tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/tests/sepolicy_freeze_test.py
Inseob Kim 36d9d39e6e Relax freeze_test to check only compatibility 
For now, freeze_test compares prebuilts against sources with diff, to
ensure that sources are identical to prebuilts. However, it could be the
case that the branch should be able to build both REL and ToT. In that
case, changes to the sources are inevitable and the freeze test will
fail.

To fix the issue, freeze_test will now only check compatibility. To be
specific, it will check if any public types or attributes are removed.
Contexts files and neverallow rules are not checked, but they may be
added later. Also to support the new freeze_test

- build_files module is changed to use glob (because REL version won't
  be in compat versions list)
- plat_pub_policy modules are added under prebuilts/api (because
  freeze_test needs that)

Bug: 296875906
Test: m selinux_policy
Change-Id: I39c40992965b98664facea3b760d9d6be1f6b87e
2023-09-05 03:37:18 +00:00

56 lines
2.1 KiB
Python
Raw Blame History

# Copyright 2023 The Android Open Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from optparse import OptionParser
import mini_parser
import os
import sys
def do_main():
usage = "sepolicy_freeze_test "
usage += "-c current_cil -p prebuilt_cil [--help]"
parser = OptionParser(usage=usage)
parser.add_option("-c", "--current", dest="current", metavar="FILE")
parser.add_option("-p", "--prebuilt", dest="prebuilt", metavar="FILE")
(options, args) = parser.parse_args()
if not options.current or not options.prebuilt:
sys.exit("Must specify both current and prebuilt\n" + parser.usage)
if not os.path.exists(options.current):
sys.exit("Current policy " + options.current + " does not exist\n"
+ parser.usage)
if not os.path.exists(options.prebuilt):
sys.exit("Prebuilt policy " + options.prebuilt + " does not exist\n"
+ parser.usage)
current_policy = mini_parser.MiniCilParser(options.current)
prebuilt_policy = mini_parser.MiniCilParser(options.prebuilt)
results = ""
removed_types = prebuilt_policy.types - current_policy.types
removed_attributes = prebuilt_policy.typeattributes - current_policy.typeattributes
removed_attributes = set(filter(lambda x: "base_typeattr_" not in x, removed_attributes))
if removed_types:
results += "The following public types were removed:\n" + ", ".join(removed_types) + "\n"
if removed_attributes:
results += "The following public attributes were removed:\n" + ", ".join(removed_attributes) + "\n"
if len(results) > 0:
sys.exit(results)
if __name__ == '__main__':
do_main()
Reference in a new issue View git blame Copy permalink