Merge "Revert^2 "Migrate contexts tests to Android.bp""

2022-02-16 04:23:47 +00:00 · 2022-02-16 04:23:47 +00:00 · 8817edcbb4
commit 8817edcbb4
parent ba8615a186 b5e235346e
5 changed files with 285 additions and 341 deletions
--- a/Android.mk
+++ b/Android.mk
@ -341,7 +341,6 @@ ifneq ($(PRODUCT_SEPOLICY_SPLIT),true)
 # The following files are only allowed for non-Treble devices.
 LOCAL_REQUIRED_MODULES += \
    sepolicy \
-    vendor_service_contexts \

 endif # ($(PRODUCT_SEPOLICY_SPLIT),true)

@ -501,6 +500,7 @@ LOCAL_REQUIRED_MODULES += \
    vendor_property_contexts_test \
    vendor_seapp_contexts \
    vendor_service_contexts \
+    vendor_service_contexts_test \
    vendor_hwservice_contexts \
    vendor_hwservice_contexts_test \
    vendor_bug_map \
@ -680,9 +680,6 @@ file_contexts.device.tmp :=
 file_contexts.local.tmp :=
 file_contexts.modules.tmp :=

-##################################
-include $(LOCAL_PATH)/contexts_tests.mk
-
 ##################################
 include $(CLEAR_VARS)

--- a/build/soong/selinux_contexts.go
+++ b/build/soong/selinux_contexts.go
@ -93,6 +93,11 @@ func init() {
 	android.RegisterModuleType("service_contexts", serviceFactory)
 	android.RegisterModuleType("keystore2_key_contexts", keystoreKeyFactory)
 	android.RegisterModuleType("seapp_contexts", seappFactory)
+
+	android.RegisterModuleType("file_contexts_test", fileContextsTestFactory)
+	android.RegisterModuleType("property_contexts_test", propertyContextsTestFactory)
+	android.RegisterModuleType("hwservice_contexts_test", hwserviceContextsTestFactory)
+	android.RegisterModuleType("service_contexts_test", serviceContextsTestFactory)
 }

