Use "data: libsepolwrap" in python binaries
To avoid hard-coded paths in Android.mk rules. Test: m selinux_policy Change-Id: I7b464fa2953e01ccb6fff8daa3e219ae372313c5
This commit is contained in:
parent
5bbcd68dcc
commit
6fa8efdf4a
@ -770,8 +770,7 @@ $(LOCAL_BUILT_MODULE): ALL_FC_ARGS := $(all_fc_args)
|
|||||||
$(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_sepolicy)
|
$(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_sepolicy)
|
||||||
$(LOCAL_BUILT_MODULE): $(HOST_OUT_EXECUTABLES)/sepolicy_tests $(all_fc_files) $(built_sepolicy)
|
$(LOCAL_BUILT_MODULE): $(HOST_OUT_EXECUTABLES)/sepolicy_tests $(all_fc_files) $(built_sepolicy)
|
||||||
@mkdir -p $(dir $@)
|
@mkdir -p $(dir $@)
|
||||||
$(hide) $(HOST_OUT_EXECUTABLES)/sepolicy_tests -l $(HOST_OUT)/lib64/libsepolwrap.$(SHAREDLIB_EXT) \
|
$(hide) $(HOST_OUT_EXECUTABLES)/sepolicy_tests $(ALL_FC_ARGS) -p $(PRIVATE_SEPOLICY)
|
||||||
$(ALL_FC_ARGS) -p $(PRIVATE_SEPOLICY)
|
|
||||||
$(hide) touch $@
|
$(hide) touch $@
|
||||||
|
|
||||||
##################################
|
##################################
|
||||||
|
@ -11,6 +11,7 @@ cc_library_host_shared {
|
|||||||
srcs: ["sepol_wrap.cpp"],
|
srcs: ["sepol_wrap.cpp"],
|
||||||
cflags: ["-Wall", "-Werror",],
|
cflags: ["-Wall", "-Werror",],
|
||||||
export_include_dirs: ["include"],
|
export_include_dirs: ["include"],
|
||||||
|
stl: "c++_static",
|
||||||
|
|
||||||
// libsepolwrap gets loaded from the system python, which does not have the
|
// libsepolwrap gets loaded from the system python, which does not have the
|
||||||
// ASAN runtime. So turn off sanitization for ourself, and use static
|
// ASAN runtime. So turn off sanitization for ourself, and use static
|
||||||
@ -32,7 +33,7 @@ python_binary_host {
|
|||||||
"policy.py",
|
"policy.py",
|
||||||
"treble_sepolicy_tests.py",
|
"treble_sepolicy_tests.py",
|
||||||
],
|
],
|
||||||
required: ["libsepolwrap"],
|
data: [":libsepolwrap"],
|
||||||
}
|
}
|
||||||
|
|
||||||
python_binary_host {
|
python_binary_host {
|
||||||
@ -42,7 +43,7 @@ python_binary_host {
|
|||||||
"policy.py",
|
"policy.py",
|
||||||
"sepolicy_tests.py",
|
"sepolicy_tests.py",
|
||||||
],
|
],
|
||||||
required: ["libsepolwrap"],
|
data: [":libsepolwrap"],
|
||||||
}
|
}
|
||||||
|
|
||||||
python_binary_host {
|
python_binary_host {
|
||||||
|
@ -18,6 +18,7 @@ import os
|
|||||||
import policy
|
import policy
|
||||||
import re
|
import re
|
||||||
import sys
|
import sys
|
||||||
|
import distutils.ccompiler
|
||||||
|
|
||||||
#############################################################
|
#############################################################
|
||||||
# Tests
|
# Tests
|
||||||
@ -141,24 +142,21 @@ Tests = [
|
|||||||
]
|
]
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
usage = "sepolicy_tests -l $(ANDROID_HOST_OUT)/lib64/libsepolwrap.so "
|
usage = "sepolicy_tests -f vendor_file_contexts -f "
|
||||||
usage += "-f vendor_file_contexts -f "
|
|
||||||
usage +="plat_file_contexts -p policy [--test test] [--help]"
|
usage +="plat_file_contexts -p policy [--test test] [--help]"
|
||||||
parser = OptionParser(option_class=MultipleOption, usage=usage)
|
parser = OptionParser(option_class=MultipleOption, usage=usage)
|
||||||
parser.add_option("-f", "--file_contexts", dest="file_contexts",
|
parser.add_option("-f", "--file_contexts", dest="file_contexts",
|
||||||
metavar="FILE", action="extend", type="string")
|
metavar="FILE", action="extend", type="string")
|
||||||
parser.add_option("-p", "--policy", dest="policy", metavar="FILE")
|
parser.add_option("-p", "--policy", dest="policy", metavar="FILE")
|
||||||
parser.add_option("-l", "--library-path", dest="libpath", metavar="FILE")
|
|
||||||
parser.add_option("-t", "--test", dest="test", action="extend",
|
parser.add_option("-t", "--test", dest="test", action="extend",
|
||||||
help="Test options include "+str(Tests))
|
help="Test options include "+str(Tests))
|
||||||
|
|
||||||
(options, args) = parser.parse_args()
|
(options, args) = parser.parse_args()
|
||||||
|
|
||||||
if not options.libpath:
|
libpath = os.path.join(os.path.dirname(os.path.realpath(__file__)),
|
||||||
sys.exit("Must specify path to libsepolwrap library\n" + parser.usage)
|
