Loading android/neverallow.go +6 −1 Original line number Diff line number Diff line Loading @@ -212,11 +212,16 @@ func createUncompressDexRules() []Rule { } func createMakefileGoalRules() []Rule { allowlist := []string{ // libwifi_hal uses makefile_goal for its dependencies "frameworks/opt/net/wifi/libwifi_hal", } return []Rule{ NeverAllow(). ModuleType("makefile_goal"). WithoutMatcher("product_out_path", Regexp("^boot[0-9a-zA-Z.-]*[.]img$")). Because("Only boot images may be imported as a makefile goal."), NotIn(allowlist...). Because("Only boot images may be imported as a makefile goal if not in allowed projects"), } } Loading android/neverallow_test.go +26 −1 Original line number Diff line number Diff line Loading @@ -324,7 +324,32 @@ var neverallowTests = []struct { `), }, expectedErrors: []string{ "Only boot images may be imported as a makefile goal.", "Only boot images.* may be imported as a makefile goal", }, }, { name: "disallowed makefile_goal outside external", fs: map[string][]byte{ "project/Android.bp": []byte(` makefile_goal { name: "foo", product_out_path: "obj/EXE/foo", } `), }, expectedErrors: []string{ "not in allowed projects", }, }, { name: "allow makefile_goal within external", fs: map[string][]byte{ "frameworks/opt/net/wifi/libwifi_hal/Android.bp": []byte(` makefile_goal { name: "foo", product_out_path: "obj/EXE/foo", } `), }, }, // Tests for the rule prohibiting the use of framework Loading Loading
android/neverallow.go +6 −1 Original line number Diff line number Diff line Loading @@ -212,11 +212,16 @@ func createUncompressDexRules() []Rule { } func createMakefileGoalRules() []Rule { allowlist := []string{ // libwifi_hal uses makefile_goal for its dependencies "frameworks/opt/net/wifi/libwifi_hal", } return []Rule{ NeverAllow(). ModuleType("makefile_goal"). WithoutMatcher("product_out_path", Regexp("^boot[0-9a-zA-Z.-]*[.]img$")). Because("Only boot images may be imported as a makefile goal."), NotIn(allowlist...). Because("Only boot images may be imported as a makefile goal if not in allowed projects"), } } Loading
android/neverallow_test.go +26 −1 Original line number Diff line number Diff line Loading @@ -324,7 +324,32 @@ var neverallowTests = []struct { `), }, expectedErrors: []string{ "Only boot images may be imported as a makefile goal.", "Only boot images.* may be imported as a makefile goal", }, }, { name: "disallowed makefile_goal outside external", fs: map[string][]byte{ "project/Android.bp": []byte(` makefile_goal { name: "foo", product_out_path: "obj/EXE/foo", } `), }, expectedErrors: []string{ "not in allowed projects", }, }, { name: "allow makefile_goal within external", fs: map[string][]byte{ "frameworks/opt/net/wifi/libwifi_hal/Android.bp": []byte(` makefile_goal { name: "foo", product_out_path: "obj/EXE/foo", } `), }, }, // Tests for the rule prohibiting the use of framework Loading
