Start enforcing /system file labeling

system_file_type is an attribute assigned to all files on the /system
partition. Add a compile time test to ensure that the attribute is
assigned to all the relevant types.

Test: code compiles.
Change-Id: I7d69a04a4f04f6269cc408f25527b948756cc079

tests/sepolicy_tests.py

@@ -11,8 +11,8 @@ import sys
 def TestDataTypeViolations(pol):
     return pol.AssertPathTypesHaveAttr(["/data/"], [], "data_file_type")
 
-# def TestSystemTypeViolations(pol):
-#     return pol.AssertPathTypesHaveAttr(["/system/"], [], "system_file_type")
+def TestSystemTypeViolations(pol):
+    return pol.AssertPathTypesHaveAttr(["/system/"], [], "system_file_type")
 
 def TestProcTypeViolations(pol):
     return pol.AssertGenfsFilesystemTypesHaveAttr("proc", "proc_type")
@@ -58,7 +58,7 @@ Tests = [
     "TestDataTypeViolators",
     "TestProcTypeViolations",
     "TestSysfsTypeViolations",
-    # "TestSystemTypeViolators",
+    "TestSystemTypeViolators",
     "TestDebugfsTypeViolations",
     "TestVendorTypeViolations",
     "TestCoreDataTypeViolations",
@@ -107,8 +107,8 @@ if __name__ == '__main__':
         results += TestProcTypeViolations(pol)
     if options.test is None or "TestSysfsTypeViolations" in options.test:
         results += TestSysfsTypeViolations(pol)
-    # if options.test is None or "TestSystemTypeViolations" in options.test:
-    #     results += TestSystemTypeViolations(pol)
+    if options.test is None or "TestSystemTypeViolations" in options.test:
+        results += TestSystemTypeViolations(pol)
     if options.test is None or "TestDebugfsTypeViolations" in options.test:
         results += TestDebugfsTypeViolations(pol)
     if options.test is None or "TestVendorTypeViolations" in options.test: