Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 580eb4fe authored by Jooyung Han's avatar Jooyung Han
Browse files

apex: add apex_manifest.pb in file_contexts 

apex_manifest.pb is added to payload.img by the build system and is
supposed to be read by apexd during activation.

So, it should be labeled as "system_file" so that apexd can read it
regardless of how file_contexts is defined.

Bug: 159767275
Test: add an apex with file_contexts with everything as vendor_file
      apexd should activate the apex.
Change-Id: Ie34eb7ad905828976152d67a7dfabf0add0a5de4
parent c487ae15

apex/apex.go

+3 −18
Original line number Diff line number Diff line
@@ -16,7 +16,6 @@ package apex 


import (

	"fmt"

	"path"

	"path/filepath"

	"sort"

	"strings"
@@ -1242,7 +1241,7 @@ type apexBundle struct { 
	container_certificate_file android.Path

	container_private_key_file android.Path



	fileContexts android.Path

	fileContexts android.WritablePath



	// list of files to be included in this apex

	filesInfo []apexFile
@@ -2174,22 +2173,6 @@ func (a *apexBundle) GenerateAndroidBuildActions(ctx android.ModuleContext) { 
	a.installDir = android.PathForModuleInstall(ctx, "apex")

	a.filesInfo = filesInfo



	if a.properties.ApexType != zipApex {

		if a.properties.File_contexts == nil {

			a.fileContexts = android.PathForSource(ctx, "system/sepolicy/apex", ctx.ModuleName()+"-file_contexts")

		} else {

			a.fileContexts = android.PathForModuleSrc(ctx, *a.properties.File_contexts)

			if a.Platform() {

				if matched, err := path.Match("system/sepolicy/**/*", a.fileContexts.String()); err != nil || !matched {

					ctx.PropertyErrorf("file_contexts", "should be under system/sepolicy, but %q", a.fileContexts)

				}

			}

		}

		if !android.ExistentPathForSource(ctx, a.fileContexts.String()).Valid() {

			ctx.PropertyErrorf("file_contexts", "cannot find file_contexts file: %q", a.fileContexts)

			return

		}

	}

	// Optimization. If we are building bundled APEX, for the files that are gathered due to the

	// transitive dependencies, don't place them inside the APEX, but place a symlink pointing

	// the same library in the system partition, thus effectively sharing the same libraries
@@ -2213,6 +2196,8 @@ func (a *apexBundle) GenerateAndroidBuildActions(ctx android.ModuleContext) { 
	// prepare apex_manifest.json

	a.buildManifest(ctx, provideNativeLibs, requireNativeLibs)



	a.buildFileContexts(ctx)



	a.setCertificateAndPrivateKey(ctx)

	if a.properties.ApexType == flattenedApex {

		a.buildFlattenedApex(ctx)

apex/apex_test.go

+73 −79
Original line number Diff line number Diff line
@@ -3275,7 +3275,7 @@ func TestApexInVariousPartition(t *testing.T) { 
	}

}



func TestFileContexts(t *testing.T) {

func TestFileContexts_FindInDefaultLocationIfNotSet(t *testing.T) {

	ctx, _ := testApex(t, `

		apex {

			name: "myapex",
@@ -3289,13 +3289,11 @@ func TestFileContexts(t *testing.T) { 
		}

	`)

	module := ctx.ModuleForTests("myapex", "android_common_myapex_image")

	apexRule := module.Rule("apexRule")

	actual := apexRule.Args["file_contexts"]

	expected := "system/sepolicy/apex/myapex-file_contexts"

	if actual != expected {

		t.Errorf("wrong file_contexts. expected %q. actual %q", expected, actual)

	rule := module.Output("file_contexts")

	ensureContains(t, rule.RuleParams.Command, "cat system/sepolicy/apex/myapex-file_contexts")

}



func TestFileContexts_ShouldBeUnderSystemSepolicyForSystemApexes(t *testing.T) {

	testApexError(t, `"myapex" .*: file_contexts: should be under system/sepolicy`, `

		apex {

			name: "myapex",
@@ -3311,7 +3309,9 @@ func TestFileContexts(t *testing.T) { 
	`, withFiles(map[string][]byte{

		"my_own_file_contexts": nil,

	}))

