Gitiles
Code Review Sign In
gerrit.omnirom.org / android_build_soong / 7195b065b61af4c82fa4e45fc0d9783d1a01ac53^! / . / android
commit7195b065b61af4c82fa4e45fc0d9783d1a01ac53[log] [tgz]
authorInseob Kim <inseob@google.com>Fri Nov 29 15:40:49 2024 +0900
committerInseob Kim <inseob@google.com>Tue Dec 03 13:55:24 2024 +0900
tree51ff29b834d602ffe2d6d1938f7f0816866b7cc2
parentb385f9eb529c9a308711b43990c12e1ca185d234 [diff]
Add property for incremental nsjail genrules

Normally genrule sandboxes run the build command in a clean state.
Setting keep_gendir as true, along with use_nsjail, will keep $(genDir)
so the genrule can be incrementally built.

Bug: 381459587
Test: build with and without the flag
Change-Id: I07bbea965f7b644ee8c8d2ead5b6abdd1f0c9aa6

diff --git a/android/neverallow.go b/android/neverallow.go
index 7f7ffa7..1213704 100644
--- a/android/neverallow.go
+++ b/android/neverallow.go

@@ -282,7 +282,7 @@
 }
 
 func createLimitDirgroupRule() []Rule {
-	reason := "dirgroup module and dir_srcs property of genrule is allowed only to Trusty build rule."
+	reason := "dirgroup module and dir_srcs / keep_gendir property of genrule is allowed only to Trusty build rule."
 	return []Rule{
 		NeverAllow().
 			ModuleType("dirgroup").
@@ -297,6 +297,13 @@
 			Without("name", "trusty-x86_64.lk.elf.gen").
 			Without("name", "trusty-x86_64-test.lk.elf.gen").
 			WithMatcher("dir_srcs", isSetMatcherInstance).Because(reason),
+		NeverAllow().
+			ModuleType("genrule").
+			Without("name", "trusty-arm64.lk.elf.gen").
+			Without("name", "trusty-arm64-virt-test-debug.lk.elf.gen").
+			Without("name", "trusty-x86_64.lk.elf.gen").
+			Without("name", "trusty-x86_64-test.lk.elf.gen").
+			With("keep_gendir", "true").Because(reason),
 	}
 }
 

diff --git a/android/rule_builder.go b/android/rule_builder.go
index 83f8b99..0df4357 100644
--- a/android/rule_builder.go
+++ b/android/rule_builder.go

@@ -63,6 +63,7 @@
 	missingDeps      []string
 	args             map[string]string
 	nsjail           bool
+	nsjailKeepGendir bool
 	nsjailBasePath   WritablePath
 	nsjailImplicits  Paths
 }
@@ -208,6 +209,18 @@
 	return r
 }
 
+// By default, nsjail rules truncate outputDir and baseDir before running commands, similar to Sbox
+// rules which always run commands in a fresh sandbox. Calling NsjailKeepGendir keeps outputDir and
+// baseDir as-is, leaving previous artifacts. This is useful when the rules support incremental
+// builds.
+func (r *RuleBuilder) NsjailKeepGendir() *RuleBuilder {
+	if !r.nsjail {
+		panic("NsjailKeepGendir() must be called after Nsjail()")
+	}
+	r.nsjailKeepGendir = true
+	return r
+}
+
 // SandboxTools enables tool sandboxing for the rule by copying any referenced tools into the
 // sandbox.
 func (r *RuleBuilder) SandboxTools() *RuleBuilder {
@@ -555,8 +568,17 @@
 	if r.nsjail {
 		var nsjailCmd strings.Builder
 		nsjailPath := r.ctx.Config().PrebuiltBuildTool(r.ctx, "nsjail")
+		if !r.nsjailKeepGendir {
+			nsjailCmd.WriteString("rm -rf ")
+			nsjailCmd.WriteString(r.nsjailBasePath.String())
+			nsjailCmd.WriteRune(' ')
+			nsjailCmd.WriteString(r.outDir.String())
+			nsjailCmd.WriteString(" && ")
+		}
 		nsjailCmd.WriteString("mkdir -p ")
 		nsjailCmd.WriteString(r.nsjailBasePath.String())
+		nsjailCmd.WriteRune(' ')
+		nsjailCmd.WriteString(r.outDir.String())
 		nsjailCmd.WriteString(" && ")
 		nsjailCmd.WriteString(nsjailPath.String())
 		nsjailCmd.WriteRune(' ')