From ef567215557e70ef6f68f6d615c43fb8dfdfd4ef Mon Sep 17 00:00:00 2001 From: Jiyong Park Date: Mon, 5 Dec 2022 14:06:47 +0900 Subject: [PATCH] Add permissive_domains_on_user_builds to se_policy_binary In Android, we don't allow any domain to be permissive in user builds. However, in Microdroid permissive domains should be allowed even in user builds because fully debuggable VMs (where adb root is supported) can be created there. This change adds a new property `permissive_domains_on_user_builds` to the `se_policy_binary` module as a controlled way of adding exceptions to the enforcement. Bug: 259729287 Test: m. This CL doesn't add any exception. Change-Id: I2ae240e92dfdeadd827f027534e3e11ce4534240 --- build/soong/policy.go | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/build/soong/policy.go b/build/soong/policy.go index 4161bb331..aea8e0961 100644 --- a/build/soong/policy.go +++ b/build/soong/policy.go @@ -456,6 +456,9 @@ type policyBinaryProperties struct { // Whether this module is directly installable to one of the partitions. Default is true Installable *bool + + // List of domains that are allowed to be in permissive mode on user builds. + Permissive_domains_on_user_builds []string } type policyBinary struct { @@ -512,11 +515,19 @@ func (c *policyBinary) GenerateAndroidBuildActions(ctx android.ModuleContext) { // permissive check is performed only in user build (not debuggable). if !ctx.Config().Debuggable() { permissiveDomains := android.PathForModuleOut(ctx, c.stem()+"_permissive") - rule.Command().BuiltTool("sepolicy-analyze"). + cmd := rule.Command().BuiltTool("sepolicy-analyze"). Input(bin). - Text("permissive"). - Text(" > "). - Output(permissiveDomains) + Text("permissive") + // Filter-out domains listed in permissive_domains_on_user_builds + allowedDomains := c.properties.Permissive_domains_on_user_builds + if len(allowedDomains) != 0 { + cmd.Text("| { grep -Fxv") + for _, d := range allowedDomains { + cmd.FlagWithArg("-e ", proptools.ShellEscape(d)) + } + cmd.Text(" || true; }") // no match doesn't fail the cmd + } + cmd.Text(" > ").Output(permissiveDomains) rule.Temporary(permissiveDomains) msg := `==========\n` +