|
|
"VNDK can never contain a library that is device dependent",
|
|
|
|
},
|
2018-03-12 09:34:26 +01:00
|
|
|
},
|
2018-03-12 09:35:58 +01:00
|
|
|
{
|
|
|
|
name: "vndk-ext under vendor or device directory",
|
|
|
|
fs: map[string][]byte{
|
2019-12-14 05:41:13 +01:00
|
|
|
"device/Android.bp": []byte(`
|
2018-03-12 09:35:58 +01:00
|
|
|
cc_library {
|
|
|
|
name: "libvndk1_ext",
|
|
|
|
vendor: true,
|
|
|
|
vndk: {
|
|
|
|
enabled: true,
|
|
|
|
},
|
|
|
|
}`),
|
2019-12-14 05:41:13 +01:00
|
|
|
"vendor/Android.bp": []byte(`
|
2018-03-12 09:35:58 +01:00
|
|
|
cc_library {
|
|
|
|
name: "libvndk2_ext",
|
|
|
|
vendor: true,
|
|
|
|
vndk: {
|
|
|
|
enabled: true,
|
|
|
|
},
|
|
|
|
}`),
|
|
|
|
},
|
|
|
|
},
|
2018-03-12 09:34:26 +01:00
|
|
|
|
|
|
|
{
|
|
|
|
name: "no enforce_vintf_manifest.cflags",
|
|
|
|
fs: map[string][]byte{
|
2019-12-14 05:41:13 +01:00
|
|
|
"Android.bp": []byte(`
|
2018-03-12 09:34:26 +01:00
|
|
|
cc_library {
|
|
|
|
name: "libexample",
|
|
|
|
product_variables: {
|
|
|
|
enforce_vintf_manifest: {
|
|
|
|
cflags: ["-DSHOULD_NOT_EXIST"],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}`),
|
|
|
|
},
|
2019-08-05 16:07:57 +02:00
|
|
|
expectedErrors: []string{
|
|
|
|
"manifest enforcement should be independent",
|
|
|
|
},
|
2018-03-12 09:34:26 +01:00
|
|
|
},
|
|
|
|
|
|
|
|
{
|
|
|
|
name: "no treble_linker_namespaces.cflags",
|
|
|
|
fs: map[string][]byte{
|
2019-12-14 05:41:13 +01:00
|
|
|
"Android.bp": []byte(`
|
2018-03-12 09:34:26 +01:00
|
|
|
cc_library {
|
|
|
|
name: "libexample",
|
|
|
|
product_variables: {
|
|
|
|
treble_linker_namespaces: {
|
|
|
|
cflags: ["-DSHOULD_NOT_EXIST"],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}`),
|
|
|
|
},
|
2019-08-05 16:07:57 +02:00
|
|
|
expectedErrors: []string{
|
|
|
|
"nothing should care if linker namespaces are enabled or not",
|
|
|
|
},
|
2018-03-12 09:34:26 +01:00
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "libc_bionic_ndk treble_linker_namespaces.cflags",
|
|
|
|
fs: map[string][]byte{
|
2019-12-14 05:41:13 +01:00
|
|
|
"Android.bp": []byte(`
|
2018-03-12 09:34:26 +01:00
|
|
|
cc_library {
|
|
|
|
name: "libc_bionic_ndk",
|
|
|
|
product_variables: {
|
|
|
|
treble_linker_namespaces: {
|
|
|
|
cflags: ["-DSHOULD_NOT_EXIST"],
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}`),
|
|
|
|
},
|
|
|
|
},
|
2019-03-06 00:06:16 +01:00
|
|
|
{
|
|
|
|
name: "java_device_for_host",
|
|
|
|
fs: map[string][]byte{
|
2019-12-14 05:41:13 +01:00
|
|
|
"Android.bp": []byte(`
|
2019-03-06 00:06:16 +01:00
|
|
|
java_device_for_host {
|
|
|
|
name: "device_for_host",
|
|
|
|
libs: ["core-libart"],
|
|
|
|
}`),
|
|
|
|
},
|
2019-08-05 16:07:57 +02:00
|
|
|
expectedErrors: []string{
|
2020-06-11 20:32:11 +02:00
|
|
|
"java_device_for_host can only be used in allowed projects",
|
2019-08-05 16:07:57 +02:00
|
|
|
},
|
2019-03-06 00:06:16 +01:00
|
|
|
},
|
2020-04-07 18:50:32 +02:00
|
|
|
// CC sdk rule tests
|
|
|
|
{
|
2020-06-11 20:32:11 +02:00
|
|
|
name: `"sdk_variant_only" outside allowed list`,
|
2020-04-07 18:50:32 +02:00
|
|
|
fs: map[string][]byte{
|
|
|
|
"Android.bp": []byte(`
|
|
|
|
cc_library {
|
2020-06-11 20:32:11 +02:00
|
|
|
name: "outside_allowed_list",
|
2020-04-07 18:50:32 +02:00
|
|
|
sdk_version: "current",
|
|
|
|
sdk_variant_only: true,
|
|
|
|
}`),
|
|
|
|
},
|
|
|
|
expectedErrors: []string{
|
2020-06-11 20:32:11 +02:00
|
|
