Skip to content
Snippets Groups Projects
Commit c8801fec authored by Richard Haines's avatar Richard Haines
Browse files

Ensure newlines are added between context config files 


When multiple file_contexts, service_contexts and property_contexts
are processed by the m4(1) macro processor, they will fail if one
or more of the intermediate files final line is not terminated by
a newline. This patch adds an intervening file only containing a
newline.

Change-Id: Ie66b32fe477d08c69e6d6eb1725f658adc384ce4
Signed-off-by: default avatarRichard Haines <richard_c_haines@btinternet.com>
parent f01453ad
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Android.mk
+ 32
6
View file @ c8801fec
...@@ -30,6 +30,13 @@ endif ...@@ -30,6 +30,13 @@ endif
# $(1): the set of policy name paths to build # $(1): the set of policy name paths to build
build_policy = $(foreach type, $(1), $(foreach file, $(addsuffix /$(type), $(LOCAL_PATH) $(BOARD_SEPOLICY_DIRS)), $(sort $(wildcard $(file))))) build_policy = $(foreach type, $(1), $(foreach file, $(addsuffix /$(type), $(LOCAL_PATH) $(BOARD_SEPOLICY_DIRS)), $(sort $(wildcard $(file)))))
# Add a file containing only a newline in-between each policy configuration
# 'contexts' file. This will allow OEM policy configuration files without a
# final newline (0x0A) to be built correctly by the m4(1) macro processor.
# $(1): the set of contexts file names.
# $(2): the file containing only 0x0A.
add_nl = $(foreach entry, $(1), $(subst $(entry), $(entry) $(2), $(entry)))
sepolicy_build_files := security_classes \ sepolicy_build_files := security_classes \
initial_sids \ initial_sids \
access_vectors \ access_vectors \
...@@ -52,6 +59,21 @@ sepolicy_build_files := security_classes \ ...@@ -52,6 +59,21 @@ sepolicy_build_files := security_classes \
################################## ##################################
include $(CLEAR_VARS) include $(CLEAR_VARS)
LOCAL_MODULE := sectxfile_nl
LOCAL_MODULE_CLASS := ETC
LOCAL_MODULE_TAGS := optional
# Create a file containing newline only to add between context config files
include $(BUILD_SYSTEM)/base_rules.mk
$(LOCAL_BUILT_MODULE): $(all_fcfiles_with_nl) $(all_pcfiles_with_nl) $(all_svcfiles_with_nl)
@mkdir -p $(dir $@)
$(hide) echo > $@
built_nl := $(LOCAL_BUILT_MODULE)
#################################
include $(CLEAR_VARS)
LOCAL_MODULE := sepolicy LOCAL_MODULE := sepolicy
LOCAL_MODULE_CLASS := ETC LOCAL_MODULE_CLASS := ETC
LOCAL_MODULE_TAGS := optional LOCAL_MODULE_TAGS := optional
...@@ -161,11 +183,12 @@ ifneq ($(filter address,$(SANITIZE_TARGET)),) ...@@ -161,11 +183,12 @@ ifneq ($(filter address,$(SANITIZE_TARGET)),)
all_fc_files := $(all_fc_files) file_contexts_asan all_fc_files := $(all_fc_files) file_contexts_asan
endif endif
all_fc_files := $(call build_policy, $(all_fc_files)) all_fc_files := $(call build_policy, $(all_fc_files))
all_fcfiles_with_nl := $(call add_nl, $(all_fc_files), $(built_nl))
file_contexts.tmp := $(intermediates)/file_contexts.tmp file_contexts.tmp := $(intermediates)/file_contexts.tmp
$(file_contexts.tmp): PRIVATE_FC_FILES := $(all_fc_files) $(file_contexts.tmp): PRIVATE_FC_FILES := $(all_fcfiles_with_nl)
$(file_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS) $(file_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
$(file_contexts.tmp): $(all_fc_files) $(file_contexts.tmp): $(all_fc_files) $(all_fcfiles_with_nl) $(built_nl)
@mkdir -p $(dir $@) @mkdir -p $(dir $@)
$(hide) m4 -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_FC_FILES) > $@ $(hide) m4 -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_FC_FILES) > $@
...@@ -263,11 +286,12 @@ LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT) ...@@ -263,11 +286,12 @@ LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
include $(BUILD_SYSTEM)/base_rules.mk include $(BUILD_SYSTEM)/base_rules.mk