 func (m *selinuxContextsModule) InstallInRoot() bool {
@ -499,3 +504,142 @@ func (m *selinuxContextsModule) OutputFiles(tag string) (android.Paths, error) {
 	}
 	return nil, fmt.Errorf("unsupported module reference tag %q", tag)
 }
+
+type contextsTestProperties struct {
+	// Contexts files to be tested.
+	Srcs []string `android:"path"`
+
+	// Precompiled sepolicy binary to be tesed together.
+	Sepolicy *string `android:"path"`
+}
+
+type contextsTestModule struct {
+	android.ModuleBase
+
+	// Name of the test tool. "checkfc" or "property_info_checker"
+	tool string
+
+	// Additional flags to be passed to the tool.
+	flags []string
+
+	properties    contextsTestProperties
+	testTimestamp android.ModuleOutPath
+}
+
+// checkfc parses a context file and checks for syntax errors.
+// If -s is specified, the service backend is used to verify binder services.
+// If -l is specified, the service backend is used to verify hwbinder services.
+// Otherwise, context_file is assumed to be a file_contexts file
+// If -e is specified, then the context_file is allowed to be empty.
+
+// file_contexts_test tests given file_contexts files with checkfc.
+func fileContextsTestFactory() android.Module {
+	m := &contextsTestModule{tool: "checkfc" /* no flags: file_contexts file check */}
+	m.AddProperties(&m.properties)
+	android.InitAndroidArchModule(m, android.DeviceSupported, android.MultilibCommon)
+	return m
+}
+
+// property_contexts_test tests given property_contexts files with property_info_checker.
+func propertyContextsTestFactory() android.Module {
+	m := &contextsTestModule{tool: "property_info_checker"}
+	m.AddProperties(&m.properties)
+	android.InitAndroidArchModule(m, android.DeviceSupported, android.MultilibCommon)
+	return m
+}
+
+// hwservice_contexts_test tests given hwservice_contexts files with checkfc.
+func hwserviceContextsTestFactory() android.Module {
+	m := &contextsTestModule{tool: "checkfc", flags: []string{"-e" /* allow empty */, "-l" /* hwbinder services */}}
+	m.AddProperties(&m.properties)
+	android.InitAndroidArchModule(m, android.DeviceSupported, android.MultilibCommon)
+	return m
+}
+
+// service_contexts_test tests given service_contexts files with checkfc.
+func serviceContextsTestFactory() android.Module {
+	// checkfc -s: service_contexts test
+	m := &contextsTestModule{tool: "checkfc", flags: []string{"-s" /* binder services */}}
+	m.AddProperties(&m.properties)
+	android.InitAndroidArchModule(m, android.DeviceSupported, android.MultilibCommon)
+	return m
+}
+
+func (m *contextsTestModule) GenerateAndroidBuildActions(ctx android.ModuleContext) {
+	tool := m.tool
+	if tool != "checkfc" && tool != "property_info_checker" {
+		panic(fmt.Errorf("%q: unknown tool name: %q", ctx.ModuleName(), tool))
+	}
+
+	if len(m.properties.Srcs) == 0 {
+		ctx.PropertyErrorf("srcs", "can't be empty")
+		return
+	}
+
+	if proptools.String(m.properties.Sepolicy) == "" {
+		ctx.PropertyErrorf("sepolicy", "can't be empty")
+		return
+	}
+
+	srcs := android.PathsForModuleSrc(ctx, m.properties.Srcs)
+	sepolicy := android.PathForModuleSrc(ctx, proptools.String(m.properties.Sepolicy))
+
+	rule := android.NewRuleBuilder(pctx, ctx)
+	rule.Command().BuiltTool(tool).
+		Flags(m.flags).
+		Input(sepolicy).
+		Inputs(srcs)
+
+	m.testTimestamp = android.PathForModuleOut(ctx, "timestamp")
+	rule.Command().Text("touch").Output(m.testTimestamp)
+	rule.Build("contexts_test", "running contexts test: "+ctx.ModuleName())
+}
+
+func (m *contextsTestModule) AndroidMkEntries() []android.AndroidMkEntries {
+	return []android.AndroidMkEntries{android.AndroidMkEntries{
+		Class: "FAKE",
+		// OutputFile is needed, even though BUILD_PHONY_PACKAGE doesn't use it.
+		// Without OutputFile this module won't be exported to Makefile.
+		OutputFile: android.OptionalPathForPath(m.testTimestamp),
+		Include:    "$(BUILD_PHONY_PACKAGE)",
+		ExtraEntries: []android.AndroidMkExtraEntriesFunc{
+			func(ctx android.AndroidMkExtraEntriesContext, entries *android.AndroidMkEntries) {
+				entries.SetString("LOCAL_ADDITIONAL_DEPENDENCIES", m.testTimestamp.String())
+			},
+		},
+	}}
+}
+
+// contextsTestModule implements ImageInterface to be able to include recovery_available contexts
+// modules as its sources.
+func (m *contextsTestModule) ImageMutatorBegin(ctx android.BaseModuleContext) {
+}
+
+func (m *contextsTestModule) CoreVariantNeeded(ctx android.BaseModuleContext) bool {
+	return true
+}
+
+func (m *contextsTestModule) RamdiskVariantNeeded(ctx android.BaseModuleContext) bool {
+	return false
+}
+
+func (m *contextsTestModule) VendorRamdiskVariantNeeded(ctx android.BaseModuleContext) bool {
+	return false
+}
+
+func (m *contextsTestModule) DebugRamdiskVariantNeeded(ctx android.BaseModuleContext) bool {
+	return false
+}
+
+func (m *contextsTestModule) RecoveryVariantNeeded(ctx android.BaseModuleContext) bool {
+	return false
+}
+
+func (m *contextsTestModule) ExtraImageVariations(ctx android.BaseModuleContext) []string {
