1*e4a36f41SAndroid Build Coastguard Worker// Copyright 2021 The Android Open Source Project 2*e4a36f41SAndroid Build Coastguard Worker// 3*e4a36f41SAndroid Build Coastguard Worker// Licensed under the Apache License, Version 2.0 (the "License"); 4*e4a36f41SAndroid Build Coastguard Worker// you may not use this file except in compliance with the License. 5*e4a36f41SAndroid Build Coastguard Worker// You may obtain a copy of the License at 6*e4a36f41SAndroid Build Coastguard Worker// 7*e4a36f41SAndroid Build Coastguard Worker// http://www.apache.org/licenses/LICENSE-2.0 8*e4a36f41SAndroid Build Coastguard Worker// 9*e4a36f41SAndroid Build Coastguard Worker// Unless required by applicable law or agreed to in writing, software 10*e4a36f41SAndroid Build Coastguard Worker// distributed under the License is distributed on an "AS IS" BASIS, 11*e4a36f41SAndroid Build Coastguard Worker// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*e4a36f41SAndroid Build Coastguard Worker// See the License for the specific language governing permissions and 13*e4a36f41SAndroid Build Coastguard Worker// limitations under the License. 14*e4a36f41SAndroid Build Coastguard Worker 15*e4a36f41SAndroid Build Coastguard Workerpackage selinux 16*e4a36f41SAndroid Build Coastguard Worker 17*e4a36f41SAndroid Build Coastguard Workerimport ( 18*e4a36f41SAndroid Build Coastguard Worker "path" 19*e4a36f41SAndroid Build Coastguard Worker "path/filepath" 20*e4a36f41SAndroid Build Coastguard Worker 21*e4a36f41SAndroid Build Coastguard Worker "android/soong/android" 22*e4a36f41SAndroid Build Coastguard Worker) 23*e4a36f41SAndroid Build Coastguard Worker 24*e4a36f41SAndroid Build Coastguard Workerfunc init() { 25*e4a36f41SAndroid Build Coastguard Worker android.RegisterModuleType("se_build_files", buildFilesFactory) 26*e4a36f41SAndroid Build Coastguard Worker} 27*e4a36f41SAndroid Build Coastguard Worker 28*e4a36f41SAndroid Build Coastguard Worker// se_build_files gathers policy files from sepolicy dirs, and acts like a filegroup. A tag with 29*e4a36f41SAndroid Build Coastguard Worker// partition(plat, system_ext, product) and scope(public, private) is used to select directories. 30*e4a36f41SAndroid Build Coastguard Worker// Supported tags are: "plat_public", "plat_private", "system_ext_public", "system_ext_private", 31*e4a36f41SAndroid Build Coastguard Worker// "product_public", "product_private", and "reqd_mask". 32*e4a36f41SAndroid Build Coastguard Workerfunc buildFilesFactory() android.Module { 33*e4a36f41SAndroid Build Coastguard Worker module := &buildFiles{} 34*e4a36f41SAndroid Build Coastguard Worker module.AddProperties(&module.properties) 35*e4a36f41SAndroid Build Coastguard Worker android.InitAndroidModule(module) 36*e4a36f41SAndroid Build Coastguard Worker return module 37*e4a36f41SAndroid Build Coastguard Worker} 38*e4a36f41SAndroid Build Coastguard Worker 39*e4a36f41SAndroid Build Coastguard Workertype buildFilesProperties struct { 40*e4a36f41SAndroid Build Coastguard Worker // list of source file suffixes used to collect selinux policy files. 