Loading apex/apex.go +4 −0 Original line number Diff line number Diff line Loading @@ -99,6 +99,10 @@ type apexBundleProperties struct { // /system/sepolicy/apex/<module_name>_file_contexts. File_contexts *string `android:"path"` // By default, file_contexts is amended by force-labelling / and /apex_manifest.pb as system_file // to avoid mistakes. When set as true, no force-labelling. Use_file_contexts_as_is *bool // Path to the canned fs config file for customizing file's uid/gid/mod/capabilities. The // format is /<path_or_glob> <uid> <gid> <mode> [capabilities=0x<cap>], where path_or_glob is a // path or glob pattern for a file or set of files, uid/gid are numerial values of user ID Loading apex/apex_test.go +37 −0 Original line number Diff line number Diff line Loading @@ -784,6 +784,43 @@ func TestApexManifestMinSdkVersion(t *testing.T) { } } func TestFileContexts(t *testing.T) { for _, useFileContextsAsIs := range []bool{true, false} { prop := "" if useFileContextsAsIs { prop = "use_file_contexts_as_is: true,\n" } ctx := testApex(t, ` apex { name: "myapex", key: "myapex.key", file_contexts: "file_contexts", updatable: false, vendor: true, `+prop+` } apex_key { name: "myapex.key", public_key: "testkey.avbpubkey", private_key: "testkey.pem", } `, withFiles(map[string][]byte{ "file_contexts": nil, })) rule := ctx.ModuleForTests("myapex", "android_common_myapex_image").Output("file_contexts") forceLabellingCommand := "apex_manifest\\\\.pb u:object_r:system_file:s0" if useFileContextsAsIs { android.AssertStringDoesNotContain(t, "should force-label", rule.RuleParams.Command, forceLabellingCommand) } else { android.AssertStringDoesContain(t, "shouldn't force-label", rule.RuleParams.Command, forceLabellingCommand) } } } func TestBasicZipApex(t *testing.T) { ctx := testApex(t, ` apex { Loading apex/builder.go +12 −6 Original line number Diff line number Diff line Loading @@ -333,6 +333,8 @@ func (a *apexBundle) buildFileContexts(ctx android.ModuleContext) android.Output ctx.PropertyErrorf("file_contexts", "cannot find file_contexts file: %q", fileContexts.String()) } useFileContextsAsIs := proptools.Bool(a.properties.Use_file_contexts_as_is) output := android.PathForModuleOut(ctx, "file_contexts") rule := android.NewRuleBuilder(pctx, ctx) Loading @@ -344,9 +346,11 @@ func (a *apexBundle) buildFileContexts(ctx android.ModuleContext) android.Output rule.Command().Text("cat").Input(fileContexts).Text(">>").Output(output) // new line rule.Command().Text("echo").Text(">>").Output(output) if !useFileContextsAsIs { // force-label /apex_manifest.pb and / as system_file so that apexd can read them rule.Command().Text("echo").Flag("/apex_manifest\\\\.pb u:object_r:system_file:s0").Text(">>").Output(output) rule.Command().Text("echo").Flag("/ u:object_r:system_file:s0").Text(">>").Output(output) } case flattenedApex: // For flattened apexes, install path should be prepended. // File_contexts file should be emiited to make via LOCAL_FILE_CONTEXTS Loading @@ -359,9 +363,11 @@ func (a *apexBundle) buildFileContexts(ctx android.ModuleContext) android.Output rule.Command().Text("awk").Text(`'/object_r/{printf("` + apexPath + `%s\n", $0)}'`).Input(fileContexts).Text(">").Output(output) // new line rule.Command().Text("echo").Text(">>").Output(output) if !useFileContextsAsIs { // force-label /apex_manifest.pb and / as system_file so that apexd can read them rule.Command().Text("echo").Flag(apexPath + `/apex_manifest\\.pb u:object_r:system_file:s0`).Text(">>").Output(output) rule.Command().Text("echo").Flag(apexPath + "/ u:object_r:system_file:s0").Text(">>").Output(output) } default: panic(fmt.Errorf("unsupported type %v", a.properties.ApexType)) } Loading Loading
