Otherwise we crash on a null pointer exception.
Test: Reference a non-existent type in test code and make sure
the test doesn't crash.
Change-Id: I5839d2740d51c0df7a8909a3f8430850ae1b2675
Types in sysfs should have the sysfs_type attribute, types in
debugfs and tracefs should have the debugfs_type attribute.
TODO: Test that files in procfs have the proc_type attribute.
TODO: Assert these tests in CTS.
Bug: 74182216
Test: build - these are build-time tests.
Change-Id: Icf0ff2a26c05f94da421ba23df0b92d8eef906bf
With project Treble, we're relying heavily on attributes for
permission inheritance and enforcement of separation between
platform and vendor components.
We neead tests that verify those attributes are correctly applied.
This change adds the framework for those tests including a wrapper
around libsepol for loading and querying policy, and a python module
for running tests on policy and file_contexts.
Included with the testing framework is a test asserting that the
coredomain attribute is only applied to core processes. This
verification is done using the following rules:
1. Domain's entrypoint is on /system - coredomain
2. Domain's entrypoint is on /vendor - not coredomain
3. Domain belongs to a whitelist of known coredomains - coredomain
In a subsequent commit these tests will be applied at build time.
However, I first need to fix existing Treble violations exposed by
this test. These tests will also be applied during CTS.
Test: LD_PRELOAD=$ANDROID_HOST_OUT/lib64/libsepolwrap.so python \
treble.py -p $OUT/vendor/etc/selinux/precompiled_sepolicy \
-f $OUT/vendor/etc/selinux/nonplat_file_contexts \
-f $OUT/system/etc/selinux/plat_file_contexts
Bug: 37008075
Change-Id: I7825f5c2909a5801deaccf2bef2bfd227adb0ae9
(cherry picked from commit 0366afdf14)
