From baa93cc651227cf92760545d5283b021b853a774 Mon Sep 17 00:00:00 2001
From: Inseob Kim <inseob@google.com>
Date: Fri, 14 Jan 2022 06:13:28 +0000
Subject: [PATCH] Revert "Migrate contexts tests to Android.bp"

This reverts commit f612656adfe4e7175cad26385207bddeef65fc3f.

Reason for revert: breaking amlogic build

Change-Id: I129b5cb74259c9c028483e84c9b2ac3597c24701
---
 Android.mk                      |   5 +-
 build/soong/selinux_contexts.go | 144 --------------
 contexts/Android.bp             | 134 -------------
 contexts_tests.mk               | 337 ++++++++++++++++++++++++++++++++
 tools/checkfc.c                 |   6 -
 5 files changed, 341 insertions(+), 285 deletions(-)
 create mode 100644 contexts_tests.mk

diff --git a/Android.mk b/Android.mk
index b8ad3ca2f..361c7c422 100644
--- a/Android.mk
+++ b/Android.mk
@@ -341,6 +341,7 @@ ifneq ($(PRODUCT_SEPOLICY_SPLIT),true)
 # The following files are only allowed for non-Treble devices.
 LOCAL_REQUIRED_MODULES += \
     sepolicy \
+    vendor_service_contexts \
 
 endif # ($(PRODUCT_SEPOLICY_SPLIT),true)
 
@@ -499,7 +500,6 @@ LOCAL_REQUIRED_MODULES += \
     vendor_property_contexts_test \
     vendor_seapp_contexts \
     vendor_service_contexts \
-    vendor_service_contexts_test \
     vendor_hwservice_contexts \
     vendor_hwservice_contexts_test \
     vendor_bug_map \
@@ -679,6 +679,9 @@ file_contexts.device.tmp :=
 file_contexts.local.tmp :=
 file_contexts.modules.tmp :=
 
+##################################
+include $(LOCAL_PATH)/contexts_tests.mk
+
 ##################################
 include $(CLEAR_VARS)
 
diff --git a/build/soong/selinux_contexts.go b/build/soong/selinux_contexts.go
index 7424001b8..c55fba2bd 100644
--- a/build/soong/selinux_contexts.go
+++ b/build/soong/selinux_contexts.go
@@ -93,11 +93,6 @@ func init() {
 	android.RegisterModuleType("service_contexts", serviceFactory)
 	android.RegisterModuleType("keystore2_key_contexts", keystoreKeyFactory)
 	android.RegisterModuleType("seapp_contexts", seappFactory)
-
-	android.RegisterModuleType("file_contexts_test", fileContextsTestFactory)
-	android.RegisterModuleType("property_contexts_test", propertyContextsTestFactory)
-	android.RegisterModuleType("hwservice_contexts_test", hwserviceContextsTestFactory)
-	android.RegisterModuleType("service_contexts_test", serviceContextsTestFactory)
 }
 
