From 436464ab71342cb2a771e9c518444da1ce2d72af Mon Sep 17 00:00:00 2001
From: Mark Salyzyn <salyzyn@google.com>
Date: Thu, 13 Dec 2018 16:47:58 -0800
Subject: [PATCH] fs_mgr: overlayfs: test w/o sepolicy in enforced mode

Skip sepolicy test if device is not in enforcing mode.

Test: adb-remount-test.sh
Change-Id: I1558674819bda0c9f575d5202f693fec55c9d84f
---
 fs_mgr/tests/adb-remount-test.sh | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/fs_mgr/tests/adb-remount-test.sh b/fs_mgr/tests/adb-remount-test.sh
index aaee1a7a1..5957e302e 100755
--- a/fs_mgr/tests/adb-remount-test.sh
+++ b/fs_mgr/tests/adb-remount-test.sh
@@ -290,6 +290,11 @@ if ! inAdb; then
 fi
 inAdb || die "specified device not in adb mode"
 isDebuggable || die "device not a debug build"
+enforcing=true
+if ! adb_su getenforce </dev/null | grep 'Enforcing' >/dev/null; then
+  echo "${ORANGE}[  WARNING ]${NORMAL} device does not have sepolicy in enforcing mode"
+  enforcing=false
+fi
 
 # Do something
 
@@ -535,9 +540,11 @@ B="`adb_cat /system/hello`" ||
   die "re-read system hello after reboot"
 check_eq "${A}" "${B}" system after reboot
 # Only root can read vendor if sepolicy permissions are as expected
-B="`adb_cat /vendor/hello`" &&
-  die "re-read vendor hello after reboot w/o root"
-check_eq "cat: /vendor/hello: Permission denied" "${B}" vendor after reboot w/o root
+if ${enforcing}; then
+  B="`adb_cat /vendor/hello`" &&
+    die "re-read vendor hello after reboot w/o root"
+  check_eq "cat: /vendor/hello: Permission denied" "${B}" vendor after reboot w/o root
+fi
 adb_root &&
   B="`adb_cat /vendor/hello`" ||
   die "re-read vendor hello after reboot"