Improve data separation test coverage Two areas need better coverage: 1. Tests are not verifying that files in /data/vendor do not have the core_data_file_type attribute. 2. No error is thrown if a type lives in both /data/vendor /data/<not vendor>. Bug: 72998741 Test: build all selinux policies on master (assert build time tests) Test: build and boot Marlin and Taimen, verify no selinux denials and everything works as expected. Change-Id: I133a068123139a599b9b81ddcc254616894621eb (cherry picked from commit 55d5e28472ad9cd87da0b451d78555d8aae43bb8)

commit: 370a52fee5f0a4d13dc72612e889c2e4ef56ae1a [log] [tgz]
author: Jeff Vander Stoep <jeffv@google.com> Thu Feb 08 09:54:59 2018 -0800
committer: Jeff Vander Stoep <jeffv@google.com> Thu Mar 22 22:58:50 2018 -0700
tree: 29caf02dcc4a35af9df32c7be6147703e1cb74d7
parent: 4eb10d809ab4294da21e41199df3eb943fc1bd75 [diff] [blame]
diff --git a/tests/sepolicy_tests.py b/tests/sepolicy_tests.py
index ca95f8a..2cf4ae8 100644
--- a/tests/sepolicy_tests.py
+++ b/tests/sepolicy_tests.py

@@ -24,8 +24,8 @@
     return pol.AssertPathTypesHaveAttr(["/vendor/"], [], "vendor_file_type")
 
 def TestCoreDataTypeViolations(pol):
-    return pol.AssertPathTypesHaveAttr(["/data/"], ["/data/vendor/",
-            "/data/vendor_ce/", "/data/vendor_de/"], "core_data_file_type")
+    return pol.AssertPathTypesHaveAttr(["/data/"], ["/data/vendor",
+            "/data/vendor_ce", "/data/vendor_de"], "core_data_file_type")
 
 ###
 # extend OptionParser to allow the same option flag to be used multiple times.
commit	370a52fee5f0a4d13dc72612e889c2e4ef56ae1a	[log] [tgz]
author	Jeff Vander Stoep <jeffv@google.com>	Thu Feb 08 09:54:59 2018 -0800
committer	Jeff Vander Stoep <jeffv@google.com>	Thu Mar 22 22:58:50 2018 -0700
tree	29caf02dcc4a35af9df32c7be6147703e1cb74d7
parent	4eb10d809ab4294da21e41199df3eb943fc1bd75 [diff] [blame]