Merge "Use dump_hal() macro for HAL services"
diff --git a/public/domain.te b/public/domain.te
index c0c6699..d0310d3 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -639,22 +639,6 @@
neverallow vndservicemanager binder_device:chr_file no_rw_file_perms;
neverallow vndservicemanager hwbinder_device:chr_file no_rw_file_perms;
-# system services cant add vendor services
-neverallow {
- coredomain
-} vendor_service:service_manager add;
-
-full_treble_only(`
- # vendor services cant add system services
- neverallow {
- domain
- -coredomain
- } {
- service_manager_type
- -vendor_service
- }:service_manager add;
-')
-
full_treble_only(`
# Vendor apps are permited to use only stable public services. If they were to use arbitrary
# services which can change any time framework/core is updated, breakage is likely.
diff --git a/tests/Android.bp b/tests/Android.bp
index 8ca952d..e271346 100644
--- a/tests/Android.bp
+++ b/tests/Android.bp
@@ -43,6 +43,11 @@
srcs: [
"treble_sepolicy_tests.py",
],
+ version: {
+ py3: {
+ embedded_launcher: true,
+ },
+ },
libs: [
"mini_cil_parser",
"pysepolwrap",
@@ -55,6 +60,11 @@
srcs: [
"sepolicy_tests.py",
],
+ version: {
+ py3: {
+ embedded_launcher: true,
+ },
+ },
libs: ["pysepolwrap"],
data: [":libsepolwrap"],
}
diff --git a/tests/sepolicy_tests.py b/tests/sepolicy_tests.py
index e940681..63144dd 100644
--- a/tests/sepolicy_tests.py
+++ b/tests/sepolicy_tests.py
@@ -15,9 +15,12 @@
from optparse import OptionParser
from optparse import Option, OptionValueError
import os
+import pkgutil
import policy
import re
+import shutil
import sys
+import tempfile
SHARED_LIB_EXTENSION = '.dylib' if sys.platform == 'darwin' else '.so'
@@ -146,7 +149,11 @@
"TestDmaHeapDevTypeViolations",
]
-if __name__ == '__main__':
+def do_main(libpath):
+ """
+ Args:
+ libpath: string, path to libsepolwrap.so
+ """
usage = "sepolicy_tests -f vendor_file_contexts -f "
usage +="plat_file_contexts -p policy [--test test] [--help]"
parser = OptionParser(option_class=MultipleOption, usage=usage)
@@ -158,11 +165,6 @@
(options, args) = parser.parse_args()
- libpath = os.path.join(os.path.dirname(os.path.realpath(__file__)),
- "libsepolwrap" + SHARED_LIB_EXTENSION)
- if not os.path.exists(libpath):
- sys.exit("Error: libsepolwrap does not exist. Is this binary corrupted?\n")
-
if not options.policy:
sys.exit("Must specify monolithic policy file\n" + parser.usage)
if not os.path.exists(options.policy):
@@ -207,3 +209,17 @@
if len(results) > 0:
sys.exit(results)
+
+if __name__ == '__main__':
+ temp_dir = tempfile.mkdtemp()
+ try:
+ libname = "libsepolwrap" + SHARED_LIB_EXTENSION
+ libpath = os.path.join(temp_dir, libname)
+ with open(libpath, "wb") as f:
+ blob = pkgutil.get_data("sepolicy_tests", libname)
+ if not blob:
+ sys.exit("Error: libsepolwrap does not exist. Is this binary corrupted?\n")
+ f.write(blob)
+ do_main(libpath)
+ finally:
+ shutil.rmtree(temp_dir)
diff --git a/tests/treble_sepolicy_tests.py b/tests/treble_sepolicy_tests.py
index 64a9e95..b49f138 100644
--- a/tests/treble_sepolicy_tests.py
+++ b/tests/treble_sepolicy_tests.py
@@ -16,10 +16,13 @@
from optparse import Option, OptionValueError
import os
import mini_parser
+import pkgutil
import policy
from policy import MatchPathPrefix
import re
+import shutil
import sys
+import tempfile
DEBUG=False
SHARED_LIB_EXTENSION = '.dylib' if sys.platform == 'darwin' else '.so'
@@ -341,7 +344,13 @@
"TrebleCompatMapping": TestTrebleCompatMapping,
"ViolatorAttributes": TestViolatorAttributes}
-if __name__ == '__main__':
+def do_main(libpath):
+ """
+ Args:
+ libpath: string, path to libsepolwrap.so
+ """
+ global pol, FakeTreble
+
usage = "treble_sepolicy_tests "
usage += "-f nonplat_file_contexts -f plat_file_contexts "
usage += "-p curr_policy -b base_policy -o old_policy "
@@ -374,11 +383,6 @@
sys.exit("Error: File_contexts file " + f + " does not exist\n" +
parser.usage)
- libpath = os.path.join(os.path.dirname(os.path.realpath(__file__)),
- "libsepolwrap" + SHARED_LIB_EXTENSION)
- if not os.path.exists(libpath):
- sys.exit("Error: libsepolwrap does not exist. Is this binary corrupted?\n")
-
# Mapping files and public platform policy are only necessary for the
# TrebleCompatMapping test.
if options.tests is None or options.tests == "TrebleCompatMapping":
@@ -428,3 +432,17 @@
if len(results) > 0:
sys.exit(results)
+
+if __name__ == '__main__':
+ temp_dir = tempfile.mkdtemp()
+ try:
+ libname = "libsepolwrap" + SHARED_LIB_EXTENSION
+ libpath = os.path.join(temp_dir, libname)
+ with open(libpath, "wb") as f:
+ blob = pkgutil.get_data("treble_sepolicy_tests", libname)
+ if not blob:
+ sys.exit("Error: libsepolwrap does not exist. Is this binary corrupted?\n")
+ f.write(blob)
+ do_main(libpath)
+ finally:
+ shutil.rmtree(temp_dir)