Refactor fc_sort and add unit tests
Clean up fc_sort to facilitate the migration to Python3. Use PEP8 for
naming scheme.
Test: atest --host fc_sort_test
Bug: 200119288
Change-Id: Ia2c40a850a48ec75e995d5233b5abaae10917a89
diff --git a/tests/Android.bp b/tests/Android.bp
index 6a86188..58d4c4f 100644
--- a/tests/Android.bp
+++ b/tests/Android.bp
@@ -28,7 +28,6 @@
name: "py2_only",
version: {
py2: {
- embedded_launcher: true,
enabled: true,
},
py3: {
@@ -88,6 +87,18 @@
defaults: ["py2_only"],
}
+python_test_host {
+ name: "fc_sort_test",
+ srcs: [
+ "fc_sort.py",
+ "fc_sort_test.py",
+ ],
+ defaults: ["py2_only"],
+ test_options: {
+ unit_test: true,
+ }
+}
+
python_binary_host {
name: "check_prop_prefix",
srcs: ["check_prop_prefix.py"],
diff --git a/tests/fc_sort.py b/tests/fc_sort.py
old mode 100755
new mode 100644
index cbb0e5e..2bad6fb
--- a/tests/fc_sort.py
+++ b/tests/fc_sort.py
@@ -1,142 +1,158 @@
-#!/usr/bin/env python
-import sys
-import os
+#!/usr/bin/env python2
+#
+# Copyright 2021 - The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
import argparse
+import os
+import sys
-class FileContextsNode:
- path = None
- fileType = None
- context = None
- Type = None
- meta = None
- stemLen = None
- strLen = None
- Type = None
- line = None
- def __init__(self, path, fileType, context, meta, stemLen, strLen, line):
- self.path = path
- self.fileType = fileType
- self.context = context
- self.meta = meta
- self.stemLen = stemLen
- self.strlen = strLen
- self.Type = context.split(":")[2]
- self.line = line
-metaChars = frozenset(['.', '^', '$', '?', '*', '+', '|', '[', '(', '{'])
-escapedMetaChars = frozenset(['\.', '\^', '\$', '\?', '\*', '\+', '\|', '\[', '\(', '\{'])
+META_CHARS = frozenset(['.', '^', '$', '?', '*', '+', '|', '[', '(', '{'])
+ESCAPED_META_CHARS = frozenset([ '\\{}'.format(c) for c in META_CHARS ])
-def getStemLen(path):
- global metaChars
- stemLen = 0
+
+def get_stem_len(path):
+ """Returns the length of the stem."""
+ stem_len = 0
i = 0
while i < len(path):
if path[i] == "\\":
i += 1
- elif path[i] in metaChars:
+ elif path[i] in META_CHARS:
break
- stemLen += 1
+ stem_len += 1
i += 1
- return stemLen
+ return stem_len
-def getIsMeta(path):
- global metaChars
- global escapedMetaChars
- metaCharsCount = 0
- escapedMetaCharsCount = 0
- for c in metaChars:
+def is_meta(path):
+ """Indicates if a path contains any metacharacter."""
+ meta_char_count = 0
+ escaped_meta_char_count = 0
+ for c in META_CHARS:
if c in path:
- metaCharsCount += 1
- for c in escapedMetaChars:
+ meta_char_count += 1
+ for c in ESCAPED_META_CHARS:
if c in path:
- escapedMetaCharsCount += 1
- return metaCharsCount > escapedMetaCharsCount
+ escaped_meta_char_count += 1
+ return meta_char_count > escaped_meta_char_count
-def CreateNode(line):
- global metaChars
- if (len(line) == 0) or (line[0] == '#'):
- return None
- split = line.split()
- path = split[0].strip()
- context = split[-1].strip()
- fileType = None
- if len(split) == 3:
- fileType = split[1].strip()
- meta = getIsMeta(path)
- stemLen = getStemLen(path)
- strLen = len(path.replace("\\", ""))
+class FileContextsNode(object):
+ """An entry in a file_context file."""
