Commit graph

4 commits

Author SHA1 Message Date
Felix
0d6864aebd build/file_utils: Newline for mapping files
Previous behaviour:
Test: Set `PRODUCT_PUBLIC_SEPOLICY_DIRS`, causing
      `product_sepolicy.cil` and `product_mapping_file` to
      be generated. Do not use any `type` declarations that
      would require a mapping in product sepolicy, e.g. only
      define macros.
      Run `make selinux_policy`, observe error:
```
FAILED: out/target/product/mydevice/obj/ETC/plat_pub_versioned.cil_intermediates/plat_pub_versioned.cil
/bin/bash -c "(out/host/linux-x86/bin/version_policy -b out/target/product/mydevice/obj/FAKE/sepolicy_neverallows_intermediates/pub_policy.cil -t out/target/product/mydevice/obj/FAKE/sepolicy_neverallows_intermediates/pub_policy.cil -n 10000.0 -o out/target/product/mydevice/obj/ETC/plat_pub_versioned.cil_intermediates/plat_pub_versioned.cil ) && (out/host/linux-x86/bin/secilc -m -M true -G -N -c 30 		out/target/product/mydevice/obj/ETC/plat_sepolicy.cil_intermediates/plat_sepolicy.cil  out/target/product/mydevice/obj/ETC/product_sepolicy.cil_intermediates/product_sepolicy.cil out/target/product/mydevice/obj/ETC/plat_mapping_file_intermediates/10000.0.cil  out/target/product/mydevice/obj/ETC/product_mapping_file_intermediates/10000.0.cil out/target/product/mydevice/obj/ETC/plat_pub_versioned.cil_intermediates/plat_pub_versioned.cil -o /dev/null -f /dev/null )"
Failure reading file: out/target/product/mydevice/obj/ETC/product_mapping_file_intermediates/10000.0.cil
```
This is caused by `secilc.c` trying to read the empty file:
```
rc = fread(buffer, file_size, 1, file);
```

Fix: Append a newline to make sure any file processed by
`filter_out` is still readable by secilc.

After:
Test: `make selinux_policy` with same preconditions.

Signed-off-by: Felix <google@ix5.org>
Change-Id: I6dcfcccdfa83121bbdc09632f7a2b609ef932fc9
2020-03-31 17:56:49 +02:00
Bowgo Tsai
741a70a058 Using a python script to build sepolicy
Current sepolicy CIL files are built by several command-line tools
in Android.mk. This change extracts some of the build logic into a
python script to relief the effort in Android.mk.

The first command is `build_sepolicy build_cil`. It's possible to add
more sub-commands under the build_sepolicy script in the future.

Bug: 64240127
Test: build bullhead/taimen
Change-Id: Ie0ae4fc5256a550c72954cde5d5dd213a22d159a
2018-02-05 18:22:12 +08:00
Bowgo Tsai
d0cbb90509 Revert "Using a python script to build sepolicy"
This reverts commit 3506ad3f31.
Fix angler/bullhead boot failure.

Bug: 72787689
Test: build
2018-02-02 08:00:38 +08:00
Bowgo Tsai
3506ad3f31 Using a python script to build sepolicy
Current sepolicy CIL files are built by several command-line tools
in Android.mk. This change extracts some of the build logic into a
python script to relief the effort in Android.mk.

The first command is `build_sepolicy build_cil`. It's possible to add
more sub-commands under the build_sepolicy script in the future.

Bug: 64240127
Test: build and boot a device
Test: checks the content of $OUT/vendor/etc/selinux/vendor_sepolicy.cil
      is the same as before
Change-Id: I0b64f1088f413172e97b579b4f7799fa392762df
2018-01-31 14:37:47 +08:00