From fc97764dd5236a41feb716a7eb46b8b4406b0322 Mon Sep 17 00:00:00 2001 From: Tom Cherry Date: Wed, 13 Jun 2018 14:51:05 -0700 Subject: [PATCH] Reland: Verify init scripts for correctness during build Relanding with change to not run on the darwin build since host init verifier is not possible there. Bug: 36970783 Bug: 110477913 Test: builds pass without failures Test: builds fail with failures in init files used via LOCAL_INIT_RC, PRODUCT_COPY_FILES, or TARGET_PREBUILT Change-Id: Iae93705a9320159ed97328e615eaa3bc150e6442 --- core/Makefile | 4 +++- core/base_rules.mk | 2 +- core/config.mk | 1 + core/definitions.mk | 27 +++++++++++++++++++++++++++ core/prebuilt_internal.mk | 5 ++++- 5 files changed, 36 insertions(+), 3 deletions(-) diff --git a/core/Makefile b/core/Makefile index a5109f0ae..38ee46c6a 100644 --- a/core/Makefile +++ b/core/Makefile @@ -36,7 +36,9 @@ $(foreach cf,$(unique_product_copy_files_pairs), \ $(eval $(call copy-xml-file-checked,$(_src),$(_fulldest))),\ $(if $(and $(filter %.jar,$(_dest)),$(filter $(basename $(notdir $(_dest))),$(PRODUCT_LOADED_BY_PRIVILEGED_MODULES))),\ $(eval $(call copy-and-uncompress-dexs,$(_src),$(_fulldest))), \ - $(eval $(call copy-one-file,$(_src),$(_fulldest))))) \ + $(if $(filter init%rc,$(notdir $(_dest)))$(filter %/etc/init,$(dir $(_dest))),\ + $(eval $(call copy-init-script-file-checked,$(_src),$(_fulldest))),\ + $(eval $(call copy-one-file,$(_src),$(_fulldest)))))) \ $(eval ALL_DEFAULT_INSTALLED_MODULES += $(_fulldest)) \ $(eval unique_product_copy_files_destinations += $(_dest)))) diff --git a/core/base_rules.mk b/core/base_rules.mk index 4f0e39f39..4f157cb41 100644 --- a/core/base_rules.mk +++ b/core/base_rules.mk @@ -424,7 +424,7 @@ my_init_rc_installed := $(foreach rc,$(my_init_rc_pairs),$(call word-colon,2,$(r # Make sure we only set up the copy rules once, even if another arch variant # shares a common LOCAL_INIT_RC. my_init_rc_new_pairs := $(filter-out $(ALL_INIT_RC_INSTALLED_PAIRS),$(my_init_rc_pairs)) -my_init_rc_new_installed := $(call copy-many-files,$(my_init_rc_new_pairs)) +my_init_rc_new_installed := $(call copy-many-init-script-files-checked,$(my_init_rc_new_pairs)) ALL_INIT_RC_INSTALLED_PAIRS += $(my_init_rc_new_pairs) $(my_all_targets) : $(my_init_rc_installed) diff --git a/core/config.mk b/core/config.mk index 0920b5608..7bbb3e5a4 100644 --- a/core/config.mk +++ b/core/config.mk @@ -615,6 +615,7 @@ ACP := $(prebuilt_build_tools_bin)/acp CKATI := $(prebuilt_build_tools_bin)/ckati DEPMOD := $(HOST_OUT_EXECUTABLES)/depmod FILESLIST := $(SOONG_HOST_OUT_EXECUTABLES)/fileslist +HOST_INIT_VERIFIER := $(HOST_OUT_EXECUTABLES)/host_init_verifier MAKEPARALLEL := $(prebuilt_build_tools_bin)/makeparallel SOONG_JAVAC_WRAPPER := $(SOONG_HOST_OUT_EXECUTABLES)/soong_javac_wrapper SOONG_ZIP := $(SOONG_HOST_OUT_EXECUTABLES)/soong_zip diff --git a/core/definitions.mk b/core/definitions.mk index a8d7b2d3e..9f958fa80 100644 --- a/core/definitions.mk +++ b/core/definitions.mk @@ -2658,6 +2658,33 @@ $(foreach f, $(1), $(strip \ $(_cmf_dest))) endef +# Copy the file only if it's a well-formed init script file. For use via $(eval). +# $(1): source file +# $(2): destination file +define copy-init-script-file-checked +# Host init verifier doesn't exist on darwin. +ifneq ($(HOST_OS),darwin) +$(2): $(1) $(HOST_INIT_VERIFIER) $(call intermediates-dir-for,ETC,passwd)/passwd + $(hide) $(HOST_INIT_VERIFIER) $$< $(call intermediates-dir-for,ETC,passwd)/passwd +else +$(2): $(1) +endif + @echo "Copy init script: $$@" + $$(copy-file-to-target) +endef + +# Copies many init script files and check they are well-formed. +# $(1): The init script files to copy. Each entry is a ':' separated src:dst pair. +# Evaluates to the list of the dst files. (ie suitable for a dependency list.) +define copy-many-init-script-files-checked +$(foreach f, $(1), $(strip \ + $(eval _cmf_tuple := $(subst :, ,$(f))) \ + $(eval _cmf_src := $(word 1,$(_cmf_tuple))) \ + $(eval _cmf_dest := $(word 2,$(_cmf_tuple))) \ + $(eval $(call copy-init-script-file-checked,$(_cmf_src),$(_cmf_dest))) \ + $(_cmf_dest))) +endef + # Copy the file only if it's a well-formed xml file. For use via $(eval). # $(1): source file # $(2): destination file, must end with .xml. diff --git a/core/prebuilt_internal.mk b/core/prebuilt_internal.mk index 17dd04625..d5b7877a1 100644 --- a/core/prebuilt_internal.mk +++ b/core/prebuilt_internal.mk @@ -508,10 +508,13 @@ $(built_module) : $(my_prebuilt_src_file) endif # LOCAL_DEX_PREOPT else # ! prebuilt_module_is_dex_javalib +ifneq ($(filter init%rc,$(notdir $(LOCAL_INSTALLED_MODULE)))$(filter %/etc/init,$(dir $(LOCAL_INSTALLED_MODULE))),) + $(eval $(call copy-init-script-file-checked,$(my_prebuilt_src_file),$(built_module))) +else ifneq ($(LOCAL_PREBUILT_STRIP_COMMENTS),) $(built_module) : $(my_prebuilt_src_file) -ifneq ($(LOCAL_PREBUILT_STRIP_COMMENTS),) $(transform-prebuilt-to-target-strip-comments) else +$(built_module) : $(my_prebuilt_src_file) $(transform-prebuilt-to-target) endif ifneq ($(filter EXECUTABLES NATIVE_TESTS,$(LOCAL_MODULE_CLASS)),)