 func (m *selinuxContextsModule) InstallInRoot() bool {
@@ -504,142 +499,3 @@ func (m *selinuxContextsModule) OutputFiles(tag string) (android.Paths, error) {
 	}
 	return nil, fmt.Errorf("unsupported module reference tag %q", tag)
 }
-
-type contextsTestProperties struct {
-	// Contexts files to be tested.
-	Srcs []string `android:"path"`
-
-	// Precompiled sepolicy binary to be tesed together.
-	Sepolicy *string `android:"path"`
-}
-
-type contextsTestModule struct {
-	android.ModuleBase
-
-	// Name of the test tool. "checkfc" or "property_info_checker"
-	tool string
-
-	// Additional flags to be passed to the tool.
-	flags []string
-
-	properties    contextsTestProperties
-	testTimestamp android.ModuleOutPath
-}
-
-// checkfc parses a context file and checks for syntax errors.
-// If -s is specified, the service backend is used to verify binder services.
-// If -l is specified, the service backend is used to verify hwbinder services.
-// Otherwise, context_file is assumed to be a file_contexts file
-// If -e is specified, then the context_file is allowed to be empty.
-
-// file_contexts_test tests given file_contexts files with checkfc.
-func fileContextsTestFactory() android.Module {
-	m := &contextsTestModule{tool: "checkfc" /* no flags: file_contexts file check */}
-	m.AddProperties(&m.properties)
-	android.InitAndroidArchModule(m, android.DeviceSupported, android.MultilibCommon)
-	return m
-}
-
-// property_contexts_test tests given property_contexts files with property_info_checker.
-func propertyContextsTestFactory() android.Module {
-	m := &contextsTestModule{tool: "property_info_checker"}
-	m.AddProperties(&m.properties)
-	android.InitAndroidArchModule(m, android.DeviceSupported, android.MultilibCommon)
-	return m
-}
-
-// hwservice_contexts_test tests given hwservice_contexts files with checkfc.
-func hwserviceContextsTestFactory() android.Module {
-	m := &contextsTestModule{tool: "checkfc", flags: []string{"-e" /* allow empty */, "-l" /* hwbinder services */}}
-	m.AddProperties(&m.properties)
-	android.InitAndroidArchModule(m, android.DeviceSupported, android.MultilibCommon)
-	return m
-}
-
-// service_contexts_test tests given service_contexts files with checkfc.
-func serviceContextsTestFactory() android.Module {
-	// checkfc -s: service_contexts test
-	m := &contextsTestModule{tool: "checkfc", flags: []string{"-s" /* binder services */}}
-	m.AddProperties(&m.properties)
-	android.InitAndroidArchModule(m, android.DeviceSupported, android.MultilibCommon)
-	return m
-}
-
-func (m *contextsTestModule) GenerateAndroidBuildActions(ctx android.ModuleContext) {
-	tool := m.tool
-	if tool != "checkfc" && tool != "property_info_checker" {
-		panic(fmt.Errorf("%q: unknown tool name: %q", ctx.ModuleName(), tool))
-	}
-
-	if len(m.properties.Srcs) == 0 {
-		ctx.PropertyErrorf("srcs", "can't be empty")
-		return
-	}
-
-	if proptools.String(m.properties.Sepolicy) == "" {
-		ctx.PropertyErrorf("sepolicy", "can't be empty")
-		return
-	}
-
-	srcs := android.PathsForModuleSrc(ctx, m.properties.Srcs)
-	sepolicy := android.PathForModuleSrc(ctx, proptools.String(m.properties.Sepolicy))
-
-	rule := android.NewRuleBuilder(pctx, ctx)
-	rule.Command().BuiltTool(tool).
-		Flags(m.flags).
-		Input(sepolicy).
-		Inputs(srcs)
-
-	m.testTimestamp = android.PathForModuleOut(ctx, "timestamp")
-	rule.Command().Text("touch").Output(m.testTimestamp)
-	rule.Build("contexts_test", "running contexts test: "+ctx.ModuleName())
-}
-
-func (m *contextsTestModule) AndroidMkEntries() []android.AndroidMkEntries {
-	return []android.AndroidMkEntries{android.AndroidMkEntries{
-		Class: "FAKE",
-		// OutputFile is needed, even though BUILD_PHONY_PACKAGE doesn't use it.
-		// Without OutputFile this module won't be exported to Makefile.
-		OutputFile: android.OptionalPathForPath(m.testTimestamp),
-		Include:    "$(BUILD_PHONY_PACKAGE)",
-		ExtraEntries: []android.AndroidMkExtraEntriesFunc{
-			func(ctx android.AndroidMkExtraEntriesContext, entries *android.AndroidMkEntries) {
-				entries.SetString("LOCAL_ADDITIONAL_DEPENDENCIES", m.testTimestamp.String())
-			},
-		},
-	}}
-}
-
-// contextsTestModule implements ImageInterface to be able to include recovery_available contexts
-// modules as its sources.
-func (m *contextsTestModule) ImageMutatorBegin(ctx android.BaseModuleContext) {
-}
-
-func (m *contextsTestModule) CoreVariantNeeded(ctx android.BaseModuleContext) bool {
-	return true
-}
-
-func (m *contextsTestModule) RamdiskVariantNeeded(ctx android.BaseModuleContext) bool {
-	return false
-}
-
-func (m *contextsTestModule) VendorRamdiskVariantNeeded(ctx android.BaseModuleContext) bool {
-	return false
-}
-
-func (m *contextsTestModule) DebugRamdiskVariantNeeded(ctx android.BaseModuleContext) bool {
-	return false
-}
-
-func (m *contextsTestModule) RecoveryVariantNeeded(ctx android.BaseModuleContext) bool {
-	return false
-}
-
-func (m *contextsTestModule) ExtraImageVariations(ctx android.BaseModuleContext) []string {
-	return nil
-}
-
-func (m *contextsTestModule) SetImageVariation(ctx android.BaseModuleContext, variation string, module android.Module) {