}



func TestFileContexts_ProductSpecificApexes(t *testing.T) {

	testApexError(t, `"myapex" .*: file_contexts: cannot find`, `

		apex {

			name: "myapex",
@@ -3327,7 +3327,7 @@ func TestFileContexts(t *testing.T) { 
		}

	`)



	ctx, _ = testApex(t, `

	ctx, _ := testApex(t, `

		apex {

			name: "myapex",

			key: "myapex.key",
@@ -3343,15 +3343,13 @@ func TestFileContexts(t *testing.T) { 
	`, withFiles(map[string][]byte{

		"product_specific_file_contexts": nil,

	}))

	module = ctx.ModuleForTests("myapex", "android_common_myapex_image")

	apexRule = module.Rule("apexRule")

	actual = apexRule.Args["file_contexts"]

	expected = "product_specific_file_contexts"

	if actual != expected {

		t.Errorf("wrong file_contexts. expected %q. actual %q", expected, actual)

	module := ctx.ModuleForTests("myapex", "android_common_myapex_image")

	rule := module.Output("file_contexts")

	ensureContains(t, rule.RuleParams.Command, "cat product_specific_file_contexts")

}



	ctx, _ = testApex(t, `

func TestFileContexts_SetViaFileGroup(t *testing.T) {

	ctx, _ := testApex(t, `

		apex {

			name: "myapex",

			key: "myapex.key",
@@ -3372,13 +3370,9 @@ func TestFileContexts(t *testing.T) { 
	`, withFiles(map[string][]byte{

		"product_specific_file_contexts": nil,

	}))

	module = ctx.ModuleForTests("myapex", "android_common_myapex_image")

	apexRule = module.Rule("apexRule")

	actual = apexRule.Args["file_contexts"]

	expected = "product_specific_file_contexts"

	if actual != expected {

		t.Errorf("wrong file_contexts. expected %q. actual %q", expected, actual)

	}

	module := ctx.ModuleForTests("myapex", "android_common_myapex_image")

	rule := module.Output("file_contexts")

	ensureContains(t, rule.RuleParams.Command, "cat product_specific_file_contexts")

}



func TestApexKeyFromOtherModule(t *testing.T) {

apex/builder.go

+33 −0
Original line number Diff line number Diff line
@@ -17,6 +17,7 @@ package apex 
import (

	"encoding/json"

	"fmt"

	"path"

	"path/filepath"

	"runtime"

	"sort"
@@ -231,6 +232,38 @@ func (a *apexBundle) buildManifest(ctx android.ModuleContext, provideNativeLibs, 
	})

}



func (a *apexBundle) buildFileContexts(ctx android.ModuleContext) {

	if a.properties.ApexType == zipApex {

		return

	}

	var fileContexts android.Path

	if a.properties.File_contexts == nil {

		fileContexts = android.PathForSource(ctx, "system/sepolicy/apex", ctx.ModuleName()+"-file_contexts")

	} else {

		fileContexts = android.PathForModuleSrc(ctx, *a.properties.File_contexts)

	}

	if a.Platform() {

		if matched, err := path.Match("system/sepolicy/**/*", fileContexts.String()); err != nil || !matched {

			ctx.PropertyErrorf("file_contexts", "should be under system/sepolicy, but %q", fileContexts)

			return

		}

	}

	if !android.ExistentPathForSource(ctx, fileContexts.String()).Valid() {

		ctx.PropertyErrorf("file_contexts", "cannot find file_contexts file: %q", a.fileContexts)

		return

	}



	output := android.PathForModuleOut(ctx, "file_contexts")

	rule := android.NewRuleBuilder()

	rule.Command().Text("rm").FlagWithOutput("-f ", output)

	rule.Command().Text("cat").Input(fileContexts).Text(">>").Output(output)

	rule.Command().Text("echo").Text(">>").Output(output)

	rule.Command().Text("echo").Flag("/apex_manifest\\\\.pb u:object_r:system_file:s0").Text(">>").Output(output)

	rule.Build(pctx, ctx, "file_contexts."+a.Name(), "Generate file_contexts")



	a.fileContexts = output.OutputPath

}



func (a *apexBundle) buildNoticeFiles(ctx android.ModuleContext, apexFileName string) android.NoticeOutputs {

	var noticeFiles android.Paths