From a058b569e4c7204a756ccb3fc4f23b17042a8f43 Mon Sep 17 00:00:00 2001 From: Sandeep Patil Date: Tue, 27 Dec 2016 15:10:48 -0800 Subject: [PATCH] service_context: split into platform and non-platform components. Bug: 33746484 Test: Successfully boot with original service and property contexts. Successfully boot with split serivce and property contexts. Change-Id: Ide67d37d85273c60b9e387e72fbeb87be6da306a Signed-off-by: Sandeep Patil --- Android.mk | 54 ++++++++++++++++++++++---------------- private/file_contexts | 3 ++- reqd_mask/service_contexts | 3 +++ 3 files changed, 36 insertions(+), 24 deletions(-) create mode 100644 reqd_mask/service_contexts diff --git a/Android.mk b/Android.mk index c32bf8422..269e66e7c 100644 --- a/Android.mk +++ b/Android.mk @@ -814,55 +814,62 @@ general_property_contexts.tmp := ################################## include $(CLEAR_VARS) -LOCAL_MODULE := service_contexts +LOCAL_MODULE := plat_service_contexts LOCAL_MODULE_CLASS := ETC LOCAL_MODULE_TAGS := optional +# TODO: Change module path to TARGET_SYSTEM_OUT after b/27805372 LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT) include $(BUILD_SYSTEM)/base_rules.mk -all_svc_files := $(call build_policy, service_contexts, $(PLAT_PRIVATE_POLICY) $(BOARD_SEPOLICY_DIRS)) -all_svcfiles_with_nl := $(call add_nl, $(all_svc_files), $(built_nl)) +plat_svcfiles := $(call build_policy, service_contexts, $(PLAT_PRIVATE_POLICY)) -service_contexts.tmp := $(intermediates)/service_contexts.tmp -$(service_contexts.tmp): PRIVATE_SVC_FILES := $(all_svcfiles_with_nl) -$(service_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS) -$(service_contexts.tmp): $(all_svcfiles_with_nl) +plat_service_contexts.tmp := $(intermediates)/plat_service_contexts.tmp +$(plat_service_contexts.tmp): PRIVATE_SVC_FILES := $(plat_svcfiles) +$(plat_service_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS) +$(plat_service_contexts.tmp): $(plat_svcfiles) @mkdir -p $(dir $@) $(hide) m4 -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_SVC_FILES) > $@ $(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_sepolicy) -$(LOCAL_BUILT_MODULE): $(service_contexts.tmp) $(built_sepolicy) $(HOST_OUT_EXECUTABLES)/checkfc $(ACP) +$(LOCAL_BUILT_MODULE): $(plat_service_contexts.tmp) $(built_sepolicy) $(HOST_OUT_EXECUTABLES)/checkfc $(ACP) @mkdir -p $(dir $@) sed -e 's/#.*$$//' -e '/^$$/d' $< > $@ $(HOST_OUT_EXECUTABLES)/checkfc -s $(PRIVATE_SEPOLICY) $@ -built_svc := $(LOCAL_BUILT_MODULE) -all_svc_files := -all_svcfiles_with_nl := -service_contexts.tmp := +built_plat_svc := $(LOCAL_BUILT_MODULE) +plat_svcfiles := +plat_service_contexts.tmp := ################################## include $(CLEAR_VARS) -LOCAL_MODULE := general_service_contexts +LOCAL_MODULE := nonplat_service_contexts LOCAL_MODULE_CLASS := ETC -LOCAL_MODULE_TAGS := tests +LOCAL_MODULE_TAGS := optional +# TODO: Change module path to TARGET_VENDOR_OUT after b/27805372 +LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT) include $(BUILD_SYSTEM)/base_rules.mk -general_service_contexts.tmp := $(intermediates)/general_service_contexts.tmp -$(general_service_contexts.tmp): $(addprefix $(PLAT_PRIVATE_POLICY)/, service_contexts) - @mkdir -p $(dir $@) - $(hide) m4 -s $< > $@ +nonplat_svcfiles := $(call build_policy, service_contexts, $(BOARD_SEPOLICY_DIRS) $(REQD_MASK_POLICY)) -$(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_general_sepolicy) -$(LOCAL_BUILT_MODULE): $(general_service_contexts.tmp) $(built_general_sepolicy) $(HOST_OUT_EXECUTABLES)/checkfc $(ACP) +nonplat_service_contexts.tmp := $(intermediates)/nonplat_service_contexts.tmp +$(nonplat_service_contexts.tmp): PRIVATE_SVC_FILES := $(nonplat_svcfiles) +$(nonplat_service_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS) +$(nonplat_service_contexts.tmp): $(nonplat_svcfiles) + @mkdir -p $(dir $@) + $(hide) m4 -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_SVC_FILES) > $@ + +$(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_sepolicy) +$(LOCAL_BUILT_MODULE): $(nonplat_service_contexts.tmp) $(built_sepolicy) $(HOST_OUT_EXECUTABLES)/checkfc $(ACP) @mkdir -p $(dir $@) sed -e 's/#.*$$//' -e '/^$$/d' $< > $@ $(hide) $(HOST_OUT_EXECUTABLES)/checkfc -s $(PRIVATE_SEPOLICY) $@ -general_service_contexts.tmp := +built_nonplat_svc := $(LOCAL_BUILT_MODULE) +nonplat_svcfiles := +nonplat_service_contexts.tmp := ################################## include $(CLEAR_VARS) @@ -936,7 +943,7 @@ LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT) include $(BUILD_SYSTEM)/base_rules.mk $(LOCAL_BUILT_MODULE): $(built_sepolicy) $(built_pc) $(built_plat_fc) \ -$(buit_nonplat_fc) $(built_plat_sc) $(built_nonplat_sc) $(built_svc) +$(buit_nonplat_fc) $(built_plat_sc) $(built_nonplat_sc) $(built_plat_svc) $(built_nonplat_svc) @mkdir -p $(dir $@) $(hide) echo -n $(BUILD_FINGERPRINT_FROM_FILE) > $@ @@ -954,7 +961,8 @@ built_pc := built_nonplat_sc := built_plat_sc := built_sepolicy := -built_svc := +built_plat_svc := +built_nonplat_svc := mapping_policy_nvr := mapping_policy_nvr.recovery := my_target_arch := diff --git a/private/file_contexts b/private/file_contexts index 450101614..90124b73d 100644 --- a/private/file_contexts +++ b/private/file_contexts @@ -46,7 +46,8 @@ /nonplat_seapp_contexts u:object_r:rootfs:s0 /plat_seapp_contexts u:object_r:rootfs:s0 /sepolicy u:object_r:rootfs:s0 -/service_contexts u:object_r:rootfs:s0 +/plat_service_contexts u:object_r:rootfs:s0 +/nonplat_service_contexts u:object_r:rootfs:s0 ########################## # Devices diff --git a/reqd_mask/service_contexts b/reqd_mask/service_contexts new file mode 100644 index 000000000..481967b9a --- /dev/null +++ b/reqd_mask/service_contexts @@ -0,0 +1,3 @@ +# empty service_contexts file - this file is used to generate an empty +# non-platform service_context for devices without any service_contexts +# customizations.