41*e4a36f41SAndroid Build Coastguard Worker // Source files will be looked up in the following local directories: 42*e4a36f41SAndroid Build Coastguard Worker // system/sepolicy/{public, private, vendor, reqd_mask} 43*e4a36f41SAndroid Build Coastguard Worker // and directories specified by following config variables: 44*e4a36f41SAndroid Build Coastguard Worker // BOARD_SEPOLICY_DIRS, BOARD_ODM_SEPOLICY_DIRS 45*e4a36f41SAndroid Build Coastguard Worker // SYSTEM_EXT_PUBLIC_SEPOLICY_DIR, SYSTEM_EXT_PRIVATE_SEPOLICY_DIR 46*e4a36f41SAndroid Build Coastguard Worker Srcs []string 47*e4a36f41SAndroid Build Coastguard Worker} 48*e4a36f41SAndroid Build Coastguard Worker 49*e4a36f41SAndroid Build Coastguard Workertype buildFiles struct { 50*e4a36f41SAndroid Build Coastguard Worker android.ModuleBase 51*e4a36f41SAndroid Build Coastguard Worker properties buildFilesProperties 52*e4a36f41SAndroid Build Coastguard Worker 53*e4a36f41SAndroid Build Coastguard Worker srcs map[string]android.Paths 54*e4a36f41SAndroid Build Coastguard Worker} 55*e4a36f41SAndroid Build Coastguard Worker 56*e4a36f41SAndroid Build Coastguard Workerfunc (b *buildFiles) findSrcsInDirs(ctx android.ModuleContext, dirs ...string) android.Paths { 57*e4a36f41SAndroid Build Coastguard Worker result := android.Paths{} 58*e4a36f41SAndroid Build Coastguard Worker for _, file := range b.properties.Srcs { 59*e4a36f41SAndroid Build Coastguard Worker for _, dir := range dirs { 60*e4a36f41SAndroid Build Coastguard Worker path := filepath.Join(dir, file) 61*e4a36f41SAndroid Build Coastguard Worker files, err := ctx.GlobWithDeps(path, nil) 62*e4a36f41SAndroid Build Coastguard Worker if err != nil { 63*e4a36f41SAndroid Build Coastguard Worker ctx.ModuleErrorf("glob: %s", err.Error()) 64*e4a36f41SAndroid Build Coastguard Worker } 65*e4a36f41SAndroid Build Coastguard Worker for _, f := range files { 66*e4a36f41SAndroid Build Coastguard Worker result = append(result, android.PathForSource(ctx, f)) 67*e4a36f41SAndroid Build Coastguard Worker } 68*e4a36f41SAndroid Build Coastguard Worker } 69*e4a36f41SAndroid Build Coastguard Worker } 70*e4a36f41SAndroid Build Coastguard Worker return result 71*e4a36f41SAndroid Build Coastguard Worker} 72*e4a36f41SAndroid Build Coastguard Worker 73*e4a36f41SAndroid Build Coastguard Workerfunc (b *buildFiles) DepsMutator(ctx android.BottomUpMutatorContext) { 74*e4a36f41SAndroid Build Coastguard Worker // do nothing 75*e4a36f41SAndroid Build Coastguard Worker} 76*e4a36f41SAndroid Build Coastguard Worker 77*e4a36f41SAndroid Build Coastguard Workertype sepolicyDir struct { 78*e4a36f41SAndroid Build Coastguard Worker tag string 79*e4a36f41SAndroid Build Coastguard Worker paths []string 80*e4a36f41SAndroid Build Coastguard Worker} 81*e4a36f41SAndroid Build Coastguard Worker 82*e4a36f41SAndroid Build Coastguard Workerfunc (b *buildFiles) GenerateAndroidBuildActions(ctx android.ModuleContext) { 83*e4a36f41SAndroid Build Coastguard Worker b.srcs = make(map[string]android.Paths) 84*e4a36f41SAndroid Build Coastguard Worker b.srcs[".reqd_mask"] = b.findSrcsInDirs(ctx, filepath.Join("system", "sepolicy", "reqd_mask")) 85*e4a36f41SAndroid Build Coastguard Worker b.srcs[".plat_public"] = b.findSrcsInDirs(ctx, filepath.Join("system", "sepolicy", "public")) 86*e4a36f41SAndroid Build Coastguard Worker b.srcs[".plat_private"] = b.findSrcsInDirs(ctx, filepath.Join("system", "sepolicy", "private")) 87*e4a36f41SAndroid Build Coastguard Worker b.srcs[".plat_vendor"] = b.findSrcsInDirs(ctx, filepath.Join("system", "sepolicy", "vendor")) 88*e4a36f41SAndroid Build Coastguard Worker b.srcs[".system_ext_public"] = b.findSrcsInDirs(ctx, ctx.DeviceConfig().SystemExtPublicSepolicyDirs()...) 