Prepare python tests to be run in CTS

Bug: 37008075
Test: build, all tests pass. Modify some attributes locally to
    cause tests to fail (verify that they are actually working).
Change-Id: If9f9ece61dff835f38ef9c8a57f5a7baddbae5cd

Android.mk

@@ -176,6 +176,13 @@ ifneq (,$(filter address,$(SANITIZE_TARGET)))
   with_asan := true
 endif
 
+# Library extension for host-side tests
+ifeq ($(HOSTOS),darwin)
+SHAREDLIB_EXT=dylib
+else
+SHAREDLIB_EXT=so
+endif
+
 include $(CLEAR_VARS)
 LOCAL_MODULE := selinux_policy
 LOCAL_MODULE_TAGS := optional
@@ -1188,7 +1195,8 @@ $(sepolicy_tests): PRIVATE_SEPOLICY := $(built_sepolicy)
 $(sepolicy_tests): $(HOST_OUT_EXECUTABLES)/sepolicy_tests \
 $(built_plat_fc) $(built_nonplat_fc) $(built_sepolicy)
 	@mkdir -p $(dir $@)
-	$(hide) $(HOST_OUT_EXECUTABLES)/sepolicy_tests -l $(HOST_OUT)/lib64 -f $(PRIVATE_PLAT_FC) -f $(PRIVATE_NONPLAT_FC) -p $(PRIVATE_SEPOLICY)
+	$(hide) $(HOST_OUT_EXECUTABLES)/sepolicy_tests -l $(HOST_OUT)/lib64/libsepolwrap.$(SHAREDLIB_EXT) \
+		-f $(PRIVATE_PLAT_FC) -f $(PRIVATE_NONPLAT_FC) -p $(PRIVATE_SEPOLICY)
 	$(hide) touch $@
 
 ##################################
@@ -1305,7 +1313,8 @@ $(built_plat_fc) $(built_nonplat_fc) $(built_sepolicy) $(built_plat_sepolicy) \
 $(built_26.0_plat_sepolicy) $(26.0_compat) $(26.0_mapping.combined.cil)
 	@mkdir -p $(dir $@)
 	$(hide) $(HOST_OUT_EXECUTABLES)/treble_sepolicy_tests -l \
-		$(HOST_OUT)/lib64 -f $(PRIVATE_PLAT_FC) -f $(PRIVATE_NONPLAT_FC) \
+		$(HOST_OUT)/lib64/libsepolwrap.$(SHAREDLIB_EXT) \
+		-f $(PRIVATE_PLAT_FC) -f $(PRIVATE_NONPLAT_FC) \
 		-b $(PRIVATE_PLAT_SEPOLICY) -m $(PRIVATE_COMBINED_MAPPING) \
 		-o $(PRIVATE_SEPOLICY_OLD) -p $(PRIVATE_SEPOLICY) \
 		$(PRIVATE_FAKE_TREBLE)

tests/Android.bp

@@ -1,14 +1,16 @@
 cc_library_host_shared {
     name: "libsepolwrap",
     srcs: ["sepol_wrap.cpp"],
-    shared_libs: ["libsepol"],
     cflags: ["-Wall", "-Werror",],
     export_include_dirs: ["include"],
 
     // libsepolwrap gets loaded from the system python, which does not have the
     // ASAN runtime. So turn off sanitization for ourself, and  use static
     // libraries, since the shared libraries will use ASAN.
-    static_libs: ["libbase"],
+    static_libs: [
+        "libbase",
+        "libsepol",
+    ],
     stl: "libc++_static",
     sanitize: {
         never: true,

tests/policy.py

@@ -253,13 +253,7 @@ class Policy:
 
     # load ctypes-ified libsepol wrapper
     def __InitLibsepolwrap(self, LibPath):
-        if "linux" in platform.system().lower():
-            lib = CDLL(LibPath + "/libsepolwrap.so")
-        elif "darwin" in platform.system().lower():
-            lib = CDLL(LibPath + "/libsepolwrap.dylib")
-        else:
-            sys.exit("policy.py: " + platform.system() + " not supported." +
-                    " Only Linux and Darwin platforms are currently supported.")
+        lib = CDLL(LibPath)
 
         # int get_allow_rule(char *out, size_t len, void *policydbp, void *avtab_iterp);
         lib.get_allow_rule.restype = c_int

tests/sepolicy_tests.py

@@ -39,7 +39,8 @@ class MultipleOption(Option):
 Tests = ["TestDataTypeViolators"]
 
 if __name__ == '__main__':
-    usage = "sepolicy_tests.py -f nonplat_file_contexts -f "
+    usage = "sepolicy_tests -l $(ANDROID_HOST_OUT)/lib64/libsepolwrap.so "
+    usage += "-f nonplat_file_contexts -f "
     usage +="plat_file_contexts -p policy [--test test] [--help]"
     parser = OptionParser(option_class=MultipleOption, usage=usage)
     parser.add_option("-f", "--file_contexts", dest="file_contexts",
@@ -52,7 +53,7 @@ if __name__ == '__main__':
     (options, args) = parser.parse_args()
 
     if not options.libpath:
-        sys.exit("Must specify path to host libraries\n" + parser.usage)
+        sys.exit("Must specify path to libsepolwrap library\n" + parser.usage)
     if not os.path.exists(options.libpath):
         sys.exit("Error: library-path " + options.libpath + " does not exist\n"
                 + parser.usage)
@@ -74,11 +75,11 @@ if __name__ == '__main__':
 
     results = ""
     # If an individual test is not specified, run all tests.
-    if options.test is None or "TestDataTypeViolations" in options.tests:
+    if options.test is None or "TestDataTypeViolations" in options.test:
         results += TestDataTypeViolations(pol)
-    if options.test is None or "TestSysfsTypeViolations" in options.tests:
+    if options.test is None or "TestSysfsTypeViolations" in options.test:
         results += TestSysfsTypeViolations(pol)
-    if options.test is None or "TestDebugfsTypeViolations" in options.tests:
+    if options.test is None or "TestDebugfsTypeViolations" in options.test:
         results += TestDebugfsTypeViolations(pol)
 
     if len(results) > 0:

tests/treble_sepolicy_tests.py

@@ -308,7 +308,7 @@ Tests = {"CoredomainViolations": TestCoredomainViolations,
          "ViolatorAttributes": TestViolatorAttributes}
 
 if __name__ == '__main__':
-    usage = "treble_sepolicy_tests.py -l out/host/linux-x86/lib64 "
+    usage = "treble_sepolicy_tests -l $(ANDROID_HOST_OUT)/lib64/libsepolwrap.so "
     usage += "-f nonplat_file_contexts -f plat_file_contexts "
     usage += "-p curr_policy -b base_policy -o old_policy "
     usage +="-m mapping file [--test test] [--help]"
@@ -328,7 +328,7 @@ if __name__ == '__main__':
     (options, args) = parser.parse_args()
 
     if not options.libpath:
-        sys.exit("Must specify path to host libraries\n" + parser.usage)
+        sys.exit("Must specify path to libsepolwrap library\n" + parser.usage)
     if not os.path.exists(options.libpath):
         sys.exit("Error: library-path " + options.libpath + " does not exist\n"
                 + parser.usage)