diff --git a/apex/builder.go b/apex/builder.go index 4b42b7428..cd7599a02 100644 --- a/apex/builder.go +++ b/apex/builder.go @@ -75,6 +75,7 @@ func init() { pctx.HostBinToolVariable("deapexer", "deapexer") pctx.HostBinToolVariable("debugfs_static", "debugfs_static") pctx.SourcePathVariable("genNdkUsedbyApexPath", "build/soong/scripts/gen_ndk_usedby_apex.sh") + pctx.HostBinToolVariable("conv_linker_config", "conv_linker_config") } var ( @@ -222,6 +223,12 @@ var ( CommandDeps: []string{"${apex_sepolicy_tests}", "${deapexer}", "${debugfs_static}"}, Description: "run apex_sepolicy_tests", }) + + apexLinkerconfigValidationRule = pctx.StaticRule("apexLinkerconfigValidationRule", blueprint.RuleParams{ + Command: `${conv_linker_config} validate --type apex ${image_dir} && touch ${out}`, + CommandDeps: []string{"${conv_linker_config}"}, + Description: "run apex_linkerconfig_validation", + }, "image_dir") ) // buildManifest creates buile rules to modify the input apex_manifest.json to add information @@ -843,6 +850,7 @@ func (a *apexBundle) buildApex(ctx android.ModuleContext) { args["outCommaList"] = signedOutputFile.String() } var validations android.Paths + validations = append(validations, runApexLinkerconfigValidation(ctx, unsignedOutputFile.OutputPath, imageDir.OutputPath)) // TODO(b/279688635) deapexer supports [ext4] if suffix == imageApexSuffix && ext4 == a.payloadFsType { validations = append(validations, runApexSepolicyTests(ctx, unsignedOutputFile.OutputPath)) @@ -1097,6 +1105,19 @@ func (a *apexBundle) buildCannedFsConfig(ctx android.ModuleContext) android.Outp return cannedFsConfig.OutputPath } +func runApexLinkerconfigValidation(ctx android.ModuleContext, apexFile android.OutputPath, imageDir android.OutputPath) android.Path { + timestamp := android.PathForModuleOut(ctx, "apex_linkerconfig_validation.timestamp") + ctx.Build(pctx, android.BuildParams{ + Rule: apexLinkerconfigValidationRule, + Input: apexFile, + Output: timestamp, + Args: map[string]string{ + "image_dir": imageDir.String(), + }, + }) + return timestamp +} + // Runs apex_sepolicy_tests // // $ deapexer list -Z {apex_file} > {file_contexts} diff --git a/scripts/conv_linker_config.py b/scripts/conv_linker_config.py index 3ac1b7e5e..c6aa3d0dc 100644 --- a/scripts/conv_linker_config.py +++ b/scripts/conv_linker_config.py @@ -120,6 +120,37 @@ def Merge(args): f.write(pb.SerializeToString()) +def Validate(args): + if os.path.isdir(args.input): + config_file = os.path.join(args.input, 'etc/linker.config.pb') + if os.path.exists(config_file): + args.input = config_file + Validate(args) + # OK if there's no linker config file. + return + + if not os.path.isfile(args.input): + sys.exit(f"{args.input} is not a file") + + pb = linker_config_pb2.LinkerConfig() + with open(args.input, 'rb') as f: + pb.ParseFromString(f.read()) + + if args.type == 'apex': + # Shouldn't use provideLibs/requireLibs in APEX linker.config.pb + if getattr(pb, 'provideLibs'): + sys.exit(f'{args.input}: provideLibs is set. Use provideSharedLibs in apex_manifest') + if getattr(pb, 'requireLibs'): + sys.exit(f'{args.input}: requireLibs is set. Use requireSharedLibs in apex_manifest') + elif args.type == 'system': + if getattr(pb, 'visible'): + sys.exit(f'{args.input}: do not use visible, which is for APEX') + if getattr(pb, 'permittedPaths'): + sys.exit(f'{args.input}: do not use permittedPaths, which is for APEX') + else: + sys.exit(f'Unknown type: {args.type}') + + def GetArgParser(): parser = argparse.ArgumentParser() subparsers = parser.add_subparsers() @@ -227,6 +258,18 @@ def GetArgParser(): help='Linker configuration files to merge.') append.set_defaults(func=Merge) + validate = subparsers.add_parser('validate', help='Validate configuration') + validate.add_argument( + '--type', + required=True, + choices=['apex', 'system'], + help='Type of linker configuration') + validate.add_argument( + 'input', + help='Input can be a directory which has etc/linker.config.pb or a path' + ' to the linker config file') + validate.set_defaults(func=Validate) + return parser