-}
-
-var _ android.ImageInterface = (*contextsTestModule)(nil)
diff --git a/contexts/Android.bp b/contexts/Android.bp
index 3062a6160..1dc710a26 100644
--- a/contexts/Android.bp
+++ b/contexts/Android.bp
@@ -298,137 +298,3 @@ genrule {
     out: ["plat_seapp_neverallows"],
     cmd: "grep -ihe '^neverallow' $(in) > $(out) || true",
 }
-
-//////////////////////////////////
-// Run host-side test with contexts files and the sepolicy file
-file_contexts_test {
-    name: "plat_file_contexts_test",
-    srcs: [":plat_file_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-file_contexts_test {
-    name: "system_ext_file_contexts_test",
-    srcs: [":system_ext_file_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-file_contexts_test {
-    name: "product_file_contexts_test",
-    srcs: [":product_file_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-file_contexts_test {
-    name: "vendor_file_contexts_test",
-    srcs: [":vendor_file_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-file_contexts_test {
-    name: "odm_file_contexts_test",
-    srcs: [":odm_file_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-hwservice_contexts_test {
-    name: "plat_hwservice_contexts_test",
-    srcs: [":plat_hwservice_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-hwservice_contexts_test {
-    name: "system_ext_hwservice_contexts_test",
-    srcs: [":system_ext_hwservice_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-hwservice_contexts_test {
-    name: "product_hwservice_contexts_test",
-    srcs: [":product_hwservice_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-hwservice_contexts_test {
-    name: "vendor_hwservice_contexts_test",
-    srcs: [":vendor_hwservice_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-hwservice_contexts_test {
-    name: "odm_hwservice_contexts_test",
-    srcs: [":odm_hwservice_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-property_contexts_test {
-    name: "plat_property_contexts_test",
-    srcs: [":plat_property_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-property_contexts_test {
-    name: "system_ext_property_contexts_test",
-    srcs: [
-        ":plat_property_contexts",
-        ":system_ext_property_contexts",
-    ],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-property_contexts_test {
-    name: "product_property_contexts_test",
-    srcs: [
-        ":plat_property_contexts",
-        ":system_ext_property_contexts",
-        ":product_property_contexts",
-    ],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-property_contexts_test {
-    name: "vendor_property_contexts_test",
-    srcs: [
-        ":plat_property_contexts",
-        ":system_ext_property_contexts",
-        ":product_property_contexts",
-        ":vendor_property_contexts",
-    ],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-property_contexts_test {
-    name: "odm_property_contexts_test",
-    srcs: [
-        ":plat_property_contexts",
-        ":system_ext_property_contexts",
-        ":product_property_contexts",
-        ":vendor_property_contexts",
-        ":odm_property_contexts",
-    ],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-service_contexts_test {
-    name: "plat_service_contexts_test",
-    srcs: [":plat_service_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-service_contexts_test {
-    name: "system_ext_service_contexts_test",
-    srcs: [":system_ext_service_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-service_contexts_test {
-    name: "product_service_contexts_test",
-    srcs: [":product_service_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
-
-service_contexts_test {
-    name: "vendor_service_contexts_test",
-    srcs: [":vendor_service_contexts"],
-    sepolicy: ":precompiled_sepolicy",
-}
diff --git a/contexts_tests.mk b/contexts_tests.mk
new file mode 100644
index 000000000..1189b831c
--- /dev/null
+++ b/contexts_tests.mk
@@ -0,0 +1,337 @@
+# Copyright (C) 2019 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+include $(CLEAR_VARS)
+
+# TODO: move tests into Soong after refactoring sepolicy module (b/130693869)
+
+# Run host-side test with contexts files and the sepolicy file.
+# $(1): names of modules containing context files
+# $(2): path to the host tool
+# $(3): additional argument to be passed to the tool
+define run_contexts_test
+my_contexts := $(foreach m,$(1),$$(call intermediates-dir-for,ETC,$(m))/$(m))
+$$(LOCAL_BUILT_MODULE): PRIVATE_CONTEXTS := $$(my_contexts)
+$$(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $$(built_sepolicy)
+$$(LOCAL_BUILT_MODULE): $(2) $$(my_contexts) $$(built_sepolicy)
+	$$(hide) $$< $(3) $$(PRIVATE_SEPOLICY) $$(PRIVATE_CONTEXTS)
+	$$(hide) mkdir -p $$(dir $$@)
+	$$(hide) touch $$@
+my_contexts :=
+endef
+
+checkfc := $(HOST_OUT_EXECUTABLES)/checkfc
+property_info_checker := $(HOST_OUT_EXECUTABLES)/property_info_checker
+
+##################################
+LOCAL_MODULE := plat_file_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+$(eval $(call run_contexts_test, plat_file_contexts, $(checkfc),))
