Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 7f116502935253f697e3570636a2a3c43a004b5a^! / .
commit7f116502935253f697e3570636a2a3c43a004b5a[log] [tgz]
authorSteven Moreland <smoreland@google.com>Tue Nov 03 23:18:32 2020 +0000
committerSteven Moreland <smoreland@google.com>Tue Nov 03 23:20:43 2020 +0000
tree8a27912deb3eae00207001f842c36f8f59ef90ac
parent966d0445d9eae9febf0278b1d780da18f6b76fe8 [diff]
Policy: file errors include files with attrs

Since many files can correspond to the same error, it can be hard to see
which file is causing the error for an attribute

Example, here I couldn't find which file was 'vendor_file':

  The following types on / must be associated with the "no_fs_type"
  attribute: vendor_file
   corresponding to files: /cache/overlay/oem/upper

Bug: 154851797
Test: see above example
Change-Id: Ic96536da3ce55ccc5f600579b9f6b1b4f56fc93d

diff --git a/tests/policy.py b/tests/policy.py
index 24466e9..d0ef6c4 100644
--- a/tests/policy.py
+++ b/tests/policy.py

@@ -56,7 +56,7 @@
         # Query policy for the types associated with Attr
         TypesPol = self.QueryTypeAttribute(Attr, True)
         # Search file_contexts to find types associated with input paths.
-        TypesFc = self.__GetTypesByFilePathPrefix(MatchPrefix, DoNotMatchPrefix)
+        TypesFc, Files = self.__GetTypesAndFilesByFilePathPrefix(MatchPrefix, DoNotMatchPrefix)
         violators = TypesFc.intersection(TypesPol)
         ret = ""
         if len(violators) > 0:
@@ -65,6 +65,8 @@
             ret += " must not be associated with the "
             ret += "\"" + Attr + "\" attribute: "
             ret += " ".join(str(x) for x in sorted(violators)) + "\n"
+            ret += " corresponding to files: "
+            ret += " ".join(str(x) for x in sorted(Files)) + "\n"
         return ret
 
     # Check that all types for "filesystem" have "attribute" associated with them
@@ -91,7 +93,7 @@
         TypesPol = self.QueryTypeAttribute(Attr, True)
         # Search file_contexts to find paths/types that should be associated with
         # Attr.
-        TypesFc = self.__GetTypesByFilePathPrefix(MatchPrefix, DoNotMatchPrefix)
+        TypesFc, Files = self.__GetTypesAndFilesByFilePathPrefix(MatchPrefix, DoNotMatchPrefix)
         violators = TypesFc.difference(TypesPol)
 
         ret = ""
@@ -101,6 +103,8 @@
             ret += " must be associated with the "
             ret += "\"" + Attr + "\" attribute: "
             ret += " ".join(str(x) for x in sorted(violators)) + "\n"
+            ret += " corresponding to files: "
+            ret += " ".join(str(x) for x in sorted(Files)) + "\n"
         return ret
 
     def AssertPropertyOwnersAreExclusive(self):
@@ -272,8 +276,9 @@
 
     # Return types that match MatchPrefixes but do not match
     # DoNotMatchPrefixes
-    def __GetTypesByFilePathPrefix(self, MatchPrefixes, DoNotMatchPrefixes):
+    def __GetTypesAndFilesByFilePathPrefix(self, MatchPrefixes, DoNotMatchPrefixes):
         Types = set()
+        Files = set()
 
         MatchPrefixesWithIndex = []
         for MatchPrefix in MatchPrefixes:
@@ -285,7 +290,8 @@
                 if MatchPathPrefixes(PathType[0], DoNotMatchPrefixes):
                     continue
                 Types.add(PathType[1])
-        return Types
+                Files.add(PathType[0])
+        return Types, Files
 
     def __GetTERules(self, policydbP, avtabIterP, Rules):
         if Rules is None: