Test that /proc files have proc_type attribute.
Bug: 74182216
Change-Id: Ia1c6b67ac93ed6e88c50c1527b48275365bf5fd5
Test: build policy
diff --git a/tests/sepolicy_tests.py b/tests/sepolicy_tests.py
index b09c60b..6f69147 100644
--- a/tests/sepolicy_tests.py
+++ b/tests/sepolicy_tests.py
@@ -11,6 +11,9 @@
def TestDataTypeViolations(pol):
return pol.AssertPathTypesHaveAttr(["/data/"], [], "data_file_type")
+def TestProcTypeViolations(pol):
+ return pol.AssertGenfsFilesystemTypesHaveAttr("proc", "proc_type")
+
def TestSysfsTypeViolations(pol):
ret = pol.AssertGenfsFilesystemTypesHaveAttr("sysfs", "sysfs_type")
ret += pol.AssertPathTypesHaveAttr(["/sys/"], ["/sys/kernel/debug/",
@@ -48,9 +51,14 @@
else:
Option.take_action(self, action, dest, opt, value, values, parser)
-Tests = ["TestDataTypeViolators", "TestSysfsTypeViolations",
- "TestDebugfsTypeViolations", "TestVendorTypeViolations",
- "TestCoreDataTypeViolations"]
+Tests = [
+ "TestDataTypeViolators",
+ "TestProcTypeViolations",
+ "TestSysfsTypeViolations",
+ "TestDebugfsTypeViolations",
+ "TestVendorTypeViolations",
+ "TestCoreDataTypeViolations",
+]
if __name__ == '__main__':
usage = "sepolicy_tests -l $(ANDROID_HOST_OUT)/lib64/libsepolwrap.so "
@@ -91,6 +99,8 @@
# If an individual test is not specified, run all tests.
if options.test is None or "TestDataTypeViolations" in options.test:
results += TestDataTypeViolations(pol)
+ if options.test is None or "TestProcTypeViolations" in options.test:
+ results += TestProcTypeViolations(pol)
if options.test is None or "TestSysfsTypeViolations" in options.test:
results += TestSysfsTypeViolations(pol)
if options.test is None or "TestDebugfsTypeViolations" in options.test: