Merge "Remove compat test from treble sepolicy tests" am: 8e6b55a13d
am: 7e5a5e8b1f
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1985246 Change-Id: I4f27384fb7e79471f34b73e58a1978ad1311e42d
This commit is contained in:
commit
dd30d8381e
14 changed files with 10 additions and 22066 deletions
28
Android.mk
28
Android.mk
|
@ -532,33 +532,16 @@ include $(BUILD_PHONY_PACKAGE)
|
|||
# Policy files are now built with Android.bp. Grab them from intermediate.
|
||||
# See Android.bp for details of policy files.
|
||||
#
|
||||
reqd_policy_mask.cil := $(call intermediates-dir-for,ETC,reqd_policy_mask.cil)/reqd_policy_mask.cil
|
||||
|
||||
pub_policy.cil := $(call intermediates-dir-for,ETC,pub_policy.cil)/pub_policy.cil
|
||||
system_ext_pub_policy.cil := $(call intermediates-dir-for,ETC,system_ext_pub_policy.cil)/system_ext_pub_policy.cil
|
||||
plat_pub_policy.cil := $(call intermediates-dir-for,ETC,plat_pub_policy.cil)/plat_pub_policy.cil
|
||||
|
||||
built_plat_cil := $(call intermediates-dir-for,ETC,plat_sepolicy.cil)/plat_sepolicy.cil
|
||||
built_plat_mapping_cil := $(call intermediates-dir-for,ETC,plat_mapping_file)/plat_mapping_file
|
||||
|
||||
ifdef HAS_SYSTEM_EXT_SEPOLICY
|
||||
built_system_ext_cil := $(call intermediates-dir-for,ETC,system_ext_sepolicy.cil)/system_ext_sepolicy.cil
|
||||
built_system_ext_mapping_cil := $(call intermediates-dir-for,ETC,system_ext_mapping_file)/system_ext_mapping_file
|
||||
endif # ifdef HAS_SYSTEM_EXT_SEPOLICY
|
||||
|
||||
ifdef HAS_PRODUCT_SEPOLICY
|
||||
built_product_cil := $(call intermediates-dir-for,ETC,product_sepolicy.cil)/product_sepolicy.cil
|
||||
built_product_mapping_cil := $(call intermediates-dir-for,ETC,product_mapping_file)/product_mapping_file
|
||||
endif # ifdef HAS_PRODUCT_SEPOLICY
|
||||
|
||||
built_pub_vers_cil := $(call intermediates-dir-for,ETC,plat_pub_versioned.cil)/plat_pub_versioned.cil
|
||||
|
||||
built_vendor_cil := $(call intermediates-dir-for,ETC,vendor_sepolicy.cil)/vendor_sepolicy.cil
|
||||
|
||||
ifdef BOARD_ODM_SEPOLICY_DIRS
|
||||
built_odm_cil := $(call intermediates-dir-for,ETC,odm_sepolicy.cil)/odm_sepolicy.cil
|
||||
endif
|
||||
|
||||
built_sepolicy := $(call intermediates-dir-for,ETC,precompiled_sepolicy)/precompiled_sepolicy
|
||||
built_sepolicy_neverallows := $(call intermediates-dir-for,ETC,sepolicy_neverallows)/sepolicy_neverallows
|
||||
built_sepolicy_neverallows += $(call intermediates-dir-for,ETC,sepolicy_neverallows_vendor)/sepolicy_neverallows_vendor
|
||||
|
@ -782,12 +765,6 @@ build_policy :=
|
|||
built_plat_cil :=
|
||||
built_system_ext_cil :=
|
||||
built_product_cil :=
|
||||
built_pub_vers_cil :=
|
||||
built_plat_mapping_cil :=
|
||||
built_system_ext_mapping_cil :=
|
||||
built_product_mapping_cil :=
|
||||
built_vendor_cil :=
|
||||
built_odm_cil :=
|
||||
built_sepolicy :=
|
||||
built_sepolicy_neverallows :=
|
||||
built_plat_svc :=
|
||||
|
@ -795,12 +772,7 @@ built_vendor_svc :=
|
|||
treble_sysprop_neverallow :=
|
||||
enforce_sysprop_owner :=
|
||||
enforce_debugfs_restriction :=
|
||||
mapping_policy :=
|
||||
my_target_arch :=
|
||||
pub_policy.cil :=
|
||||
system_ext_pub_policy.cil :=
|
||||
plat_pub_policy.cil :=
|
||||
reqd_policy_mask.cil :=
|
||||
sepolicy_build_files :=
|
||||
sepolicy_build_cil_workaround_files :=
|
||||
with_asan :=
|
||||
|
|
|
@ -125,8 +125,13 @@ func (b *buildFiles) GenerateAndroidBuildActions(ctx android.ModuleContext) {
|
|||
b.srcs[".product_private_for_vendor"] = b.findSrcsInDirs(ctx, ctx.DeviceConfig().BoardProductPrivatePrebuiltDirs()...)