- return FileContextsNode(path, fileType, context, meta, stemLen, strLen, line)
+ def __init__(self, path, file_type, context, meta, stem_len, str_len, line):
+ self.path = path
+ self.file_type = file_type
+ self.context = context
+ self.meta = meta
+ self.stem_len = stem_len
+ self.str_len = str_len
+ self.type = context.split(":")[2]
+ self.line = line
-def ReadFileContexts(files):
- fc = []
- for f in files:
- fd = open(f)
- for line in fd:
- node = CreateNode(line.strip())
- if node != None:
- fc.append(node)
- return fc
+ @classmethod
+ def create(cls, line):
+ if (len(line) == 0) or (line[0] == '#'):
+ return None
-# Comparator function for list.sort() based off of fc_sort.c
-# Compares two FileContextNodes a and b and returns 1 if a is more
-# specific or -1 if b is more specific.
-def compare(a, b):
- # The regex without metachars is more specific
- if a.meta and not b.meta:
- return -1
- if b.meta and not a.meta:
- return 1
+ split = line.split()
+ path = split[0].strip()
+ context = split[-1].strip()
+ file_type = None
+ if len(split) == 3:
+ file_type = split[1].strip()
+ meta = is_meta(path)
+ stem_len = get_stem_len(path)
+ str_len = len(path.replace("\\", ""))
- # The regex with longer stemlen (regex before any meta characters) is more specific.
- if a.stemLen < b.stemLen:
- return -1
- if b.stemLen < a.stemLen:
- return 1
+ return cls(path, file_type, context, meta, stem_len, str_len, line)
- # The regex with longer string length is more specific
- if a.strLen < b.strLen:
- return -1
- if b.strLen < a.strLen:
- return 1
+ # Comparator function based off fc_sort.c
+ def __lt__(self, other):
+ # The regex without metachars is more specific.
+ if self.meta and not other.meta:
+ return True
+ if other.meta and not self.meta:
+ return False
- # A regex with a fileType defined (e.g. file, dir) is more specific.
- if a.fileType is None and b.fileType is not None:
- return -1
- if b.fileType is None and a.fileType is not None:
- return 1
+ # The regex with longer stem_len (regex before any meta characters) is
+ # more specific.
+ if self.stem_len < other.stem_len:
+ return True
+ if other.stem_len < self.stem_len:
+ return False
- # Regexes are equally specific.
- return 0
+ # The regex with longer string length is more specific
+ if self.str_len < other.str_len:
+ return True
+ if other.str_len < self.str_len:
+ return False
-def FcSort(files):
+ # A regex with a file_type defined (e.g. file, dir) is more specific.
+ if self.file_type is None and other.file_type is not None:
+ return True
+ if other.file_type is None and self.file_type is not None:
+ return False
+
+ return False
+
+
+def read_file_contexts(file_descriptor):
+ file_contexts = []
+ for line in file_descriptor:
+ node = FileContextsNode.create(line.strip())
+ if node is not None:
+ file_contexts.append(node)
+ return file_contexts
+
+
+def read_multiple_file_contexts(files):
+ file_contexts = []
+ for filename in files:
+ with open(filename) as fd:
+ file_contexts.extend(read_file_contexts(fd))
+ return file_contexts
+
+
+def sort(files):
for f in files:
if not os.path.exists(f):
sys.exit("Error: File_contexts file " + f + " does not exist\n")
+ file_contexts = read_multiple_file_contexts(files)
+ file_contexts.sort()
+ return file_contexts
- Fc = ReadFileContexts(files)
- Fc.sort(cmp=compare)
- return Fc
-
-def PrintFc(Fc, out):
+def print_fc(fc, out):
if not out:
f = sys.stdout
else:
f = open(out, "w")
- for node in Fc:
+ for node in fc:
f.write(node.line + "\n")
+
if __name__ == '__main__':
- parser = argparse.ArgumentParser(description="SELinux file_contexts sorting tool.")