89*e4a36f41SAndroid Build Coastguard Worker b.srcs[".system_ext_private"] = b.findSrcsInDirs(ctx, ctx.DeviceConfig().SystemExtPrivateSepolicyDirs()...) 90*e4a36f41SAndroid Build Coastguard Worker b.srcs[".product_public"] = b.findSrcsInDirs(ctx, ctx.Config().ProductPublicSepolicyDirs()...) 91*e4a36f41SAndroid Build Coastguard Worker b.srcs[".product_private"] = b.findSrcsInDirs(ctx, ctx.Config().ProductPrivateSepolicyDirs()...) 92*e4a36f41SAndroid Build Coastguard Worker b.srcs[".vendor"] = b.findSrcsInDirs(ctx, ctx.DeviceConfig().VendorSepolicyDirs()...) 93*e4a36f41SAndroid Build Coastguard Worker b.srcs[".odm"] = b.findSrcsInDirs(ctx, ctx.DeviceConfig().OdmSepolicyDirs()...) 94*e4a36f41SAndroid Build Coastguard Worker 95*e4a36f41SAndroid Build Coastguard Worker prebuilt_directories, err := ctx.GlobWithDeps("system/sepolicy/prebuilts/api/*", nil) 96*e4a36f41SAndroid Build Coastguard Worker if err != nil { 97*e4a36f41SAndroid Build Coastguard Worker ctx.ModuleErrorf("error while globbing: %w", err) 98*e4a36f41SAndroid Build Coastguard Worker return 99*e4a36f41SAndroid Build Coastguard Worker } 100*e4a36f41SAndroid Build Coastguard Worker 101*e4a36f41SAndroid Build Coastguard Worker // directories used for compat tests and Treble tests 102*e4a36f41SAndroid Build Coastguard Worker for _, dir := range prebuilt_directories { 103*e4a36f41SAndroid Build Coastguard Worker ver := path.Base(dir) 104*e4a36f41SAndroid Build Coastguard Worker b.srcs[".plat_public_"+ver] = b.findSrcsInDirs(ctx, filepath.Join("system", "sepolicy", "prebuilts", "api", ver, "public")) 105*e4a36f41SAndroid Build Coastguard Worker b.srcs[".plat_private_"+ver] = b.findSrcsInDirs(ctx, filepath.Join("system", "sepolicy", "prebuilts", "api", ver, "private")) 106*e4a36f41SAndroid Build Coastguard Worker b.srcs[".system_ext_public_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.DeviceConfig().SystemExtSepolicyPrebuiltApiDir(), "prebuilts", "api", ver, "public")) 107*e4a36f41SAndroid Build Coastguard Worker b.srcs[".system_ext_private_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.DeviceConfig().SystemExtSepolicyPrebuiltApiDir(), "prebuilts", "api", ver, "private")) 108*e4a36f41SAndroid Build Coastguard Worker b.srcs[".product_public_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.DeviceConfig().ProductSepolicyPrebuiltApiDir(), "prebuilts", "api", ver, "public")) 109*e4a36f41SAndroid Build Coastguard Worker b.srcs[".product_private_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.DeviceConfig().ProductSepolicyPrebuiltApiDir(), "prebuilts", "api", ver, "private")) 110*e4a36f41SAndroid Build Coastguard Worker } 111*e4a36f41SAndroid Build Coastguard Worker 112*e4a36f41SAndroid Build Coastguard Worker b.setOutputFiles(ctx) 113*e4a36f41SAndroid Build Coastguard Worker} 114*e4a36f41SAndroid Build Coastguard Worker 115*e4a36f41SAndroid Build Coastguard Workerfunc (b *buildFiles) setOutputFiles(ctx android.ModuleContext) { 116*e4a36f41SAndroid Build Coastguard Worker for tag, files := range b.srcs { 117*e4a36f41SAndroid Build Coastguard Worker ctx.SetOutputFiles(files, tag) 118*e4a36f41SAndroid Build Coastguard Worker } 119*e4a36f41SAndroid Build Coastguard Worker} 120