StrixOS/build_soong
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add file_contexts property to filesystem

Browse Source 
Filesystems like ext4 can store file contexts itself. This supports
passing file_contexts file to build_image.

Bug: 178993690
Test: boot and see selinux denials are gone
Change-Id: I97d4a981e4b9c89434ea2f1303173ae91cce94e3
This commit is contained in:
Inseob Kim
2021-02-03 14:05:24 +09:00
parent 7a1c2b181c
commit cc8e536a15
1 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
filesystem/filesystem.go
View File

@@ -51,6 +51,9 @@ type filesystemProperties struct {
// Type of the filesystem. Currently, ext4 and compressed_cpio are supported. Default is
// ext4.
Type *string
// file_contexts file to make image. Currently, only ext4 is supported.
File_contexts *string `android:"path"`
}
// android_filesystem packages a set of modules and their transitive dependencies into a filesystem
@@ -142,6 +145,16 @@ func (f *filesystem) buildImageUsingBuildImage(ctx android.ModuleContext) androi
return output
}
func (f *filesystem) buildFileContexts(ctx android.ModuleContext) android.OutputPath {
builder := android.NewRuleBuilder(pctx, ctx)
fcBin := android.PathForModuleOut(ctx, "file_contexts.bin")
builder.Command().BuiltTool("sefcontext_compile").
FlagWithOutput("-o ", fcBin).
Input(android.PathForModuleSrc(ctx, proptools.String(f.properties.File_contexts)))
builder.Build("build_filesystem_file_contexts", fmt.Sprintf("Creating filesystem file contexts for %s", f.BaseModuleName()))
return fcBin.OutputPath
}
func (f *filesystem) buildPropFile(ctx android.ModuleContext) (propFile android.OutputPath, toolDeps android.Paths) {
type prop struct {
name string
@@ -188,6 +201,10 @@ func (f *filesystem) buildPropFile(ctx android.ModuleContext) (propFile android.
addStr("partition_name", f.Name())
}
if proptools.String(f.properties.File_contexts) != "" {
addPath("selinux_fc", f.buildFileContexts(ctx))
}
propFile = android.PathForModuleOut(ctx, "prop").OutputPath
builder := android.NewRuleBuilder(pctx, ctx)
builder.Command().Text("rm").Flag("-rf").Output(propFile)
@@ -207,6 +224,10 @@ func (f *filesystem) buildCompressedCpioImage(ctx android.ModuleContext) android
"Consider adding this to bootimg module and signing the entire boot image.")
}
if proptools.String(f.properties.File_contexts) != "" {
ctx.PropertyErrorf("file_contexts", "file_contexts is not supported for compressed cpio image.")
}
zipFile := android.PathForModuleOut(ctx, "temp.zip").OutputPath
f.CopyDepsToZip(ctx, zipFile)