+
+##################################
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := system_ext_file_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, system_ext_file_contexts, $(checkfc),))
+
+##################################
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := product_file_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, product_file_contexts, $(checkfc),))
+
+##################################
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := vendor_file_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, vendor_file_contexts, $(checkfc),))
+
+##################################
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := odm_file_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, odm_file_contexts, $(checkfc),))
+
+##################################
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := plat_hwservice_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, plat_hwservice_contexts, $(checkfc), -e -l))
+
+##################################
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := system_ext_hwservice_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, system_ext_hwservice_contexts, $(checkfc), -e -l))
+
+##################################
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := product_hwservice_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, product_hwservice_contexts, $(checkfc), -e -l))
+
+##################################
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := vendor_hwservice_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, vendor_hwservice_contexts, $(checkfc), -e -l))
+
+##################################
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := odm_hwservice_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, odm_hwservice_contexts, $(checkfc), -e -l))
+
+##################################
+
+pc_modules := plat_property_contexts
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := plat_property_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, $(pc_modules), $(property_info_checker),))
+
+##################################
+
+ifdef HAS_SYSTEM_EXT_SEPOLICY_DIR
+
+pc_modules += system_ext_property_contexts
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := system_ext_property_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, $(pc_modules), $(property_info_checker),))
+
+endif
+
+##################################
+
+pc_modules += vendor_property_contexts
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := vendor_property_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, $(pc_modules), $(property_info_checker),))
+
+##################################
+
+ifdef BOARD_ODM_SEPOLICY_DIRS
+
+pc_modules += odm_property_contexts
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := odm_property_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, $(pc_modules), $(property_info_checker),))
+
+endif
+
+##################################
+
+ifdef HAS_PRODUCT_SEPOLICY_DIR
+
+pc_modules += product_property_contexts
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := product_property_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, $(pc_modules), $(property_info_checker),))
+
+endif
+
+pc_modules :=
+
+##################################
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := plat_service_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, plat_service_contexts, $(checkfc), -s))
+
+##################################
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := system_ext_service_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, system_ext_service_contexts, $(checkfc), -s))
+
+##################################
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := product_service_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, product_service_contexts, $(checkfc), -s))
+
+##################################
+# nonplat_service_contexts is only allowed on non-full-treble devices
+ifneq ($(PRODUCT_SEPOLICY_SPLIT),true)
+
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := vendor_service_contexts_test
+LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
+LOCAL_LICENSE_CONDITIONS := notice unencumbered
+LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, vendor_service_contexts, $(checkfc), -s))
+
+endif
+
+checkfc :=
+property_info_checker :=
+run_contexts_test :=
diff --git a/tools/checkfc.c b/tools/checkfc.c
index 83c631ec5..9cbd912f0 100644
--- a/tools/checkfc.c
+++ b/tools/checkfc.c
@@ -171,12 +171,6 @@ static int validate(char **contextp)
 
     const char *type_name = sepol_context_get_type(ctx);
 
-    // Temporarily exempt hal_power_stats_vendor_service from the check.
-    // TODO(b/211953546): remove this
-    if (strcmp(type_name, "hal_power_stats_vendor_service") == 0) {
-        goto out;
-    }
-
     uint32_t len = ebitmap_length(&global_state.assert.set);
     if (len > 0) {
         res = !is_type_of_attribute_set(global_state.sepolicy.pdb, type_name,