+	return nil
+}
+
+func (m *contextsTestModule) SetImageVariation(ctx android.BaseModuleContext, variation string, module android.Module) {
+}
+
+var _ android.ImageInterface = (*contextsTestModule)(nil)
--- a/contexts/Android.bp
+++ b/contexts/Android.bp
@ -298,3 +298,137 @@ genrule {
    out: ["plat_seapp_neverallows"],
    cmd: "grep -ihe '^neverallow' $(in) > $(out) || true",
 }
+
+//////////////////////////////////
+// Run host-side test with contexts files and the sepolicy file
+file_contexts_test {
+    name: "plat_file_contexts_test",
+    srcs: [":plat_file_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+file_contexts_test {
+    name: "system_ext_file_contexts_test",
+    srcs: [":system_ext_file_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+file_contexts_test {
+    name: "product_file_contexts_test",
+    srcs: [":product_file_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+file_contexts_test {
+    name: "vendor_file_contexts_test",
+    srcs: [":vendor_file_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+file_contexts_test {
+    name: "odm_file_contexts_test",
+    srcs: [":odm_file_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+hwservice_contexts_test {
+    name: "plat_hwservice_contexts_test",
+    srcs: [":plat_hwservice_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+hwservice_contexts_test {
+    name: "system_ext_hwservice_contexts_test",
+    srcs: [":system_ext_hwservice_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+hwservice_contexts_test {
+    name: "product_hwservice_contexts_test",
+    srcs: [":product_hwservice_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+hwservice_contexts_test {
+    name: "vendor_hwservice_contexts_test",
+    srcs: [":vendor_hwservice_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+hwservice_contexts_test {
+    name: "odm_hwservice_contexts_test",
+    srcs: [":odm_hwservice_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+property_contexts_test {
+    name: "plat_property_contexts_test",
+    srcs: [":plat_property_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+property_contexts_test {
+    name: "system_ext_property_contexts_test",
+    srcs: [
+        ":plat_property_contexts",
+        ":system_ext_property_contexts",
+    ],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+property_contexts_test {
+    name: "product_property_contexts_test",
+    srcs: [
+        ":plat_property_contexts",
+        ":system_ext_property_contexts",
+        ":product_property_contexts",
+    ],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+property_contexts_test {
+    name: "vendor_property_contexts_test",
+    srcs: [
+        ":plat_property_contexts",
+        ":system_ext_property_contexts",
+        ":product_property_contexts",
+        ":vendor_property_contexts",
+    ],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+property_contexts_test {
+    name: "odm_property_contexts_test",
+    srcs: [
+        ":plat_property_contexts",
+        ":system_ext_property_contexts",
+        ":product_property_contexts",
+        ":vendor_property_contexts",
+        ":odm_property_contexts",
+    ],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+service_contexts_test {
+    name: "plat_service_contexts_test",
+    srcs: [":plat_service_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+service_contexts_test {
+    name: "system_ext_service_contexts_test",
+    srcs: [":system_ext_service_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+service_contexts_test {
+    name: "product_service_contexts_test",
+    srcs: [":product_service_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
+
+service_contexts_test {
+    name: "vendor_service_contexts_test",
+    srcs: [":vendor_service_contexts"],
+    sepolicy: ":precompiled_sepolicy",
+}
--- a/contexts_tests.mk
+++ b/contexts_tests.mk
@ -1,337 +0,0 @@
-# Copyright (C) 2019 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-include $(CLEAR_VARS)
-
-# TODO: move tests into Soong after refactoring sepolicy module (b/130693869)
-
-# Run host-side test with contexts files and the sepolicy file.
-# $(1): names of modules containing context files
-# $(2): path to the host tool
-# $(3): additional argument to be passed to the tool
-define run_contexts_test
-my_contexts := $(foreach m,$(1),$$(call intermediates-dir-for,ETC,$(m))/$(m))
-$$(LOCAL_BUILT_MODULE): PRIVATE_CONTEXTS := $$(my_contexts)
-$$(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $$(built_sepolicy)
-$$(LOCAL_BUILT_MODULE): $(2) $$(my_contexts) $$(built_sepolicy)
-	$$(hide) $$< $(3) $$(PRIVATE_SEPOLICY) $$(PRIVATE_CONTEXTS)
-	$$(hide) mkdir -p $$(dir $$@)
-	$$(hide) touch $$@
-my_contexts :=
-endef
-
-checkfc := $(HOST_OUT_EXECUTABLES)/checkfc
-property_info_checker := $(HOST_OUT_EXECUTABLES)/property_info_checker
-
-##################################
