From 4c80c2caa81cd1fc10b48991341550a23054eada Mon Sep 17 00:00:00 2001
From: Tri Vo <trong@google.com>
Date: Thu, 29 Mar 2018 03:42:47 +0000
Subject: [PATCH] Test that /proc files have proc_type attribute.
Bug: 74182216
Change-Id: Ia1c6b67ac93ed6e88c50c1527b48275365bf5fd5
Test: build policy
---
tests/sepolicy_tests.py | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/tests/sepolicy_tests.py b/tests/sepolicy_tests.py
index b09c60bc3..6f6914759 100644
--- a/tests/sepolicy_tests.py
+++ b/tests/sepolicy_tests.py
@@ -11,6 +11,9 @@ import sys
def TestDataTypeViolations(pol):
return pol.AssertPathTypesHaveAttr(["/data/"], [], "data_file_type")
+def TestProcTypeViolations(pol):
+ return pol.AssertGenfsFilesystemTypesHaveAttr("proc", "proc_type")
+
def TestSysfsTypeViolations(pol):
ret = pol.AssertGenfsFilesystemTypesHaveAttr("sysfs", "sysfs_type")
ret += pol.AssertPathTypesHaveAttr(["/sys/"], ["/sys/kernel/debug/",
@@ -48,9 +51,14 @@ class MultipleOption(Option):
else:
Option.take_action(self, action, dest, opt, value, values, parser)
-Tests = ["TestDataTypeViolators", "TestSysfsTypeViolations",
- "TestDebugfsTypeViolations", "TestVendorTypeViolations",
- "TestCoreDataTypeViolations"]
+Tests = [
+ "TestDataTypeViolators",
+ "TestProcTypeViolations",
+ "TestSysfsTypeViolations",
+ "TestDebugfsTypeViolations",
+ "TestVendorTypeViolations",
+ "TestCoreDataTypeViolations",
+]
if __name__ == '__main__':
usage = "sepolicy_tests -l $(ANDROID_HOST_OUT)/lib64/libsepolwrap.so "
@@ -91,6 +99,8 @@ if __name__ == '__main__':
# If an individual test is not specified, run all tests.
if options.test is None or "TestDataTypeViolations" in options.test:
results += TestDataTypeViolations(pol)
+ if options.test is None or "TestProcTypeViolations" in options.test:
+ results += TestProcTypeViolations(pol)
if options.test is None or "TestSysfsTypeViolations" in options.test:
results += TestSysfsTypeViolations(pol)
if options.test is None or "TestDebugfsTypeViolations" in options.test:
--
GitLab