"libsepolwrap" + distutils.ccompiler.new_compiler().shared_lib_extension)
|
||||||
if not os.path.exists(options.libpath):
|
if not os.path.exists(libpath):
|
||||||
sys.exit("Error: library-path " + options.libpath + " does not exist\n"
|
sys.exit("Error: libsepolwrap does not exist. Is this binary corrupted?\n")
|
||||||
+ parser.usage)
|
|
||||||
|
|
||||||
if not options.policy:
|
if not options.policy:
|
||||||
sys.exit("Must specify monolithic policy file\n" + parser.usage)
|
sys.exit("Must specify monolithic policy file\n" + parser.usage)
|
||||||
@ -173,7 +171,7 @@ if __name__ == '__main__':
|
|||||||
sys.exit("Error: File_contexts file " + f + " does not exist\n" +
|
sys.exit("Error: File_contexts file " + f + " does not exist\n" +
|
||||||
parser.usage)
|
parser.usage)
|
||||||
|
|
||||||
pol = policy.Policy(options.policy, options.file_contexts, options.libpath)
|
pol = policy.Policy(options.policy, options.file_contexts, libpath)
|
||||||
|
|
||||||
results = ""
|
results = ""
|
||||||
# If an individual test is not specified, run all tests.
|
# If an individual test is not specified, run all tests.
|
||||||
|
@ -20,6 +20,7 @@ import policy
|
|||||||
from policy import MatchPathPrefix
|
from policy import MatchPathPrefix
|
||||||
import re
|
import re
|
||||||
import sys
|
import sys
|
||||||
|
import distutils.ccompiler
|
||||||
|
|
||||||
DEBUG=False
|
DEBUG=False
|
||||||
|
|
||||||
@ -341,7 +342,7 @@ Tests = {"CoredomainViolations": TestCoredomainViolations,
|
|||||||
"ViolatorAttributes": TestViolatorAttributes}
|
"ViolatorAttributes": TestViolatorAttributes}
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
usage = "treble_sepolicy_tests -l $(ANDROID_HOST_OUT)/lib64/libsepolwrap.so "
|
usage = "treble_sepolicy_tests "
|
||||||
usage += "-f nonplat_file_contexts -f plat_file_contexts "
|
usage += "-f nonplat_file_contexts -f plat_file_contexts "
|
||||||
usage += "-p curr_policy -b base_policy -o old_policy "
|
usage += "-p curr_policy -b base_policy -o old_policy "
|
||||||
usage +="-m mapping file [--test test] [--help]"
|
usage +="-m mapping file [--test test] [--help]"
|
||||||
@ -351,7 +352,6 @@ if __name__ == '__main__':
|
|||||||
metavar="FILE")
|
metavar="FILE")
|
||||||
parser.add_option("-f", "--file_contexts", dest="file_contexts",
|
parser.add_option("-f", "--file_contexts", dest="file_contexts",
|
||||||
metavar="FILE", action="extend", type="string")
|
metavar="FILE", action="extend", type="string")
|
||||||
parser.add_option("-l", "--library-path", dest="libpath", metavar="FILE")
|
|
||||||
parser.add_option("-m", "--mapping", dest="mapping", metavar="FILE")
|
parser.add_option("-m", "--mapping", dest="mapping", metavar="FILE")
|
||||||
parser.add_option("-o", "--oldpolicy", dest="oldpolicy", metavar="FILE")
|
parser.add_option("-o", "--oldpolicy", dest="oldpolicy", metavar="FILE")
|
||||||
parser.add_option("-p", "--policy", dest="policy", metavar="FILE")
|
parser.add_option("-p", "--policy", dest="policy", metavar="FILE")
|
||||||
@ -362,11 +362,6 @@ if __name__ == '__main__':
|
|||||||
|
|
||||||
(options, args) = parser.parse_args()
|
(options, args) = parser.parse_args()
|
||||||
|
|
||||||
if not options.libpath:
|
|
||||||
sys.exit("Must specify path to libsepolwrap library\n" + parser.usage)
|
|
||||||
if not os.path.exists(options.libpath):
|
|
||||||
sys.exit("Error: library-path " + options.libpath + " does not exist\n"
|
|
||||||
+ parser.usage)
|
|
||||||
if not options.policy:
|
if not options.policy:
|
||||||
sys.exit("Must specify current monolithic policy file\n" + parser.usage)
|
sys.exit("Must specify current monolithic policy file\n" + parser.usage)
|
||||||
if not os.path.exists(options.policy):
|
if not os.path.exists(options.policy):
|
||||||
@ -379,6 +374,11 @@ if __name__ == '__main__':
|
|||||||
sys.exit("Error: File_contexts file " + f + " does not exist\n" +
|
sys.exit("Error: File_contexts file " + f + " does not exist\n" +
|
||||||
parser.usage)
|
parser.usage)
|
||||||
|
|
||||||
|
libpath = os.path.join(os.path.dirname(os.path.realpath(__file__)),
|
||||||
|
"libsepolwrap" + distutils.ccompiler.new_compiler().shared_lib_extension)
|
||||||
|
if not os.path.exists(libpath):
|
||||||
|
sys.exit("Error: libsepolwrap does not exist. Is this binary corrupted?\n")
