Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 16d3be3dacf55c5326a811c0ef694542b5ef5c4b^! / . / build / soong / build_files.go
commit16d3be3dacf55c5326a811c0ef694542b5ef5c4b[log] [tgz]
authorInseob Kim <inseob@google.com>Fri Jan 07 09:15:27 2022 +0900
committerInseob Kim <inseob@google.com>Fri Jan 07 18:53:46 2022 +0900
treece4ab88d231dc70cdb7a469e5909db503b78408c
parentb6a6ff20efa97ae203de9366e7237fb54771795f [diff] [blame]
Migrate sepolicy compat test to Android.bp

compat_test tests whether {ver}.compat.cil is compatible to current
policy or not. This commit migrates all tests into a single module named
"sepolicy_compat_tests".

A minor issue is also resolved with this migration. Suppose that the
vendor's speolicy version is {VER}. Then the following cil files are
compiled in runtime.

- system/etc/selinux/plat_sepolicy.cil
- system/etc/selinux/mapping/{VER}.cil
- system/etc/selinux/mapping/{VER}.compat.cil (optional)
- system_ext/etc/selinux/system_ext_sepolicy.cil (optional)
- system_ext/etc/selinux/mapping/{VER}.cil (optional)
- system_ext/etc/selinux/mapping/{VER}.compat.cil (optional)
- product/etc/selinux/product_sepolicy.cil (optional)
- product/etc/selinux/mapping/{VER}.cil (optional)
- product/etc/selinux/mapping/{VER}.compat.cil (optional)
- vendor/etc/selinux/vendor_sepolicy.cil
- vendor/etc/selinux/plat_pub_versioned.cil
- odm/etc/selinux/odm_sepolicy.cil (optional)

That is, the vendor policy of version {VER} (vendor_sepolicy.cil,
plat_pub_versioned.cil, and odm_sepolicy.cil) is required to be
compatible only to {VER}.compat.cil. So, the vendor policy is included
only to $(BOARD_SEPOLICY_VERS)_compat_test. The other tests will be
built only with platform side policies.

Bug: 33691272
Test: boot
Test: manually edit {ver}.compat.cil files and try build
Change-Id: I16b30a9171f10ee8f08fc03b7bd7c047eec12b19

diff --git a/build/soong/build_files.go b/build/soong/build_files.go
index 865dbb4..0909f70 100644
--- a/build/soong/build_files.go
+++ b/build/soong/build_files.go

@@ -124,4 +124,9 @@
 		b.srcs[".product_public_for_vendor"] = b.findSrcsInDirs(ctx, ctx.DeviceConfig().BoardProductPublicPrebuiltDirs()...)
 		b.srcs[".product_private_for_vendor"] = b.findSrcsInDirs(ctx, ctx.DeviceConfig().BoardProductPrivatePrebuiltDirs()...)
 	}
+
+	for _, ver := range ctx.DeviceConfig().PlatformSepolicyCompatVersions() {
+		b.srcs[".plat_public_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.ModuleDir(), "prebuilts", "api", ver, "public"))
+		b.srcs[".plat_private_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.ModuleDir(), "prebuilts", "api", ver, "private"))
+	}
 }