Fix treble_sepolicy_tests and compat files
treble_sepolicy_tests has been broken since Soong migration. The tests
can't detect compat changes because of using incorrect source files.
This fixes the tests and compat changes.
Bug: 386305058
Test: m selinux_policy sepolicy_test treble_sepolicy_tests_202404 \
treble_sepolicy_tests_34.0 treble_sepolicy_tests_33.0 \
se_freeze_test sepolicy_dev_type_test
Change-Id: I3c7bb4c0d0e54b31d9666f1269fdc3d744b565e7
diff --git a/private/compat/202404/202404.cil b/private/compat/202404/202404.cil
index 85eb601..c78632b 100644
--- a/private/compat/202404/202404.cil
+++ b/private/compat/202404/202404.cil
@@ -1,8 +1,10 @@
;; This type may or may not already exist in vendor policy. Re-define it here (duplicate
;; definitions in CIL will be ignored) - so we can reference it in 202404.cil.
-(type virtual_fingerprint_hal_prop)
+(type cgroup_desc_api_file)
(type otapreopt_chroot)
+(type task_profiles_api_file)
(type vendor_hidraw_device)
+(type virtual_fingerprint_hal_prop)
(typeattributeset dev_type (vendor_hidraw_device))
;; mapping information from ToT policy's types to 202404 policy's types.
@@ -2473,7 +2475,7 @@
(typeattributeset surfaceflinger_tmpfs_202404 (surfaceflinger_tmpfs))
(typeattributeset suspend_prop_202404 (suspend_prop))
(typeattributeset swap_block_device_202404 (swap_block_device))
-(typeattributeset sysfs_202404 (sysfs))
+(typeattributeset sysfs_202404 (sysfs sysfs_udc))
(typeattributeset sysfs_android_usb_202404 (sysfs_android_usb))
(typeattributeset sysfs_batteryinfo_202404 (sysfs_batteryinfo))
(typeattributeset sysfs_bluetooth_writable_202404 (sysfs_bluetooth_writable))
diff --git a/private/compat/202404/202404.ignore.cil b/private/compat/202404/202404.ignore.cil
index 2ddfec3..0aa0580 100644
--- a/private/compat/202404/202404.ignore.cil
+++ b/private/compat/202404/202404.ignore.cil
@@ -5,27 +5,33 @@
(typeattribute new_objects)
(typeattributeset new_objects
( new_objects
- bluetooth_finder_prop
- profcollectd_etr_prop
- fstype_prop
- binderfs_logs_transactions
- binderfs_logs_transaction_history
- proc_compaction_proactiveness
- proc_cgroups
- ranging_service
- supervision_service
- app_function_service
- virtual_fingerprint
- virtual_fingerprint_exec
- virtual_face
- virtual_face_exec
- hal_mediaquality_service
- media_quality_service
advanced_protection_service
- sysfs_firmware_acpi_tables
- intrusion_detection_service
- wifi_mainline_supplicant_service
+ app_function_service
+ binderfs_logs_transaction_history
+ binderfs_logs_transactions
+ bluetooth_finder_prop
crosvm
early_virtmgr
+ early_virtmgr_exec
+ forensic_service
+ fstype_prop
+ hal_mediaquality_service
+ intrusion_detection_service
+ media_quality_service
+ proc_cgroups
+ proc_compaction_proactiveness
+ profcollectd_etr_prop
+ ranging_service
+ supervision_service
+ sysfs_firmware_acpi_tables
+ tee_service_contexts_file
+ trusty_security_vm_sys_vendor_prop
+ virtual_face
+ virtual_face_exec
+ virtual_fingerprint
+ virtual_fingerprint_exec
virtualizationmanager
+ virtualizationmanager_exec
+ wifi_mainline_supplicant_service
+ wifi_usd_service
))
diff --git a/treble_sepolicy_tests_for_release/Android.bp b/treble_sepolicy_tests_for_release/Android.bp
index 7756cbb..d27dc56 100644
--- a/treble_sepolicy_tests_for_release/Android.bp
+++ b/treble_sepolicy_tests_for_release/Android.bp
@@ -38,12 +38,12 @@
srcs: [
":29.0_plat_policy.cil",
":29.0_mapping.combined.cil",
