diff options
Diffstat (limited to 'apex/builder.go')
| -rw-r--r-- | apex/builder.go | 40 |
1 files changed, 33 insertions, 7 deletions
diff --git a/apex/builder.go b/apex/builder.go index d75cc1df6..ba4df5f6b 100644 --- a/apex/builder.go +++ b/apex/builder.go @@ -75,9 +75,11 @@ func init() { pctx.HostBinToolVariable("apex_sepolicy_tests", "apex_sepolicy_tests") pctx.HostBinToolVariable("deapexer", "deapexer") pctx.HostBinToolVariable("debugfs_static", "debugfs_static") + pctx.HostBinToolVariable("fsck_erofs", "fsck.erofs") pctx.SourcePathVariable("genNdkUsedbyApexPath", "build/soong/scripts/gen_ndk_usedby_apex.sh") pctx.HostBinToolVariable("conv_linker_config", "conv_linker_config") pctx.HostBinToolVariable("assemble_vintf", "assemble_vintf") + pctx.HostBinToolVariable("apex_elf_checker", "apex_elf_checker") } var ( @@ -237,6 +239,12 @@ var ( CommandDeps: []string{"${assemble_vintf}"}, Description: "run assemble_vintf", }) + + apexElfCheckerUnwantedRule = pctx.StaticRule("apexElfCheckerUnwantedRule", blueprint.RuleParams{ + Command: `${apex_elf_checker} --tool_path ${tool_path} --unwanted ${unwanted} ${in} && touch ${out}`, + CommandDeps: []string{"${apex_elf_checker}", "${deapexer}", "${debugfs_static}", "${fsck_erofs}", "${config.ClangBin}/llvm-readelf"}, + Description: "run apex_elf_checker --unwanted", + }, "tool_path", "unwanted") ) // buildManifest creates buile rules to modify the input apex_manifest.json to add information @@ -364,12 +372,12 @@ func (a *apexBundle) buildFileContexts(ctx android.ModuleContext) android.Output output := android.PathForModuleOut(ctx, "file_contexts") rule := android.NewRuleBuilder(pctx, ctx) - forceLabel := "u:object_r:system_file:s0" + labelForRoot := "u:object_r:system_file:s0" + labelForManifest := "u:object_r:system_file:s0" if a.SocSpecific() && !a.vndkApex { - // APEX on /vendor should label ./ and ./apex_manifest.pb as vendor_apex_metadata_file. - // The reason why we skip VNDK APEX is that aosp_{pixel device} targets install VNDK APEX on /vendor - // even though VNDK APEX is supposed to be installed on /system. (See com.android.vndk.current.on_vendor) - forceLabel = "u:object_r:vendor_apex_metadata_file:s0" + // APEX on /vendor should label ./ and ./apex_manifest.pb as vendor file. + labelForRoot = "u:object_r:vendor_file:s0" + labelForManifest = "u:object_r:vendor_apex_metadata_file:s0" } // remove old file rule.Command().Text("rm").FlagWithOutput("-f ", output) @@ -379,8 +387,8 @@ func (a *apexBundle) buildFileContexts(ctx android.ModuleContext) android.Output rule.Command().Text("echo").Text(">>").Output(output) if !useFileContextsAsIs { // force-label /apex_manifest.pb and / - rule.Command().Text("echo").Text("/apex_manifest\\\\.pb").Text(forceLabel).Text(">>").Output(output) - rule.Command().Text("echo").Text("/").Text(forceLabel).Text(">>").Output(output) + rule.Command().Text("echo").Text("/apex_manifest\\\\.pb").Text(labelForManifest).Text(">>").Output(output) + rule.Command().Text("echo").Text("/").Text(labelForRoot).Text(">>").Output(output) } rule.Build("file_contexts."+a.Name(), "Generate file_contexts") @@ -886,6 +894,10 @@ func (a *apexBundle) buildApex(ctx android.ModuleContext) { if suffix == imageApexSuffix && ext4 == a.payloadFsType { validations = append(validations, runApexSepolicyTests(ctx, unsignedOutputFile.OutputPath)) } + if !a.testApex && len(a.properties.Unwanted_transitive_deps) > 0 { + validations = append(validations, + runApexElfCheckerUnwanted(ctx, unsignedOutputFile.OutputPath, a.properties.Unwanted_transitive_deps)) + } ctx.Build(pctx, android.BuildParams{ Rule: rule, Description: "signapk", @@ -1164,3 +1176,17 @@ func runApexSepolicyTests(ctx android.ModuleContext, apexFile android.OutputPath }) return timestamp } + +func runApexElfCheckerUnwanted(ctx android.ModuleContext, apexFile android.OutputPath, unwanted []string) android.Path { + timestamp := android.PathForModuleOut(ctx, "apex_elf_unwanted.timestamp") + ctx.Build(pctx, android.BuildParams{ + Rule: apexElfCheckerUnwantedRule, + Input: apexFile, + Output: timestamp, + Args: map[string]string{ + "unwanted": android.JoinWithSuffixAndSeparator(unwanted, ".so", ":"), + "tool_path": ctx.Config().HostToolPath(ctx, "").String() + ":${config.ClangBin}", + }, + }) + return timestamp +} |