-LOCAL_MODULE := plat_file_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-$(eval $(call run_contexts_test, plat_file_contexts, $(checkfc),))
-
-##################################
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := system_ext_file_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, system_ext_file_contexts, $(checkfc),))
-
-##################################
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := product_file_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, product_file_contexts, $(checkfc),))
-
-##################################
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := vendor_file_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, vendor_file_contexts, $(checkfc),))
-
-##################################
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := odm_file_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, odm_file_contexts, $(checkfc),))
-
-##################################
-
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := plat_hwservice_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, plat_hwservice_contexts, $(checkfc), -e -l))
-
-##################################
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := system_ext_hwservice_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, system_ext_hwservice_contexts, $(checkfc), -e -l))
-
-##################################
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := product_hwservice_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, product_hwservice_contexts, $(checkfc), -e -l))
-
-##################################
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := vendor_hwservice_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, vendor_hwservice_contexts, $(checkfc), -e -l))
-
-##################################
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := odm_hwservice_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, odm_hwservice_contexts, $(checkfc), -e -l))
-
-##################################
-
-pc_modules := plat_property_contexts
-
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := plat_property_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, $(pc_modules), $(property_info_checker),))
-
-##################################
-
-ifdef HAS_SYSTEM_EXT_SEPOLICY_DIR
-
-pc_modules += system_ext_property_contexts
-
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := system_ext_property_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, $(pc_modules), $(property_info_checker),))
-
-endif
-
-##################################
-
-pc_modules += vendor_property_contexts
-
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := vendor_property_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, $(pc_modules), $(property_info_checker),))
-
-##################################
-
-ifdef BOARD_ODM_SEPOLICY_DIRS
-
-pc_modules += odm_property_contexts
-
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := odm_property_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, $(pc_modules), $(property_info_checker),))
-
-endif
-
-##################################
-
-ifdef HAS_PRODUCT_SEPOLICY_DIR
-
-pc_modules += product_property_contexts
-
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := product_property_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, $(pc_modules), $(property_info_checker),))
-
-endif
-
-pc_modules :=
-
-##################################
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := plat_service_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, plat_service_contexts, $(checkfc), -s))
-
-##################################
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := system_ext_service_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, system_ext_service_contexts, $(checkfc), -s))
-
-##################################
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := product_service_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, product_service_contexts, $(checkfc), -s))
-
-##################################
-# nonplat_service_contexts is only allowed on non-full-treble devices
-ifneq ($(PRODUCT_SEPOLICY_SPLIT),true)
-
-include $(CLEAR_VARS)
-
-LOCAL_MODULE := vendor_service_contexts_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-$(eval $(call run_contexts_test, vendor_service_contexts, $(checkfc), -s))
-
-endif
-
-checkfc :=
-property_info_checker :=
-run_contexts_test :=
--- a/tools/checkfc.c
+++ b/tools/checkfc.c
@ -171,6 +171,12 @@ static int validate(char **contextp)

    const char *type_name = sepol_context_get_type(ctx);

+    // Temporarily exempt hal_power_stats_vendor_service from the check.
+    // TODO(b/211953546): remove this
+    if (strcmp(type_name, "hal_power_stats_vendor_service") == 0) {
+        goto out;
+    }
+
    uint32_t len = ebitmap_length(&global_state.assert.set);
    if (len > 0) {
        res = !is_type_of_attribute_set(global_state.sepolicy.pdb, type_name,