- ":29.0_plat_pub_policy.cil",
+ ":base_plat_pub_policy.cil",
],
tools: ["treble_sepolicy_tests"],
out: ["treble_sepolicy_tests_29.0"],
cmd: "$(location treble_sepolicy_tests) " +
- "-b $(location :29.0_plat_pub_policy.cil) " +
+ "-b $(location :base_plat_pub_policy.cil) " +
"-m $(location :29.0_mapping.combined.cil) " +
"-o $(location :29.0_plat_policy.cil) && " +
"touch $(out)",
@@ -92,8 +92,8 @@
soong_config_variable("ANDROID", "HAS_BOARD_SYSTEM_EXT_PREBUILT_DIR"),
soong_config_variable("ANDROID", "HAS_BOARD_PRODUCT_PREBUILT_DIR"),
), {
- (false, false): [":30.0_plat_pub_policy.cil"],
- (default, default): [":30.0_product_pub_policy.cil"],
+ (false, false): [":base_plat_pub_policy.cil"],
+ (default, default): [":base_product_pub_policy.cil"],
}),
tools: ["treble_sepolicy_tests"],
out: ["treble_sepolicy_tests_30.0"],
@@ -102,12 +102,12 @@
soong_config_variable("ANDROID", "HAS_BOARD_PRODUCT_PREBUILT_DIR"),
), {
(false, false): "$(location treble_sepolicy_tests) " +
- "-b $(location :30.0_plat_pub_policy.cil) " +
+ "-b $(location :base_plat_pub_policy.cil) " +
"-m $(location :30.0_mapping.combined.cil) " +
"-o $(location :30.0_plat_policy.cil) && " +
"touch $(out)",
(default, default): "$(location treble_sepolicy_tests) " +
- "-b $(location :30.0_product_pub_policy.cil) " +
+ "-b $(location :base_product_pub_policy.cil) " +
"-m $(location :30.0_mapping.combined.cil) " +
"-o $(location :30.0_plat_policy.cil) && " +
"touch $(out)",
@@ -157,8 +157,8 @@
soong_config_variable("ANDROID", "HAS_BOARD_SYSTEM_EXT_PREBUILT_DIR"),
soong_config_variable("ANDROID", "HAS_BOARD_PRODUCT_PREBUILT_DIR"),
), {
- (false, false): [":31.0_plat_pub_policy.cil"],
- (default, default): [":31.0_product_pub_policy.cil"],
+ (false, false): [":base_plat_pub_policy.cil"],
+ (default, default): [":base_product_pub_policy.cil"],
}),
tools: ["treble_sepolicy_tests"],
out: ["treble_sepolicy_tests_31.0"],
@@ -167,12 +167,12 @@
soong_config_variable("ANDROID", "HAS_BOARD_PRODUCT_PREBUILT_DIR"),
), {
(false, false): "$(location treble_sepolicy_tests) " +
- "-b $(location :31.0_plat_pub_policy.cil) " +
+ "-b $(location :base_plat_pub_policy.cil) " +
"-m $(location :31.0_mapping.combined.cil) " +
"-o $(location :31.0_plat_policy.cil) && " +
"touch $(out)",
(default, default): "$(location treble_sepolicy_tests) " +
- "-b $(location :31.0_product_pub_policy.cil) " +
+ "-b $(location :base_product_pub_policy.cil) " +
"-m $(location :31.0_mapping.combined.cil) " +
"-o $(location :31.0_plat_policy.cil) && " +
"touch $(out)",
@@ -222,8 +222,8 @@
soong_config_variable("ANDROID", "HAS_BOARD_SYSTEM_EXT_PREBUILT_DIR"),
soong_config_variable("ANDROID", "HAS_BOARD_PRODUCT_PREBUILT_DIR"),
), {
- (false, false): [":32.0_plat_pub_policy.cil"],
- (default, default): [":32.0_product_pub_policy.cil"],
+ (false, false): [":base_plat_pub_policy.cil"],
+ (default, default): [":base_product_pub_policy.cil"],
}),
tools: ["treble_sepolicy_tests"],
out: ["treble_sepolicy_tests_32.0"],
@@ -232,12 +232,12 @@
soong_config_variable("ANDROID", "HAS_BOARD_PRODUCT_PREBUILT_DIR"),
), {
(false, false): "$(location treble_sepolicy_tests) " +
- "-b $(location :32.0_plat_pub_policy.cil) " +
+ "-b $(location :base_plat_pub_policy.cil) " +
"-m $(location :32.0_mapping.combined.cil) " +
"-o $(location :32.0_plat_policy.cil) && " +
"touch $(out)",
(default, default): "$(location treble_sepolicy_tests) " +
- "-b $(location :32.0_product_pub_policy.cil) " +