- parser.add_argument("-i", dest="input", help="Path to the file_contexts file(s).", nargs="?", action='append')
- parser.add_argument("-o", dest="output", help="Path to the output file", nargs=1)
+ parser = argparse.ArgumentParser(
+ description="SELinux file_contexts sorting tool.")
+ parser.add_argument("-i", dest="input", nargs="*",
+ help="Path to the file_contexts file(s).")
+ parser.add_argument("-o", dest="output", help="Path to the output file.")
args = parser.parse_args()
if not args.input:
parser.error("Must include path to policy")
- if not not args.output:
- args.output = args.output[0]
- PrintFc(FcSort(args.input),args.output)
+ print_fc(sort(args.input), args.output)
diff --git a/tests/fc_sort_test.py b/tests/fc_sort_test.py
new file mode 100644
index 0000000..2d8d2d8
--- /dev/null
+++ b/tests/fc_sort_test.py
@@ -0,0 +1,59 @@
+# Copyright 2021 - The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import unittest
+
+import fc_sort
+
+class FcSortTest(unittest.TestCase):
+
+ def testGetStemLen(self):
+ self.assertEqual(fc_sort.get_stem_len("/data"), 5)
+ self.assertEqual(fc_sort.get_stem_len("/data/system"), 12)
+ self.assertEqual(fc_sort.get_stem_len("/data/(system)?"), 6)
+
+ def testIsMeta(self):
+ self.assertEqual(fc_sort.is_meta("/data"), False)
+ self.assertEqual(fc_sort.is_meta("/data$"), True)
+ self.assertEqual(fc_sort.is_meta(r"\$data"), False)
+
+ def testLesserThan(self):
+ n1 = fc_sort.FileContextsNode.create("/data u:object_r:rootfs:s0")
+ # shorter stem_len
+ n2 = fc_sort.FileContextsNode.create("/d u:object_r:rootfs:s0")
+ # is meta
+ n3 = fc_sort.FileContextsNode.create("/data/l(/.*)? u:object_r:log:s0")
+ # with file_type
+ n4 = fc_sort.FileContextsNode.create("/data -- u:object_r:rootfs:s0")
+ contexts = [n1, n2, n3, n4]
+ contexts.sort()
+ self.assertEqual(contexts, [n3, n2, n1, n4])
+
+ def testReadFileContexts(self):
+ content = """# comment
+/ u:object_r:rootfs:s0
+# another comment
+/adb_keys u:object_r:adb_keys_file:s0
+"""
+ fcs = fc_sort.read_file_contexts(content.splitlines())
+ self.assertEqual(len(fcs), 2)
+
+ self.assertEqual(fcs[0].path, "/")
+ self.assertEqual(fcs[0].type, "rootfs")
+
+ self.assertEqual(fcs[1].path, "/adb_keys")
+ self.assertEqual(fcs[1].type, "adb_keys_file")
+
+if __name__ == '__main__':
+ unittest.main(verbosity=2)
diff --git a/tests/policy.py b/tests/policy.py
index 40229b8..4648e30 100644
--- a/tests/policy.py
+++ b/tests/policy.py
@@ -271,7 +271,7 @@
PathType = []
for i in range(index, len(self.__FcSorted)):
if MatchPathPrefix(self.__FcSorted[i].path, prefix):
- PathType.append((self.__FcSorted[i].path, self.__FcSorted[i].Type))
+ PathType.append((self.__FcSorted[i].path, self.__FcSorted[i].type))
return PathType
# Return types that match MatchPrefixes but do not match
@@ -430,7 +430,7 @@
self.__FcDict[t] = [rec[0]]
except:
pass
- self.__FcSorted = fc_sort.FcSort(FcPaths)
+ self.__FcSorted = fc_sort.sort(FcPaths)
# load policy
def __InitPolicy(self, PolicyPath):