|
||||||
|
|
||||||
# Mapping files and public platform policy are only necessary for the
|
# Mapping files and public platform policy are only necessary for the
|
||||||
# TrebleCompatMapping test.
|
# TrebleCompatMapping test.
|
||||||
if options.tests is None or options.tests == "TrebleCompatMapping":
|
if options.tests is None or options.tests == "TrebleCompatMapping":
|
||||||
@ -394,8 +394,8 @@ if __name__ == '__main__':
|
|||||||
if not options.base_pub_policy:
|
if not options.base_pub_policy:
|
||||||
sys.exit("Must specify the current platform-only public policy "
|
sys.exit("Must specify the current platform-only public policy "
|
||||||
+ ".cil file\n" + parser.usage)
|
+ ".cil file\n" + parser.usage)
|
||||||
basepol = policy.Policy(options.basepolicy, None, options.libpath)
|
basepol = policy.Policy(options.basepolicy, None, libpath)
|
||||||
oldpol = policy.Policy(options.oldpolicy, None, options.libpath)
|
oldpol = policy.Policy(options.oldpolicy, None, libpath)
|
||||||
mapping = mini_parser.MiniCilParser(options.mapping)
|
mapping = mini_parser.MiniCilParser(options.mapping)
|
||||||
pubpol = mini_parser.MiniCilParser(options.base_pub_policy)
|
pubpol = mini_parser.MiniCilParser(options.base_pub_policy)
|
||||||
compatSetup(basepol, oldpol, mapping, pubpol.types)
|
compatSetup(basepol, oldpol, mapping, pubpol.types)
|
||||||
@ -403,7 +403,7 @@ if __name__ == '__main__':
|
|||||||
if options.faketreble:
|
if options.faketreble:
|
||||||
FakeTreble = True
|
FakeTreble = True
|
||||||
|
|
||||||
pol = policy.Policy(options.policy, options.file_contexts, options.libpath)
|
pol = policy.Policy(options.policy, options.file_contexts, libpath)
|
||||||
setup(pol)
|
setup(pol)
|
||||||
|
|
||||||
if DEBUG:
|
if DEBUG:
|
||||||
|
@ -164,8 +164,7 @@ $(LOCAL_BUILT_MODULE): $(HOST_OUT_EXECUTABLES)/treble_sepolicy_tests \
|
|||||||
$(public_cil_files) \
|
$(public_cil_files) \
|
||||||
$(built_$(version)_plat_sepolicy) $($(version)_compat) $($(version)_mapping.combined.cil)
|
$(built_$(version)_plat_sepolicy) $($(version)_compat) $($(version)_mapping.combined.cil)
|
||||||
@mkdir -p $(dir $@)
|
@mkdir -p $(dir $@)
|
||||||
$(hide) $(HOST_OUT_EXECUTABLES)/treble_sepolicy_tests -l \
|
$(hide) $(HOST_OUT_EXECUTABLES)/treble_sepolicy_tests $(ALL_FC_ARGS) \
|
||||||
$(HOST_OUT)/lib64/libsepolwrap.$(SHAREDLIB_EXT) $(ALL_FC_ARGS) \
|
|
||||||
-b $(PRIVATE_PLAT_SEPOLICY) -m $(PRIVATE_COMBINED_MAPPING) \
|
-b $(PRIVATE_PLAT_SEPOLICY) -m $(PRIVATE_COMBINED_MAPPING) \
|
||||||
-o $(PRIVATE_SEPOLICY_OLD) -p $(PRIVATE_SEPOLICY) \
|
-o $(PRIVATE_SEPOLICY_OLD) -p $(PRIVATE_SEPOLICY) \
|
||||||
-u $(PRIVATE_PLAT_PUB_SEPOLICY) \
|
-u $(PRIVATE_PLAT_PUB_SEPOLICY) \
|
||||||
|
Loading…
Reference in New Issue
Block a user