Fix contexts modules to use `android:"path"`
For now, contexts modules have been using se_filegroup modules, which
makes the build system logic unnecessarily complex. This change
refactors it to se_build_files modules and normal `android:"path"`
logic.
Test: build and boot
Change-Id: I52e557e2dc8300186869a97fddfd3a74183473f7
diff --git a/Android.bp b/Android.bp
index 21916b8..0e85944 100644
--- a/Android.bp
+++ b/Android.bp
@@ -396,73 +396,73 @@
system_ext_specific: true,
}
-se_filegroup {
+se_build_files {
name: "file_contexts_files",
srcs: ["file_contexts"],
}
-se_filegroup {
+se_build_files {
name: "file_contexts_asan_files",
srcs: ["file_contexts_asan"],
}
-se_filegroup {
+se_build_files {
name: "file_contexts_overlayfs_files",
srcs: ["file_contexts_overlayfs"],
}
-se_filegroup {
+se_build_files {
name: "hwservice_contexts_files",
srcs: ["hwservice_contexts"],
}
-se_filegroup {
+se_build_files {
name: "property_contexts_files",
srcs: ["property_contexts"],
}
-se_filegroup {
+se_build_files {
name: "service_contexts_files",
srcs: ["service_contexts"],
}
-se_filegroup {
+se_build_files {
name: "keystore2_key_contexts_files",
srcs: ["keystore2_key_contexts"],
}
file_contexts {
name: "plat_file_contexts",
- srcs: [":file_contexts_files"],
+ srcs: [":file_contexts_files{.plat_private}"],
product_variables: {
address_sanitize: {
- srcs: [":file_contexts_asan_files"],
+ srcs: [":file_contexts_asan_files{.plat_private}"],
},
debuggable: {
- srcs: [":file_contexts_overlayfs_files"],
+ srcs: [":file_contexts_overlayfs_files{.plat_private}"],
},
},
flatten_apex: {
- srcs: ["apex/*-file_contexts"],
+ srcs: [":apex_file_contexts_files"],
},
}
file_contexts {
name: "plat_file_contexts.recovery",
- srcs: [":file_contexts_files"],
+ srcs: [":file_contexts_files{.plat_private}"],
stem: "plat_file_contexts",
product_variables: {
address_sanitize: {
- srcs: [":file_contexts_asan_files"],
+ srcs: [":file_contexts_asan_files{.plat_private}"],
},
debuggable: {
- srcs: [":file_contexts_overlayfs_files"],
+ srcs: [":file_contexts_overlayfs_files{.plat_private}"],
},
},
flatten_apex: {
- srcs: ["apex/*-file_contexts"],
+ srcs: [":apex_file_contexts_files"],
},
recovery: true,
@@ -470,158 +470,173 @@
file_contexts {
name: "vendor_file_contexts",
- srcs: [":file_contexts_files"],
+ srcs: [
+ ":file_contexts_files{.plat_vendor_for_vendor}",
+ ":file_contexts_files{.vendor}",
+ ],
soc_specific: true,
recovery_available: true,
}
file_contexts {
name: "system_ext_file_contexts",
- srcs: [":file_contexts_files"],
+ srcs: [":file_contexts_files{.system_ext_private}"],
system_ext_specific: true,
recovery_available: true,
}
file_contexts {
name: "product_file_contexts",
- srcs: [":file_contexts_files"],
+ srcs: [":file_contexts_files{.product_private}"],
product_specific: true,
recovery_available: true,
}
file_contexts {
name: "odm_file_contexts",
- srcs: [":file_contexts_files"],
+ srcs: [":file_contexts_files{.odm}"],
device_specific: true,
recovery_available: true,
}
hwservice_contexts {
name: "plat_hwservice_contexts",
- srcs: [":hwservice_contexts_files"],
+ srcs: [":hwservice_contexts_files{.plat_private}"],
}
hwservice_contexts {
name: "system_ext_hwservice_contexts",
- srcs: [":hwservice_contexts_files"],
+ srcs: [":hwservice_contexts_files{.system_ext_private}"],
system_ext_specific: true,
}
hwservice_contexts {
name: "product_hwservice_contexts",
- srcs: [":hwservice_contexts_files"],
+ srcs: [":hwservice_contexts_files{.product_private}"],
product_specific: true,
}
hwservice_contexts {
name: "vendor_hwservice_contexts",
- srcs: [":hwservice_contexts_files"],
- reqd_mask: true,
+ srcs: [
+ ":hwservice_contexts_files{.plat_vendor_for_vendor}",
+ ":hwservice_contexts_files{.vendor}",
+ ":hwservice_contexts_files{.reqd_mask_for_vendor}",
+ ],
soc_specific: true,
}
hwservice_contexts {
name: "odm_hwservice_contexts",
- srcs: [":hwservice_contexts_files"],
+ srcs: [":hwservice_contexts_files{.odm}"],
device_specific: true,
}
property_contexts {
name: "plat_property_contexts",
