xref: /aosp_15_r20/external/crosvm/jail/seccomp/policy-inliner.sh (revision bb4ee6a4ae7042d18b07a98463b9c8b875e44b39) 
1#!/bin/bash
2# Copyright (C) 2020 The Android Open Source Project
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8#      http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15
16set -eu
17
18common_device="$1"
19gpu_common="$2"
20serial="$3"
21net="$4"
22block="$5"
23vhost_user="$6"
24vhost_vsock="$7"
25# NOTE: We can't require all of the files to exist because aarch64 doesn't have
26# all of them.
27if ! [[ -f $common_device ]] || ! [[ -f $gpu_common ]] || ! [[ -f $serial ]] || ! [[ -f $net ]]; then
28  echo "usage: $0 /path/to/common_device.policy /path/to/gpu_common.policy /path/to/serial.policy/ /path/to/net.policy /path/to/block.policy /path/to/vhost_user.policy <input.policy >output.policy"
29  exit 1
30fi
31
32while IFS= read -r line
33do
34  if echo "$line" | egrep "@include[[:space:]]+/usr/share/policy/crosvm/common_device.policy" > /dev/null; then
35    cat $common_device
36    continue
37  elif echo "$line" | egrep "@include[[:space:]]+/usr/share/policy/crosvm/gpu_common.policy" > /dev/null; then
38    cat $gpu_common
39    continue
40  elif echo "$line" | egrep "@include[[:space:]]+/usr/share/policy/crosvm/serial.policy" > /dev/null; then
41    cat $serial
42    continue
43  elif echo "$line" | egrep "@include[[:space:]]+/usr/share/policy/crosvm/net.policy" > /dev/null; then
44    cat $net
45    continue
46  elif echo "$line" | egrep "@include[[:space:]]+/usr/share/policy/crosvm/block.policy" > /dev/null; then
47    cat $block
48    continue
49  elif echo "$line" | egrep "@include[[:space:]]+/usr/share/policy/crosvm/vhost_user.policy" > /dev/null; then
50    cat $vhost_user
51    continue
52  elif echo "$line" | egrep "@include[[:space:]]+/usr/share/policy/crosvm/vhost_vsock.policy" > /dev/null; then
53    cat $vhost_vsock
54    continue
55  elif echo "$line" | egrep "@include" > /dev/null; then
56    echo "ERROR: Unsupported include statement $line" >&2
57    exit 1
58  fi
59  echo $line
60done
61