all_pc_files := $(call build_policy, property_contexts) all_pc_files := $(call build_policy, property_contexts)
all_pcfiles_with_nl := $(call add_nl, $(all_pc_files), $(built_nl))
property_contexts.tmp := $(intermediates)/property_contexts.tmp property_contexts.tmp := $(intermediates)/property_contexts.tmp
$(property_contexts.tmp): PRIVATE_PC_FILES := $(all_pc_files) $(property_contexts.tmp): PRIVATE_PC_FILES := $(all_pcfiles_with_nl)
$(property_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS) $(property_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
$(property_contexts.tmp): $(all_pc_files) $(property_contexts.tmp): $(all_pc_files) $(all_pcfiles_with_nl) $(built_nl)
@mkdir -p $(dir $@) @mkdir -p $(dir $@)
$(hide) m4 -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_PC_FILES) > $@ $(hide) m4 -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_PC_FILES) > $@
...@@ -315,11 +339,12 @@ LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT) ...@@ -315,11 +339,12 @@ LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
include $(BUILD_SYSTEM)/base_rules.mk include $(BUILD_SYSTEM)/base_rules.mk
all_svc_files := $(call build_policy, service_contexts) all_svc_files := $(call build_policy, service_contexts)
all_svcfiles_with_nl := $(call add_nl, $(all_svc_files), $(built_nl))
service_contexts.tmp := $(intermediates)/service_contexts.tmp service_contexts.tmp := $(intermediates)/service_contexts.tmp
$(service_contexts.tmp): PRIVATE_SVC_FILES := $(all_svc_files) $(service_contexts.tmp): PRIVATE_SVC_FILES := $(all_svcfiles_with_nl)
$(service_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS) $(service_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
$(service_contexts.tmp): $(all_svc_files) $(service_contexts.tmp): $(all_svc_files) $(all_svcfiles_with_nl) $(built_nl)
@mkdir -p $(dir $@) @mkdir -p $(dir $@)
$(hide) m4 -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_SVC_FILES) > $@ $(hide) m4 -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_SVC_FILES) > $@
...@@ -407,5 +432,6 @@ built_pc := ...@@ -407,5 +432,6 @@ built_pc :=
built_svc := built_svc :=
built_general_sepolicy := built_general_sepolicy :=
built_general_sepolicy.conf := built_general_sepolicy.conf :=
built_nl :=
include $(call all-makefiles-under,$(LOCAL_PATH)) include $(call all-makefiles-under,$(LOCAL_PATH))
README
+ 13
5
View file @ c8801fec
...@@ -7,11 +7,19 @@ into the policy build as described below. ...@@ -7,11 +7,19 @@ into the policy build as described below.
Policy Generation: Policy Generation:
Additional, per device, policy files can be added into the Additional, per device, policy files can be added into the
policy build. policy build. These files should have each line including the
final line terminated by a newline character (0x0A). This
They can be configured through the use of the BOARD_SEPOLICY_DIRS will allow files to be concatenated and processed whenever
variable. This variable should be set in the BoardConfig.mk file in the m4(1) macro processor is called by the build process.
the device or vendor directories. Adding the newline will also make the intermediate text files
easier to read when debugging build failures. The sets of file,
service and property contexts files will automatically have a
newline inserted between each file as these are common failure
points.
These device policy files can be configured through the use of
the BOARD_SEPOLICY_DIRS variable. This variable should be set
in the BoardConfig.mk file in the device or vendor directories.
BOARD_SEPOLICY_DIRS contains a list of directories to search BOARD_SEPOLICY_DIRS contains a list of directories to search
for additional policy files. Order matters in this list. for additional policy files. Order matters in this list.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment