From a6a3726ed273f105fd7dc994931066491b0d4fdd Mon Sep 17 00:00:00 2001 From: Inseob Kim Date: Tue, 12 Mar 2024 11:25:14 +0900 Subject: [PATCH] Check added types/attributes on freeze test too Without this check, a release build may accidentally include additional public types and attributes after "freeze". Also this adds a detailed error message for how to fix. Bug: 296875906 Test: manual Change-Id: Iabc6bc8c8616089207acfff8ec4f05445fe7b2b3 --- tests/sepolicy_freeze_test.py | 32 +++++++++++++++++++++++++++++--- 1 file changed, 29 insertions(+), 3 deletions(-) diff --git a/tests/sepolicy_freeze_test.py b/tests/sepolicy_freeze_test.py index 72c8fde33..f72340ab8 100644 --- a/tests/sepolicy_freeze_test.py +++ b/tests/sepolicy_freeze_test.py @@ -37,20 +37,46 @@ def do_main(): current_policy = mini_parser.MiniCilParser(options.current) prebuilt_policy = mini_parser.MiniCilParser(options.prebuilt) + current_policy.typeattributes = set(filter(lambda x: "base_typeattr_" not in x, + current_policy.typeattributes)) + prebuilt_policy.typeattributes = set(filter(lambda x: "base_typeattr_" not in x, + prebuilt_policy.typeattributes)) results = "" removed_types = prebuilt_policy.types - current_policy.types + added_types = current_policy.types - prebuilt_policy.types removed_attributes = prebuilt_policy.typeattributes - current_policy.typeattributes - removed_attributes = set(filter(lambda x: "base_typeattr_" not in x, removed_attributes)) + added_attributes = current_policy.typeattributes - prebuilt_policy.typeattributes if removed_types: results += "The following public types were removed:\n" + ", ".join(removed_types) + "\n" + if added_types: + results += "The following public types were added:\n" + ", ".join(added_types) + "\n" + if removed_attributes: results += "The following public attributes were removed:\n" + ", ".join(removed_attributes) + "\n" - if len(results) > 0: - sys.exit(results) + if added_attributes: + results += "The following public attributes were added:\n" + ", ".join(added_attributes) + "\n" + + if results: + sys.exit(f'''{results} +****************************** +You have tried to change system/sepolicy/public after vendor API freeze. +To make these errors go away, you have two choices: + 1. You can flag-guard types and attributes listed above, so they won't be + included to the release build. See examples of how to flag-guard them: + https://android-review.googlesource.com/2854391 + https://android-review.googlesource.com/2967637 + 2. You can update prebuilts by executing the following command: + $ cd $ANDROID_BUILD_TOP + $ cp -r system/sepolicy/public system/sepolicy/private \\ + system/sepolicy/prebuilts/api/$(get_build_var BOARD_API_LEVEL) + To submit the revised prebuilts to the main Android repository, + you will need approval. +****************************** +''') if __name__ == '__main__': do_main()