- srcs: [":property_contexts_files"],
+ srcs: [":property_contexts_files{.plat_private}"],
}
property_contexts {
name: "plat_property_contexts.recovery",
- srcs: [":property_contexts_files"],
+ srcs: [":property_contexts_files{.plat_private}"],
stem: "plat_property_contexts",
recovery: true,
}
property_contexts {
name: "system_ext_property_contexts",
- srcs: [":property_contexts_files"],
+ srcs: [":property_contexts_files{.system_ext_private}"],
system_ext_specific: true,
recovery_available: true,
}
property_contexts {
name: "product_property_contexts",
- srcs: [":property_contexts_files"],
+ srcs: [":property_contexts_files{.product_private}"],
product_specific: true,
recovery_available: true,
}
property_contexts {
name: "vendor_property_contexts",
- srcs: [":property_contexts_files"],
- reqd_mask: true,
+ srcs: [
+ ":property_contexts_files{.plat_vendor_for_vendor}",
+ ":property_contexts_files{.vendor}",
+ ":property_contexts_files{.reqd_mask_for_vendor}",
+ ],
soc_specific: true,
recovery_available: true,
}
property_contexts {
name: "odm_property_contexts",
- srcs: [":property_contexts_files"],
+ srcs: [":property_contexts_files{.odm}"],
device_specific: true,
recovery_available: true,
}
service_contexts {
name: "plat_service_contexts",
- srcs: [":service_contexts_files"],
+ srcs: [":service_contexts_files{.plat_private}"],
}
service_contexts {
name: "plat_service_contexts.recovery",
- srcs: [":service_contexts_files"],
+ srcs: [":service_contexts_files{.plat_private}"],
stem: "plat_service_contexts",
recovery: true,
}
service_contexts {
name: "system_ext_service_contexts",
- srcs: [":service_contexts_files"],
+ srcs: [":service_contexts_files{.system_ext_private}"],
system_ext_specific: true,
recovery_available: true,
}
service_contexts {
name: "product_service_contexts",
- srcs: [":service_contexts_files"],
+ srcs: [":service_contexts_files{.product_private}"],
product_specific: true,
recovery_available: true,
}
service_contexts {
name: "vendor_service_contexts",
- srcs: [":service_contexts_files"],
- reqd_mask: true,
+ srcs: [
+ ":service_contexts_files{.plat_vendor_for_vendor}",
+ ":service_contexts_files{.vendor}",
+ ":service_contexts_files{.reqd_mask_for_vendor}",
+ ],
soc_specific: true,
recovery_available: true,
}
keystore2_key_contexts {
name: "plat_keystore2_key_contexts",
- srcs: [":keystore2_key_contexts_files"],
+ srcs: [":keystore2_key_contexts_files{.plat_private}"],
}
keystore2_key_contexts {
name: "system_keystore2_key_contexts",
- srcs: [":keystore2_key_contexts_files"],
+ srcs: [":keystore2_key_contexts_files{.system_ext_private}"],
system_ext_specific: true,
}
keystore2_key_contexts {
name: "product_keystore2_key_contexts",
- srcs: [":keystore2_key_contexts_files"],
+ srcs: [":keystore2_key_contexts_files{.product_private}"],
product_specific: true,
}
keystore2_key_contexts {
name: "vendor_keystore2_key_contexts",
- srcs: [":keystore2_key_contexts_files"],
- reqd_mask: true,
+ srcs: [
+ ":keystore2_key_contexts_files{.plat_vendor_for_vendor}",
+ ":keystore2_key_contexts_files{.vendor}",
+ ":keystore2_key_contexts_files{.reqd_mask_for_vendor}",
+ ],
soc_specific: true,
}
diff --git a/apex/Android.bp b/apex/Android.bp
index 5276cca..166c2d3 100644
--- a/apex/Android.bp
+++ b/apex/Android.bp
@@ -22,6 +22,11 @@
}
filegroup {
+ name: "apex_file_contexts_files",
+ srcs: ["*-file_contexts"],
+}
+
+filegroup {
name: "apex.test-file_contexts",
srcs: [
"apex.test-file_contexts",
diff --git a/build/soong/selinux_contexts.go b/build/soong/selinux_contexts.go
index a40716a..71de38a 100644
--- a/build/soong/selinux_contexts.go
+++ b/build/soong/selinux_contexts.go
@@ -34,18 +34,11 @@
Stem *string
Product_variables struct {
- Debuggable struct {
- Srcs []string
- }
-
Address_sanitize struct {
- Srcs []string
+ Srcs []string `android:"path"`
}
}
- // Whether reqd_mask directory is included to sepolicy directories or not.
- Reqd_mask *bool
-
// Whether the comments in generated contexts file will be removed or not.
Remove_comment *bool
@@ -61,7 +54,7 @@
// Apex paths, /system/apex/{apex_name}, will be amended to the paths of file_contexts
// entries.
Flatten_apex struct {
- Srcs []string
+ Srcs []string `android:"path"`
}
}
@@ -145,51 +138,7 @@
}
}
- var inputs android.Paths
-
- ctx.VisitDirectDeps(func(dep android.Module) {
- depTag := ctx.OtherModuleDependencyTag(dep)
- if !android.IsSourceDepTagWithOutputTag(depTag, "") {
- return
- }
- segroup, ok := dep.(*fileGroup)
- if !ok {
- ctx.ModuleErrorf("srcs dependency %q is not an selinux filegroup",
- ctx.OtherModuleName(dep))
- return
- }
-
- if ctx.ProductSpecific() {
- inputs = append(inputs, segroup.ProductPrivateSrcs()...)
- } else if ctx.SocSpecific() {
- inputs = append(inputs, segroup.SystemVendorSrcs()...)
- inputs = append(inputs, segroup.VendorSrcs()...)
- } else if ctx.DeviceSpecific() {
- inputs = append(inputs, segroup.OdmSrcs()...)
- } else if ctx.SystemExtSpecific() {
- inputs = append(inputs, segroup.SystemExtPrivateSrcs()...)
- } else {
- inputs = append(inputs, segroup.SystemPrivateSrcs()...)
- inputs = append(inputs, segroup.SystemPublicSrcs()...)
- }
-
- if proptools.Bool(m.properties.Reqd_mask) {
- if ctx.SocSpecific() || ctx.DeviceSpecific() {
- inputs = append(inputs, segroup.VendorReqdMaskSrcs()...)
- } else {
- inputs = append(inputs, segroup.SystemReqdMaskSrcs()...)
- }
- }
- })
-
- for _, src := range m.properties.Srcs {
- // Module sources are handled above with VisitDirectDepsWithTag
- if android.SrcIsModule(src) == "" {
- inputs = append(inputs, android.PathForModuleSrc(ctx, src))
- }
- }
-
- m.outputPath = m.build(ctx, inputs)
+ m.outputPath = m.build(ctx, android.PathsForModuleSrc(ctx, m.properties.Srcs))
ctx.InstallFile(m.installPath, m.stem(), m.outputPath)
}
@@ -197,6 +146,7 @@
m := &selinuxContextsModule{}
m.AddProperties(
&m.properties,
+ &m.fileContextsProperties,
)
android.InitAndroidArchModule(m, android.DeviceSupported, android.MultilibCommon)
android.AddLoadHook(m, func(ctx android.LoadHookContext) {
@@ -209,10 +159,6 @@
// TODO: clean this up to use build/soong/android/variable.go after b/79249983
var srcs []string
- if ctx.Config().Debuggable() {
- srcs = append(srcs, m.properties.Product_variables.Debuggable.Srcs...)
- }
-
for _, sanitize := range ctx.Config().SanitizeDevice() {
if sanitize == "address" {
srcs = append(srcs, m.properties.Product_variables.Address_sanitize.Srcs...)
@@ -333,25 +279,18 @@
rule := android.NewRuleBuilder(pctx, ctx)
if ctx.Config().FlattenApex() {
- for _, src := range m.fileContextsProperties.Flatten_apex.Srcs {
- if m := android.SrcIsModule(src); m != "" {
- ctx.ModuleErrorf(
- "Module srcs dependency %q is not supported for flatten_apex.srcs", m)
- return nil
- }
- for _, path := range android.PathsForModuleSrcExcludes(ctx, []string{src}, nil) {
- out := android.PathForModuleGen(ctx, "flattened_apex", path.Rel())
- apex_path := "/system/apex/" + strings.Replace(
- strings.TrimSuffix(path.Base(), "-file_contexts"),
- ".", "\\\\.", -1)
+ for _, path := range android.PathsForModuleSrc(ctx, m.fileContextsProperties.Flatten_apex.Srcs) {
+ out := android.PathForModuleGen(ctx, "flattened_apex", path.Rel())
+ apex_path := "/system/apex/" + strings.Replace(
+ strings.TrimSuffix(path.Base(), "-file_contexts"),
+ ".", "\\\\.", -1)
- rule.Command().
- Text("awk '/object_r/{printf(\""+apex_path+"%s\\n\",$0)}'").
- Input(path).
- FlagWithOutput("> ", out)
+ rule.Command().
+ Text("awk '/object_r/{printf(\""+apex_path+"%s\\n\",$0)}'").
+ Input(path).
+ FlagWithOutput("> ", out)
- inputs = append(inputs, out)
- }
+ inputs = append(inputs, out)
}
}
@@ -361,7 +300,6 @@
func fileFactory() android.Module {
m := newModule()
- m.AddProperties(&m.fileContextsProperties)
m.build = m.buildFileContexts
return m
}