Revert "Revert "Check that tracefs files are labelled as tracefs_type""
This reverts commit a00863e4d87863a7b915938930f14a8ddba2e5e9.
All dependencies for this patch are now merged.
Bug: 184381659
Test: atest
android.security.cts.SELinuxHostTest#testTracefsTypeViolators
Change-Id: Ic268b24222a87cd9f7ff9158eb16a20f1cb3ecbb
diff --git a/tests/sepolicy_tests.py b/tests/sepolicy_tests.py
index edd1708..1d26dfc 100644
--- a/tests/sepolicy_tests.py
+++ b/tests/sepolicy_tests.py
@@ -40,11 +40,18 @@
def TestDebugfsTypeViolations(pol):
ret = pol.AssertGenfsFilesystemTypesHaveAttr("debugfs", "debugfs_type")
- ret += pol.AssertGenfsFilesystemTypesHaveAttr("tracefs", "debugfs_type")
ret += pol.AssertPathTypesHaveAttr(["/sys/kernel/debug/",
"/sys/kernel/tracing"], [], "debugfs_type")
return ret
+def TestTracefsTypeViolations(pol):
+ ret = pol.AssertGenfsFilesystemTypesHaveAttr("tracefs", "tracefs_type")
+ ret += pol.AssertPathTypesHaveAttr(["/sys/kernel/tracing"], [], "tracefs_type")
+ ret += pol.AssertPathTypesDoNotHaveAttr(["/sys/kernel/debug"],
+ ["/sys/kernel/debug/tracing"], "tracefs_type",
+ [])
+ return ret
+
def TestVendorTypeViolations(pol):
partitions = ["/vendor/", "/odm/"]
exceptions = [
@@ -111,6 +118,7 @@
"TestSysfsTypeViolations",
"TestSystemTypeViolators",
"TestDebugfsTypeViolations",
+ "TestTracefsTypeViolations",
"TestVendorTypeViolations",
"TestCoreDataTypeViolations",
"TestPropertyTypeViolations",
@@ -165,6 +173,8 @@
results += TestSystemTypeViolations(pol)
if options.test is None or "TestDebugfsTypeViolations" in options.test:
results += TestDebugfsTypeViolations(pol)
+ if options.test is None or "TestTracefsTypeViolations" in options.test:
+ results += TestTracefsTypeViolations(pol)
if options.test is None or "TestVendorTypeViolations" in options.test:
results += TestVendorTypeViolations(pol)
if options.test is None or "TestCoreDataTypeViolations" in options.test: