| Chaitanya Cheemala (xWF) | 25cfdb9 | 2024-10-07 09:21:50 +0000 | [diff] [blame] | 1 | version := $(version_under_treble_tests) |
| 2 | |
| 3 | include $(CLEAR_VARS) |
| 4 | # For Treble builds run tests verifying that processes are properly labeled and |
| 5 | # permissions granted do not violate the treble model. Also ensure that treble |
| 6 | # compatibility guarantees are upheld between SELinux version bumps. |
| 7 | LOCAL_MODULE := treble_sepolicy_tests_$(version) |
| 8 | LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered |
| 9 | LOCAL_LICENSE_CONDITIONS := notice unencumbered |
| 10 | LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE |
| 11 | LOCAL_MODULE_CLASS := FAKE |
| 12 | LOCAL_MODULE_TAGS := optional |
| 13 | |
| 14 | IS_TREBLE_TEST_ENABLED_PARTNER := false |
| 15 | ifeq ($(filter 26.0 27.0 28.0 29.0,$(version)),) |
| 16 | ifneq (,$(BOARD_SYSTEM_EXT_PREBUILT_DIR)$(BOARD_PRODUCT_PREBUILT_DIR)) |
| 17 | IS_TREBLE_TEST_ENABLED_PARTNER := true |
| 18 | endif # (,$(BOARD_SYSTEM_EXT_PREBUILT_DIR)$(BOARD_PRODUCT_PREBUILT_DIR)) |
| 19 | endif # ($(filter 26.0 27.0 28.0 29.0,$(version)),) |
| 20 | |
| 21 | include $(BUILD_SYSTEM)/base_rules.mk |
| 22 | |
| 23 | # $(version)_plat - the platform policy shipped as part of the $(version) release. This is |
| 24 | # built to enable us to determine the diff between the current policy and the |
| 25 | # $(version) policy, which will be used in tests to make sure that compatibility has |
| 26 | # been maintained by our mapping files. |
| 27 | built_$(version)_plat_sepolicy_cil := $(call intermediates-dir-for,ETC,$(version)_plat_policy.cil)/$(version)_plat_policy.cil |
| 28 | |
| 29 | $(version)_mapping.cil := $(call intermediates-dir-for,ETC,plat_$(version).cil)/plat_$(version).cil |
| 30 | $(version)_mapping.ignore.cil := \ |
| 31 | $(call intermediates-dir-for,ETC,$(version).ignore.cil)/$(version).ignore.cil |
| 32 | ifeq ($(IS_TREBLE_TEST_ENABLED_PARTNER),true) |
| 33 | ifneq (,$(BOARD_SYSTEM_EXT_PREBUILT_DIR)) |
| 34 | $(version)_mapping.cil += \ |
| 35 | $(call intermediates-dir-for,ETC,system_ext_$(version).cil)/system_ext_$(version).cil |
| 36 | $(version)_mapping.ignore.cil += \ |
| 37 | $(call intermediates-dir-for,ETC,system_ext_$(version).ignore.cil)/system_ext_$(version).ignore.cil |
| 38 | endif # (,$(BOARD_SYSTEM_EXT_PREBUILT_DIR)) |
| 39 | ifneq (,$(BOARD_PRODUCT_PREBUILT_DIR)) |
| 40 | $(version)_mapping.cil += \ |
| 41 | $(call intermediates-dir-for,ETC,product_$(version).cil)/product_$(version).cil |
| 42 | $(version)_mapping.ignore.cil += \ |
| 43 | $(call intermediates-dir-for,ETC,product_$(version).ignore.cil)/product_$(version).ignore.cil |
| 44 | endif # (,$(BOARD_PRODUCT_PREBUILT_DIR)) |
| 45 | endif #($(IS_TREBLE_TEST_ENABLED_PARTNER),true) |
| 46 | |
| 47 | # $(version)_mapping.combined.cil - a combination of the mapping file used when |
| 48 | # combining the current platform policy with nonplatform policy based on the |
| 49 | # $(version) policy release and also a special ignored file that exists purely for |
| 50 | # these tests. |
| 51 | intermediates := $(TARGET_OUT_INTERMEDIATES)/ETC/$(LOCAL_MODULE)_intermediates |
| 52 | $(version)_mapping.combined.cil := $(intermediates)/$(version)_mapping.combined.cil |
| 53 | $($(version)_mapping.combined.cil): $($(version)_mapping.cil) $($(version)_mapping.ignore.cil) |
| 54 | mkdir -p $(dir $@) |
| 55 | cat $^ > $@ |
| 56 | |
| 57 | ifeq ($(IS_TREBLE_TEST_ENABLED_PARTNER),true) |
| 58 | public_cil_files := $(base_product_pub_policy.cil) |
| 59 | else |
| 60 | public_cil_files := $(base_plat_pub_policy.cil) |
| 61 | endif # ($(IS_TREBLE_TEST_ENABLED_PARTNER),true) |
| 62 | $(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY_OLD := $(built_$(version)_plat_sepolicy_cil) |
| 63 | $(LOCAL_BUILT_MODULE): PRIVATE_COMBINED_MAPPING := $($(version)_mapping.combined.cil) |
| 64 | $(LOCAL_BUILT_MODULE): PRIVATE_PLAT_PUB_SEPOLICY := $(public_cil_files) |
| 65 | $(LOCAL_BUILT_MODULE): $(HOST_OUT_EXECUTABLES)/treble_sepolicy_tests \ |
| 66 | $(public_cil_files) \ |
| 67 | $(built_$(version)_plat_sepolicy_cil) $($(version)_mapping.combined.cil) |
| 68 | @mkdir -p $(dir $@) |
| 69 | $(hide) $(HOST_OUT_EXECUTABLES)/treble_sepolicy_tests \ |
| 70 | -b $(PRIVATE_PLAT_PUB_SEPOLICY) -m $(PRIVATE_COMBINED_MAPPING) \ |
| 71 | -o $(PRIVATE_SEPOLICY_OLD) |
| 72 | $(hide) touch $@ |
| 73 | |
| 74 | built_sepolicy_files := |
| 75 | public_cil_files := |
| 76 | $(version)_mapping.cil := |
| 77 | $(version)_mapping.combined.cil := |
| 78 | $(version)_mapping.ignore.cil := |
| 79 | built_$(version)_plat_sepolicy := |
| 80 | version := |
| 81 | version_under_treble_tests := |