|
`module "outside_allowed_list": violates neverallow`,
|
2020-04-07 18:50:32 +02:00
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
2020-06-11 20:32:11 +02:00
|
|
|
name: `"sdk_variant_only: false" outside allowed list`,
|
2020-04-07 18:50:32 +02:00
|
|
|
fs: map[string][]byte{
|
|
|
|
"Android.bp": []byte(`
|
|
|
|
cc_library {
|
2020-06-11 20:32:11 +02:00
|
|
|
name: "outside_allowed_list",
|
2020-04-07 18:50:32 +02:00
|
|
|
sdk_version: "current",
|
|
|
|
sdk_variant_only: false,
|
|
|
|
}`),
|
|
|
|
},
|
|
|
|
expectedErrors: []string{
|
2020-06-11 20:32:11 +02:00
|
|
|
`module "outside_allowed_list": violates neverallow`,
|
2020-04-07 18:50:32 +02:00
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
2020-06-11 20:32:11 +02:00
|
|
|
name: `"platform" outside allowed list`,
|
2020-04-07 18:50:32 +02:00
|
|
|
fs: map[string][]byte{
|
|
|
|
"Android.bp": []byte(`
|
|
|
|
cc_library {
|
2020-06-11 20:32:11 +02:00
|
|
|
name: "outside_allowed_list",
|
2020-04-07 18:50:32 +02:00
|
|
|
platform: {
|
|
|
|
shared_libs: ["libfoo"],
|
|
|
|
},
|
|
|
|
}`),
|
|
|
|
},
|
|
|
|
expectedErrors: []string{
|
2020-06-11 20:32:11 +02:00
|
|
|
`module "outside_allowed_list": violates neverallow`,
|
2020-04-07 18:50:32 +02:00
|
|
|
},
|
|
|
|
},
|
2020-05-20 23:20:28 +02:00
|
|
|
{
|
|
|
|
name: "uncompress_dex inside art",
|
|
|
|
fs: map[string][]byte{
|
|
|
|
"art/Android.bp": []byte(`
|
|
|
|
java_library {
|
|
|
|
name: "inside_art_libraries",
|
|
|
|
uncompress_dex: true,
|
|
|
|
}`),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "uncompress_dex outside art",
|
|
|
|
fs: map[string][]byte{
|
|
|
|
"other/Android.bp": []byte(`
|
|
|
|
java_library {
|
|
|
|
name: "outside_art_libraries",
|
|
|
|
uncompress_dex: true,
|
|
|
|
}`),
|
|
|
|
},
|
|
|
|
expectedErrors: []string{
|
|
|
|
"module \"outside_art_libraries\": violates neverallow",
|
|
|
|
},
|
|
|
|
},
|
2020-07-27 21:59:58 +02:00
|
|
|
{
|
|
|
|
name: "disallowed makefile_goal",
|
|
|
|
fs: map[string][]byte{
|
|
|
|
"Android.bp": []byte(`
|
|
|
|
makefile_goal {
|
|
|
|
name: "foo",
|
|
|
|
product_out_path: "boot/trap.img"
|
|
|
|
}
|
|
|
|
`),
|
|
|
|
},
|
|
|
|
expectedErrors: []string{
|
2021-12-29 09:59:00 +01:00
|
|
|
"Only boot images may be imported as a makefile goal.",
|
2020-07-27 21:59:58 +02:00
|
|
|
},
|
|
|
|
},
|
2018-03-12 09:34:26 +01:00
|
|
|
}
|
|
|
|
|
2021-03-17 00:41:40 +01:00
|
|
|
var prepareForNeverAllowTest = GroupFixturePreparers(
|
|
|
|
FixtureRegisterWithContext(func(ctx RegistrationContext) {
|
|
|
|
ctx.RegisterModuleType("cc_library", newMockCcLibraryModule)
|
|
|
|
ctx.RegisterModuleType("java_library", newMockJavaLibraryModule)
|
|
|
|
ctx.RegisterModuleType("java_library_host", newMockJavaLibraryModule)
|
|
|
|
ctx.RegisterModuleType("java_device_for_host", newMockJavaLibraryModule)
|
|
|
|
ctx.RegisterModuleType("makefile_goal", newMockMakefileGoalModule)
|
|
|
|
}),
|
|
|
|
)
|
|
|
|
|
2018-03-12 09:34:26 +01:00
|
|
|
func TestNeverallow(t *testing.T) {
|
|
|
|
for _, test := range neverallowTests {
|
2019-08-05 16:07:57 +02:00
|
|
|
t.Run(test.name, func(t *testing.T) {
|
2021-03-20 01:36:14 +01:00
|
|
|
GroupFixturePreparers(
|
|
|
|
prepareForNeverAllowTest,
|
2021-03-31 00:07:52 +02:00
|
|
|
PrepareForTestWithNeverallowRules(test.rules),
|
2021-03-20 01:36:14 +01:00
|
|
|
test.fs.AddToFixture(),
|
2021-03-22 20:24:26 +01:00
|
|
|
).
|
|
|
|
ExtendWithErrorHandler(FixtureExpectsAllErrorsToMatchAPattern(test.expectedErrors)).
|
2021-03-20 01:36:14 +01:00
|
|
|
RunTest(t)
|
2018-03-12 09:34:26 +01:00
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-10-21 18:19:10 +02:00
|
|
|
type mockCcLibraryProperties struct {
|
2019-07-22 13:13:55 +02:00
|
|
|
Include_dirs []string
|
2018-03-12 09:34:26 +01:00
|
|
|
Vendor_available *bool
|
2019-07-25 16:41:09 +02:00
|
|
|
Static_libs []string
|
2020-04-07 18:50:32 +02:00
|
|
|
Sdk_version *string
|
|
|
|
Sdk_variant_only *bool
|
2018-03-12 09:34:26 +01:00
|
|
|
|
|
|
|
Vndk struct {
|
|
|
|
Enabled *bool
|
|
|
|
Support_system_process *bool
|
|
|
|
Extends *string
|
|
|
|
}
|
|
|
|
|
|
|
|
Product_variables struct {
|
|
|
|
Enforce_vintf_manifest struct {
|
|
|
|
Cflags []string
|
|
|
|
}
|
|
|
|
|
|
|
|
Treble_linker_namespaces struct {
|
|
|
|
Cflags []string
|
|
|
|
}
|
|
|
|
}
|
2020-04-07 18:50:32 +02:00
|
|
|
|
|
|
|
Platform struct {
|
|
|
|
Shared_libs []string
|
|
|
|
}
|
2018-03-12 09:34:26 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
type mockCcLibraryModule struct {
|
|
|
|
ModuleBase
|
2018-10-21 18:19:10 +02:00
|
|
|
properties mockCcLibraryProperties
|
2018-03-12 09:34:26 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func newMockCcLibraryModule() Module {
|
|
|
|
m := &mockCcLibraryModule{}
|
|
|
|
m.AddProperties(&m.properties)
|
|
|
|
InitAndroidModule(m)
|
|
|
|
return m
|
|
|
|
}
|
|
|
|
|
2019-07-25 16:41:09 +02:00
|
|
|
type neverallowTestDependencyTag struct {
|
|
|
|
blueprint.BaseDependencyTag
|
|
|
|
name string
|
|
|
|
}
|
|
|
|
|
|
|
|
var staticDepTag = neverallowTestDependencyTag{name: "static"}
|
|
|
|
|
|
|
|
func (c *mockCcLibraryModule) DepsMutator(ctx BottomUpMutatorContext) {
|
|
|
|
for _, lib := range c.properties.Static_libs {
|
|
|
|
ctx.AddDependency(ctx.Module(), staticDepTag, lib)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-03-12 09:34:26 +01:00
|
|
|
func (p *mockCcLibraryModule) GenerateAndroidBuildActions(ModuleContext) {
|
|
|
|
}
|
2018-10-21 18:19:10 +02:00
|
|
|
|
|
|
|
type mockJavaLibraryProperties struct {
|
2021-12-23 16:05:38 +01:00
|
|
|
Libs []string
|
|
|
|
Sdk_version *string
|
|
|
|
Uncompress_dex *bool
|
2018-10-21 18:19:10 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
type mockJavaLibraryModule struct {
|
|
|
|
ModuleBase
|
|
|
|
properties mockJavaLibraryProperties
|
|
|
|
}
|
|
|
|
|
|
|
|
func newMockJavaLibraryModule() Module {
|
|
|
|
m := &mockJavaLibraryModule{}
|
|
|
|
m.AddProperties(&m.properties)
|
|
|
|
InitAndroidModule(m)
|
|
|
|
return m
|
|
|
|
}
|
|
|
|
|
|
|
|
func (p *mockJavaLibraryModule) GenerateAndroidBuildActions(ModuleContext) {
|
|
|
|
}
|
2020-07-27 21:59:58 +02:00
|
|
|
|
|
|
|
type mockMakefileGoalProperties struct {
|
|
|
|
Product_out_path *string
|
|
|
|
}
|
|
|
|
|
|
|
|
type mockMakefileGoalModule struct {
|
|
|
|
ModuleBase
|
|
|
|
properties mockMakefileGoalProperties
|
|
|
|
}
|
|
|
|
|
|
|
|
func newMockMakefileGoalModule() Module {
|
|
|
|
m := &mockMakefileGoalModule{}
|
|
|
|
m.AddProperties(&m.properties)
|
|
|
|
InitAndroidModule(m)
|
|
|
|
return m
|
|
|
|
}
|
|
|
|
|
|
|
|
func (p *mockMakefileGoalModule) GenerateAndroidBuildActions(ModuleContext) {
|
|
|
|
}
|