|
||||
}
|
||||
|
||||
// directories used for compat tests and Treble tests
|
||||
for _, ver := range ctx.DeviceConfig().PlatformSepolicyCompatVersions() {
|
||||
b.srcs[".plat_public_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.ModuleDir(), "prebuilts", "api", ver, "public"))
|
||||
b.srcs[".plat_private_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.ModuleDir(), "prebuilts", "api", ver, "private"))
|
||||
b.srcs[".system_ext_public_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.DeviceConfig().SystemExtSepolicyPrebuiltApiDir(), "prebuilts", "api", ver, "public"))
|
||||
b.srcs[".system_ext_private_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.DeviceConfig().SystemExtSepolicyPrebuiltApiDir(), "prebuilts", "api", ver, "private"))
|
||||
b.srcs[".product_public_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.DeviceConfig().ProductSepolicyPrebuiltApiDir(), "prebuilts", "api", ver, "public"))
|
||||
b.srcs[".product_private_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.DeviceConfig().ProductSepolicyPrebuiltApiDir(), "prebuilts", "api", ver, "private"))
|
||||
}
|
||||
}
|
||||
|
|
|
@ -154,6 +154,8 @@ func (f *compatTestModule) createPlatPubVersionedModule(ctx android.LoadHookCont
|
|||
}, &policyConfProperties{
|
||||
Srcs: []string{
|
||||
fmt.Sprintf(":se_build_files{.plat_public_%s}", ver),
|
||||
fmt.Sprintf(":se_build_files{.system_ext_public_%s}", ver),
|
||||
fmt.Sprintf(":se_build_files{.product_public_%s}", ver),
|
||||
":se_build_files{.reqd_mask}",
|
||||
},
|
||||
Installable: proptools.BoolPtr(false),
|
||||
|
|
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
File diff suppressed because it is too large
Load diff
|
@ -1 +0,0 @@
|
|||
;; empty stub
|
File diff suppressed because it is too large
Load diff
|
@ -1 +0,0 @@
|
|||
;; empty stub
|
File diff suppressed because it is too large
Load diff
|
@ -1 +0,0 @@
|
|||
;; empty stub
|
File diff suppressed because it is too large
Load diff
|
@ -1 +0,0 @@
|
|||
;; empty stub
|
|
@ -17,19 +17,11 @@ SYSTEM_EXT_PREBUILT_POLICY := $(BOARD_SYSTEM_EXT_PREBUILT_DIR)
|
|||
# BOARD_PRODUCT_PREBUILT_DIR can be set as product prebuilt dir in sepolicy
|
||||
# make file of the product partition.
|
||||
PRODUCT_PREBUILT_POLICY := $(BOARD_PRODUCT_PREBUILT_DIR)
|
||||
# BOARD_PLAT_PUB_VERSIONED_POLICY - path_to_plat_pub_versioned_of_vendor
|
||||
# plat_pub_versioned.cil should be in
|
||||
# $(BOARD_PLAT_PUB_VERSIONED_POLICY)/prebuilts/api/$(version) dir.
|
||||
# plat_pub_versioned.cil should have platform, system_ext and product sepolicies
|
||||
# similar to system/sepolicy/prebuilts/api/$(version/plat_pub_verioned.cil file.
|
||||
# In order to enable treble sepolicy tests for platform, system_ext and product
|
||||
# sepolicies SYSTEM_EXT_PREBUILT_POLICY , PRODUCT_PREBUILT_POLICY and
|
||||
# BOARD_PLAT_PUB_VERSIONED_POLICY should be set.
|
||||
IS_TREBLE_TEST_ENABLED_PARTNER := false
|
||||
ifeq ($(filter 26.0 27.0 28.0 29.0,$(version)),)
|
||||
ifneq (,$(BOARD_PLAT_PUB_VERSIONED_POLICY))
|
||||
ifneq (,$(SYSTEM_EXT_PREBUILT_POLICY)$(PRODUCT_PREBUILT_POLICY))
|
||||
IS_TREBLE_TEST_ENABLED_PARTNER := true
|
||||
endif # (,$(BOARD_PLAT_PUB_VERSIONED_POLICY))
|
||||
endif # (,$(SYSTEM_EXT_PREBUILT_POLICY)$(PRODUCT_PREBUILT_POLICY))
|
||||
endif # ($(filter 26.0 27.0 28.0 29.0,$(version)),)
|
||||
|
||||
include $(BUILD_SYSTEM)/base_rules.mk
|
||||
|
@ -90,14 +82,9 @@ $(call dist-for-goals,base-sepolicy-files-for-mapping,$(built_$(version)_plat_se
|
|||
|
||||
$(version)_plat_policy.conf :=
|
||||
|
||||
# $(version)_compat - the current plat_sepolicy.cil built with the compatibility file
|
||||
# targeting the $(version) SELinux release. This ensures that our policy will build
|
||||
# when used on a device that has non-platform policy targetting the $(version) release.
|
||||
$(version)_compat := $(intermediates)/$(version)_compat
|
||||
$(version)_mapping.cil := $(call intermediates-dir-for,ETC,plat_$(version).cil)/plat_$(version).cil
|
||||
$(version)_mapping.ignore.cil := \
|
||||
$(call intermediates-dir-for,ETC,$(version).ignore.cil)/$(version).ignore.cil
|
||||
$(version)_prebuilts_dir := $(LOCAL_PATH)/prebuilts/api/$(version)
|
||||
ifeq ($(IS_TREBLE_TEST_ENABLED_PARTNER),true)
|
||||
ifneq (,$(SYSTEM_EXT_PREBUILT_POLICY))
|
||||
$(version)_mapping.cil += \
|
||||
|
@ -111,29 +98,8 @@ $(version)_mapping.cil += \
|
|||
$(version)_mapping.ignore.cil += \
|
||||
$(call intermediates-dir-for,ETC,product_$(version).ignore.cil)/product_$(version).ignore.cil
|
||||
endif # (,$(PRODUCT_PREBUILT_POLICY))
|
||||
$(version)_prebuilts_dir := $(BOARD_PLAT_PUB_VERSIONED_POLICY)/prebuilts/api/$(version)
|
||||
endif #($(IS_TREBLE_TEST_ENABLED_PARTNER),true)
|
||||
|
||||
# vendor_sepolicy.cil and plat_pub_versioned.cil are the new design to replace
|
||||
# nonplat_sepolicy.cil.
|
||||
$(version)_vendor := $($(version)_prebuilts_dir)/vendor_sepolicy.cil \
|
||||
$($(version)_prebuilts_dir)/plat_pub_versioned.cil
|
||||
|
||||
cil_files := $(built_plat_cil)
|
||||
ifeq ($(IS_TREBLE_TEST_ENABLED_PARTNER),true)
|
||||
ifneq (,$(SYSTEM_EXT_PREBUILT_POLICY)
|
||||
cil_files += $(built_system_ext_cil)
|
||||
endif # (,$(SYSTEM_EXT_PREBUILT_POLICY)
|
||||
ifneq (,$(PRODUCT_PREBUILT_POLICY)
|
||||
cil_files += $(built_product_cil)
|
||||
endif # (,$(PRODUCT_PREBUILT_POLICY)
|
||||
endif # ($(IS_TREBLE_TEST_ENABLED_PARTNER),true)
|
||||
cil_files += $($(version)_mapping.cil) $($(version)_vendor)
|
||||
$($(version)_compat): PRIVATE_CIL_FILES := $(cil_files)
|
||||
$($(version)_compat): $(HOST_OUT_EXECUTABLES)/secilc $(cil_files)
|
||||
$(hide) $(HOST_OUT_EXECUTABLES)/secilc -m -M true -G -N -c $(POLICYVERS) \
|
||||
$(PRIVATE_CIL_FILES) -o $@ -f /dev/null
|
||||
|
||||
# $(version)_mapping.combined.cil - a combination of the mapping file used when
|
||||
# combining the current platform policy with nonplatform policy based on the
|
||||
# $(version) policy release and also a special ignored file that exists purely for
|
||||
|
@ -165,7 +131,7 @@ $(LOCAL_BUILT_MODULE): $(HOST_OUT_EXECUTABLES)/treble_sepolicy_tests \
|
|||
$(all_fc_files) $(built_sepolicy) \
|
||||
$(built_sepolicy_files) \
|
||||
$(public_cil_files) \
|
||||
$(built_$(version)_plat_sepolicy) $($(version)_compat) $($(version)_mapping.combined.cil)
|
||||
$(built_$(version)_plat_sepolicy) $($(version)_mapping.combined.cil)
|
||||
@mkdir -p $(dir $@)
|
||||
$(hide) $(HOST_OUT_EXECUTABLES)/treble_sepolicy_tests $(ALL_FC_ARGS) \
|
||||
-b $(PRIVATE_PLAT_SEPOLICY) -m $(PRIVATE_COMBINED_MAPPING) \
|
||||
|
@ -183,12 +149,9 @@ $(version)_PLAT_PRIVATE_POLICY :=
|
|||
built_sepolicy_files :=
|
||||
public_cil_files :=
|
||||
cil_files :=
|
||||
$(version)_compat :=
|
||||
$(version)_mapping.cil :=
|
||||
$(version)_mapping.combined.cil :=
|
||||
$(version)_mapping.ignore.cil :=
|
||||
$(version)_vendor :=
|
||||
$(version)_prebuilts_dir :=
|
||||
built_$(version)_plat_sepolicy :=
|
||||
version :=
|
||||
version_under_treble_tests :=
|
||||
|
|
Loading…
Reference in a new issue