diff options
| author | 2025-01-09 17:45:45 +0900 | |
|---|---|---|
| committer | 2025-01-09 17:45:45 +0900 | |
| commit | 852545ad0eca1b8e370a023c1ad255beb653780c (patch) | |
| tree | ec406195163ef8dbaef192ff250ffdfdb3786025 /apex/builder.go | |
| parent | 420177f2e105f119df46c008f969dd41dd28be47 (diff) | |
Run apex_sepolicy_tests with erofs apexes
This turns on apex_sepolicy_tests for erofs apexes. The test now uses
`apex-ls` (a new tool to print security contexts for apex contents).
Bug: 353896817
Test: OVERRIDE_PRODUCT_DEFAULT_APEX_PAYLOAD_TYPE=erofs m run_apex_sepolicy_tests
Change-Id: Ia42d0641be7a5007fb73337257893235f9a98f22
Diffstat (limited to 'apex/builder.go')
| -rw-r--r-- | apex/builder.go | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/apex/builder.go b/apex/builder.go index b74f4de1b..d9348c562 100644 --- a/apex/builder.go +++ b/apex/builder.go @@ -73,6 +73,7 @@ func init() { pctx.HostBinToolVariable("make_erofs", "mkfs.erofs") pctx.HostBinToolVariable("apex_compression_tool", "apex_compression_tool") pctx.HostBinToolVariable("dexdeps", "dexdeps") + pctx.HostBinToolVariable("apex_ls", "apex-ls") pctx.HostBinToolVariable("apex_sepolicy_tests", "apex_sepolicy_tests") pctx.HostBinToolVariable("deapexer", "deapexer") pctx.HostBinToolVariable("debugfs_static", "debugfs_static") @@ -210,9 +211,9 @@ var ( }, "image_dir", "readelf") apexSepolicyTestsRule = pctx.StaticRule("apexSepolicyTestsRule", blueprint.RuleParams{ - Command: `${deapexer} --debugfs_path ${debugfs_static} list -Z ${in} > ${out}.fc` + + Command: `${apex_ls} -Z ${in} > ${out}.fc` + ` && ${apex_sepolicy_tests} -f ${out}.fc --partition ${partition_tag} && touch ${out}`, - CommandDeps: []string{"${apex_sepolicy_tests}", "${deapexer}", "${debugfs_static}"}, + CommandDeps: []string{"${apex_sepolicy_tests}", "${apex_ls}"}, Description: "run apex_sepolicy_tests", }, "partition_tag") @@ -918,8 +919,7 @@ func (a *apexBundle) buildApex(ctx android.ModuleContext) { } var validations android.Paths validations = append(validations, runApexLinkerconfigValidation(ctx, unsignedOutputFile, imageDir)) - // TODO(b/279688635) deapexer supports [ext4] - if !a.skipValidation(apexSepolicyTests) && suffix == imageApexSuffix && ext4 == a.payloadFsType { + if !a.skipValidation(apexSepolicyTests) && android.InList(a.payloadFsType, []fsType{ext4, erofs}) { validations = append(validations, runApexSepolicyTests(ctx, a, unsignedOutputFile)) } if !a.testApex && len(a.properties.Unwanted_transitive_deps) > 0 { @@ -1204,7 +1204,7 @@ func runApexLinkerconfigValidation(ctx android.ModuleContext, apexFile android.P // Runs apex_sepolicy_tests // -// $ deapexer list -Z {apex_file} > {file_contexts} +// $ apex-ls -Z {apex_file} > {file_contexts} // $ apex_sepolicy_tests -f {file_contexts} func runApexSepolicyTests(ctx android.ModuleContext, a *apexBundle, apexFile android.Path) android.Path { timestamp := android.PathForModuleOut(ctx, "apex_sepolicy_tests.timestamp") |