apex/apex.go +4 −0 Original line number Diff line number Diff line Loading @@ -99,6 +99,10 @@ type apexBundleProperties struct { // /system/sepolicy/apex/<module_name>_file_contexts. File_contexts *string `android:"path"` // By default, file_contexts is amended by force-labelling / and /apex_manifest.pb as system_file // to avoid mistakes. When set as true, no force-labelling. Use_file_contexts_as_is *bool // Path to the canned fs config file for customizing file's uid/gid/mod/capabilities. The // format is /<path_or_glob> <uid> <gid> <mode> [capabilities=0x<cap>], where path_or_glob is a // path or glob pattern for a file or set of files, uid/gid are numerial values of user ID Loading
apex/apex_test.go +37 −0 Original line number Diff line number Diff line Loading @@ -784,6 +784,43 @@ func TestApexManifestMinSdkVersion(t *testing.T) { } } func TestFileContexts(t *testing.T) { for _, useFileContextsAsIs := range []bool{true, false} { prop := "" if useFileContextsAsIs { prop = "use_file_contexts_as_is: true,\n" } ctx := testApex(t, ` apex { name: "myapex", key: "myapex.key", file_contexts: "file_contexts", updatable: false, vendor: true, `+prop+` } apex_key { name: "myapex.key", public_key: "testkey.avbpubkey", private_key: "testkey.pem", } `, withFiles(map[string][]byte{ "file_contexts": nil, })) rule := ctx.ModuleForTests("myapex", "android_common_myapex_image").Output("file_contexts") forceLabellingCommand := "apex_manifest\\\\.pb u:object_r:system_file:s0" if useFileContextsAsIs { android.AssertStringDoesNotContain(t, "should force-label", rule.RuleParams.Command, forceLabellingCommand) } else { android.AssertStringDoesContain(t, "shouldn't force-label", rule.RuleParams.Command, forceLabellingCommand) } } } func TestBasicZipApex(t *testing.T) { ctx := testApex(t, ` apex { Loading
apex/builder.go +12 −6 Original line number Diff line number Diff line Loading @@ -333,6 +333,8 @@ func (a *apexBundle) buildFileContexts(ctx android.ModuleContext) android.Output ctx.PropertyErrorf("file_contexts", "cannot find file_contexts file: %q", fileContexts.String()) } useFileContextsAsIs := proptools.Bool(a.properties.Use_file_contexts_as_is) output := android.PathForModuleOut(ctx, "file_contexts") rule := android.NewRuleBuilder(pctx, ctx) Loading @@ -344,9 +346,11 @@ func (a *apexBundle) buildFileContexts(ctx android.ModuleContext) android.Output rule.Command().Text("cat").Input(fileContexts).Text(">>").Output(output) // new line rule.Command().Text("echo").Text(">>").Output(output) if !useFileContextsAsIs { // force-label /apex_manifest.pb and / as system_file so that apexd can read them rule.Command().Text("echo").Flag("/apex_manifest\\\\.pb u:object_r:system_file:s0").Text(">>").Output(output) rule.Command().Text("echo").Flag("/ u:object_r:system_file:s0").Text(">>").Output(output) } case flattenedApex: // For flattened apexes, install path should be prepended. // File_contexts file should be emiited to make via LOCAL_FILE_CONTEXTS Loading @@ -359,9 +363,11 @@ func (a *apexBundle) buildFileContexts(ctx android.ModuleContext) android.Output rule.Command().Text("awk").Text(`'/object_r/{printf("` + apexPath + `%s\n", $0)}'`).Input(fileContexts).Text(">").Output(output) // new line rule.Command().Text("echo").Text(">>").Output(output) if !useFileContextsAsIs { // force-label /apex_manifest.pb and / as system_file so that apexd can read them rule.Command().Text("echo").Flag(apexPath + `/apex_manifest\\.pb u:object_r:system_file:s0`).Text(">>").Output(output) rule.Command().Text("echo").Flag(apexPath + "/ u:object_r:system_file:s0").Text(">>").Output(output) } default: panic(fmt.Errorf("unsupported type %v", a.properties.ApexType)) } Loading