+ "-b $(location :base_product_pub_policy.cil) " +
"-m $(location :32.0_mapping.combined.cil) " +
"-o $(location :32.0_plat_policy.cil) && " +
"touch $(out)",
@@ -287,8 +287,8 @@
soong_config_variable("ANDROID", "HAS_BOARD_SYSTEM_EXT_PREBUILT_DIR"),
soong_config_variable("ANDROID", "HAS_BOARD_PRODUCT_PREBUILT_DIR"),
), {
- (false, false): [":33.0_plat_pub_policy.cil"],
- (default, default): [":33.0_product_pub_policy.cil"],
+ (false, false): [":base_plat_pub_policy.cil"],
+ (default, default): [":base_product_pub_policy.cil"],
}),
tools: ["treble_sepolicy_tests"],
out: ["treble_sepolicy_tests_33.0"],
@@ -297,12 +297,12 @@
soong_config_variable("ANDROID", "HAS_BOARD_PRODUCT_PREBUILT_DIR"),
), {
(false, false): "$(location treble_sepolicy_tests) " +
- "-b $(location :33.0_plat_pub_policy.cil) " +
+ "-b $(location :base_plat_pub_policy.cil) " +
"-m $(location :33.0_mapping.combined.cil) " +
"-o $(location :33.0_plat_policy.cil) && " +
"touch $(out)",
(default, default): "$(location treble_sepolicy_tests) " +
- "-b $(location :33.0_product_pub_policy.cil) " +
+ "-b $(location :base_product_pub_policy.cil) " +
"-m $(location :33.0_mapping.combined.cil) " +
"-o $(location :33.0_plat_policy.cil) && " +
"touch $(out)",
@@ -352,8 +352,8 @@
soong_config_variable("ANDROID", "HAS_BOARD_SYSTEM_EXT_PREBUILT_DIR"),
soong_config_variable("ANDROID", "HAS_BOARD_PRODUCT_PREBUILT_DIR"),
), {
- (false, false): [":34.0_plat_pub_policy.cil"],
- (default, default): [":34.0_product_pub_policy.cil"],
+ (false, false): [":base_plat_pub_policy.cil"],
+ (default, default): [":base_product_pub_policy.cil"],
}),
tools: ["treble_sepolicy_tests"],
out: ["treble_sepolicy_tests_34.0"],
@@ -362,12 +362,12 @@
soong_config_variable("ANDROID", "HAS_BOARD_PRODUCT_PREBUILT_DIR"),
), {
(false, false): "$(location treble_sepolicy_tests) " +
- "-b $(location :34.0_plat_pub_policy.cil) " +
+ "-b $(location :base_plat_pub_policy.cil) " +
"-m $(location :34.0_mapping.combined.cil) " +
"-o $(location :34.0_plat_policy.cil) && " +
"touch $(out)",
(default, default): "$(location treble_sepolicy_tests) " +
- "-b $(location :34.0_product_pub_policy.cil) " +
+ "-b $(location :base_product_pub_policy.cil) " +
"-m $(location :34.0_mapping.combined.cil) " +
"-o $(location :34.0_plat_policy.cil) && " +
"touch $(out)",
@@ -422,8 +422,8 @@
soong_config_variable("ANDROID", "HAS_BOARD_SYSTEM_EXT_PREBUILT_DIR"),
soong_config_variable("ANDROID", "HAS_BOARD_PRODUCT_PREBUILT_DIR"),
), {
- (false, false): [":202404_plat_pub_policy.cil"],
- (default, default): [":202404_product_pub_policy.cil"],
+ (false, false): [":base_plat_pub_policy.cil"],
+ (default, default): [":base_product_pub_policy.cil"],
}),
tools: ["treble_sepolicy_tests"],
out: ["treble_sepolicy_tests_202404"],
@@ -435,12 +435,12 @@
("202404", false, false): "touch $(out)",
("202404", default, default): "touch $(out)",
(default, false, false): "$(location treble_sepolicy_tests) " +
- "-b $(location :202404_plat_pub_policy.cil) " +
+ "-b $(location :base_plat_pub_policy.cil) " +
"-m $(location :202404_mapping.combined.cil) " +
"-o $(location :202404_plat_policy.cil) && " +
"touch $(out)",
(default, default, default): "$(location treble_sepolicy_tests) " +
- "-b $(location :202404_product_pub_policy.cil) " +
+ "-b $(location :base_product_pub_policy.cil) " +
"-m $(location :202404_mapping.combined.cil) " +
"-o $(location :202404_plat_policy.cil) && " +
"touch $(out)",