From d0a65bae178f0b8d65a8ab0f71f313baa34031a1 Mon Sep 17 00:00:00 2001 From: Jiyong Park Date: Sat, 10 Nov 2018 06:37:15 +0900 Subject: [PATCH] Move file_contexts file for APEXes to under /system/sepolicy For centralized development of sepolices, file_contexts files for APEXes are all moved to under /system/seplicy. The meaning of the existing file_contexts has been changed; when it is set to , then /system/sepolicy/apex/_file_contexts is used. When unset, it defaults to the name of the module. The property is not removed in order to support creating multiple versions of the same apex (for testing purpose) built with same file_contexts file. Bug: 119034475 Test: m apex.test com.android.tzdata com.android.runtime Change-Id: I7d14a9e37baea9ab78d9e15e1164cce54d256f56 --- apex/apex.go | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/apex/apex.go b/apex/apex.go index 3e7c0a791..7232c1b6d 100644 --- a/apex/apex.go +++ b/apex/apex.go @@ -171,8 +171,10 @@ type apexBundleProperties struct { // "manifest.json" Manifest *string - // File contexts file for setting security context to each file in this APEX bundle - // Default: "file_contexts". + // Determines the file contexts file for setting security context to each file in this APEX bundle. + // Specifically, when this is set to , /system/sepolicy/apex/_file_contexts file is + // used. + // Default: File_contexts *string // List of native shared libs that are embedded inside this APEX bundle @@ -489,7 +491,15 @@ func (a *apexBundle) GenerateAndroidBuildActions(ctx android.ModuleContext) { }) manifest := android.PathForModuleSrc(ctx, proptools.StringDefault(a.properties.Manifest, "manifest.json")) - fileContexts := android.PathForModuleSrc(ctx, proptools.StringDefault(a.properties.File_contexts, "file_contexts")) + + fcName := proptools.StringDefault(a.properties.File_contexts, a.ModuleBase.Name()) + fileContextsPath := "system/sepolicy/apex/" + fcName + "_file_contexts" + fileContextsOptionalPath := android.ExistentPathForSource(ctx, fileContextsPath) + if !fileContextsOptionalPath.Valid() { + ctx.ModuleErrorf("Cannot find file_contexts file: %q", fileContextsPath) + return + } + fileContexts := fileContextsOptionalPath.Path() unsignedOutputFile := android.PathForModuleOut(ctx, a.ModuleBase.Name()+apexSuffix+".unsigned")