Because Go command line tooling assumes *_test.go files are tests and
not package sources.
Test: build
Change-Id: Ie332b89140b93c4ea448009cafa2556ef888497c
A new module type se_neverallow_test is added, to migrate
sepolicy_neverallow modules. se_neverallow_test is affected by
SELINUX_IGNORE_NEVERALLOWS.
Bug: 33691272
Test: m selinux_policy
Test: intentionally create neverallow violations and m selinux_policy
Change-Id: I1582353f99f064ff78f3c547a0c13f2b772d54df
plat_sepolicy_vers.txt stores the version of vendor policy. This change
adds sepolicy_vers module to migrate plat_sepolicy_vers.txt to
Android.bp.
- Device's plat_sepolicy_vers: should be BOARD_SEPOLICY_VERS
- Microdroid's plat_sepolicy_vers: should be PLATFORM_SEPOLICY_VERSION
because all microdroid artifacts are bound to platform
Bug: 33691272
Test: boot device && boot microdroid
Change-Id: Ida293e1cb785b44fa1d01543d52d3f8e15b055c2
Installs backwards compatibility cil files.
Bug: 183362912
Test: Presubmit
Test: Add a $(ver).compat.cil under SYSTEM_EXT_PRIVATE_SEPOLICY_DIR and
verify the file is installed under /system_ext/etc/selinux/mapping/
Change-Id: I5e2c6b8dfa8df431edfe96f29daae463b130367f
This adds a new soong module that transforms selinux policy files to
policy.conf file. It uses m4 macro with various variables, and replaces
transform-policy-to-conf macro in system/sepolicy/definitions.mk.
The module will be used when building:
- policy cil files shipped to the device
- CTS tests that needs general_policy.conf
Bug: 33691272
Test: try building se_policy_conf with se_build_files
Change-Id: Ie1082a8193c2205992b425509b9d5bfa4b495b2f
se_build_files module globs given srcs from sepolicy directories and
acts as a filegroup with the following tags, which can be used to build
system side policy files.
- plat
- plat_public
- system_ext
- system_ext_public
- product
- product_public
- reqd_mask
se_build_files module acts like the build_policy macro in Android.mk.
Normal genrule module can't easily handle that, because both file order
and directory order matter.
Support for vendor/odm is to be added in the future.
Bug: 33691272
Test: inspect se_build_files with above tags and compare it to ninja
Change-Id: Id7c57b01c78fc14ac5e8eeeb074a6fc21d271e84
sysprop type checker compares a sysprop_library API file and
property_contexts files, and detects if there are any mismatches of
property types. For example, the following snippets are detected.
// foo.sysprop
prop {
prop_name: "ro.foo.bar"
type: Integer
...
}
// property_contexts
ro.foo.bar u:object_r:foo_prop:s0 exact string
"ro.foo.bar" is an Integer in .sysprop file, but it's a string in
property_contexts file.
Bug: 151879375
Test: sysprop_test
Test: run "m PlatformProperties" and see existing mismatches.
Change-Id: Ieb9965d14b8c90cfc730c3d20d95a28ecaabeba4
This is to migrate sepolicy Makefiles into Soong. For the first part,
file_contexts, hwservice_contexts, property_contexts, and
service_contexts are migrated. Build-time tests for contexts files are
still in Makefile; they will also be done with Soong after porting the
module sepolicy.
The motivation of migrating is based on generating property_contexts
dynamically: if we were to amend contexts files at build time in the
future, it would be nicer to manage them in Soong. To do that, building
contexts files with Soong can be very helpful.
Bug: 127949646
Bug: 129377144
Test: 1) Build blueline-userdebug, flash, and boot.
Test: 2) Build blueline-userdebug with TARGET_FLATTEN_APEX=true, flash,
and boot.
Test: 3) Build aosp_arm-userdebug.
Change-Id: I576f6f20686f6f2121204f76657274696d652121
se_filegroup is used to export selinux files from board-specific
directories (e.g. device/google/wahoo/sepolicy).
Use se_filegroup module to export partner extension of compatibility
mapping to build logic in system/sepolicy.
Bug: 33691272
Bug: 74669108
Test: .cil mapping files can be correctly added from vendor directory.
Change-Id: Iaa2a95d0e326cb03a478fc12c1a14ba40e57e117
And migrate 26.0.cil and 27.0.cil build targets from Android.mk to
Android.bp
Bug: 33691272
Test: 26.0.cil and 27.0.cil mapping files on the device are unchanged.
Change-Id: Id0ea45c149e096996bc0657615ea98915df3c9e1
