1*e4a36f41SAndroid Build Coastguard Worker# Copyright 2023 The Android Open Source Project 2*e4a36f41SAndroid Build Coastguard Worker# 3*e4a36f41SAndroid Build Coastguard Worker# Licensed under the Apache License, Version 2.0 (the "License"); 4*e4a36f41SAndroid Build Coastguard Worker# you may not use this file except in compliance with the License. 5*e4a36f41SAndroid Build Coastguard Worker# You may obtain a copy of the License at 6*e4a36f41SAndroid Build Coastguard Worker# 7*e4a36f41SAndroid Build Coastguard Worker# http://www.apache.org/licenses/LICENSE-2.0 8*e4a36f41SAndroid Build Coastguard Worker# 9*e4a36f41SAndroid Build Coastguard Worker# Unless required by applicable law or agreed to in writing, software 10*e4a36f41SAndroid Build Coastguard Worker# distributed under the License is distributed on an "AS IS" BASIS, 11*e4a36f41SAndroid Build Coastguard Worker# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*e4a36f41SAndroid Build Coastguard Worker# See the License for the specific language governing permissions and 13*e4a36f41SAndroid Build Coastguard Worker# limitations under the License. 14*e4a36f41SAndroid Build Coastguard Worker 15*e4a36f41SAndroid Build Coastguard Workerfrom optparse import OptionParser 16*e4a36f41SAndroid Build Coastguard Workerimport mini_parser 17*e4a36f41SAndroid Build Coastguard Workerimport os 18*e4a36f41SAndroid Build Coastguard Workerimport sys 19*e4a36f41SAndroid Build Coastguard Worker 20*e4a36f41SAndroid Build Coastguard Workerdef do_main(): 21*e4a36f41SAndroid Build Coastguard Worker usage = "sepolicy_freeze_test " 22*e4a36f41SAndroid Build Coastguard Worker usage += "-c current_cil -p prebuilt_cil [--help]" 23*e4a36f41SAndroid Build Coastguard Worker parser = OptionParser(usage=usage) 24*e4a36f41SAndroid Build Coastguard Worker parser.add_option("-c", "--current", dest="current", metavar="FILE") 25*e4a36f41SAndroid Build Coastguard Worker parser.add_option("-p", "--prebuilt", dest="prebuilt", metavar="FILE") 26*e4a36f41SAndroid Build Coastguard Worker 27*e4a36f41SAndroid Build Coastguard Worker (options, args) = parser.parse_args() 28*e4a36f41SAndroid Build Coastguard Worker 29*e4a36f41SAndroid Build Coastguard Worker if not options.current or not options.prebuilt: 30*e4a36f41SAndroid Build Coastguard Worker sys.exit("Must specify both current and prebuilt\n" + parser.usage) 31*e4a36f41SAndroid Build Coastguard Worker if not os.path.exists(options.current): 32*e4a36f41SAndroid Build Coastguard Worker sys.exit("Current policy " + options.current + " does not exist\n" 33*e4a36f41SAndroid Build Coastguard Worker + parser.usage) 34*e4a36f41SAndroid Build Coastguard Worker if not os.path.exists(options.prebuilt): 35*e4a36f41SAndroid Build Coastguard Worker sys.exit("Prebuilt policy " + options.prebuilt + " does not exist\n" 36*e4a36f41SAndroid Build Coastguard Worker + parser.usage) 37*e4a36f41SAndroid Build Coastguard Worker 38*e4a36f41SAndroid Build Coastguard Worker current_policy = mini_parser.MiniCilParser(options.current) 39*e4a36f41SAndroid Build Coastguard Worker prebuilt_policy = mini_parser.MiniCilParser(options.prebuilt) 40*e4a36f41SAndroid Build Coastguard Worker current_policy.typeattributes = set(filter(lambda x: "base_typeattr_" not in x, 41*e4a36f41SAndroid Build Coastguard Worker current_policy.typeattributes)) 42*e4a36f41SAndroid Build Coastguard Worker prebuilt_policy.typeattributes = set(filter(lambda x: "base_typeattr_" not in x, 43*e4a36f41SAndroid Build Coastguard Worker prebuilt_policy.typeattributes)) 44*e4a36f41SAndroid Build Coastguard Worker 45*e4a36f41SAndroid Build Coastguard Worker results = "" 46*e4a36f41SAndroid Build Coastguard Worker removed_types = prebuilt_policy.types - current_policy.types 47*e4a36f41SAndroid Build Coastguard Worker added_types = current_policy.types - prebuilt_policy.types 48*e4a36f41SAndroid Build Coastguard Worker removed_attributes = prebuilt_policy.typeattributes - current_policy.typeattributes 49*e4a36f41SAndroid Build Coastguard Worker added_attributes = current_policy.typeattributes - prebuilt_policy.typeattributes 50*e4a36f41SAndroid Build Coastguard Worker 51*e4a36f41SAndroid Build Coastguard Worker if removed_types: 52*e4a36f41SAndroid Build Coastguard Worker results += "The following public types were removed:\n" + ", ".join(removed_types) + "\n" 53*e4a36f41SAndroid Build Coastguard Worker 54*e4a36f41SAndroid Build Coastguard Worker if added_types: 55*e4a36f41SAndroid Build Coastguard Worker results += "The following public types were added:\n" + ", ".join(added_types) + "\n" 56*e4a36f41SAndroid Build Coastguard Worker 57*e4a36f41SAndroid Build Coastguard Worker if removed_attributes: 58*e4a36f41SAndroid Build Coastguard Worker results += "The following public attributes were removed:\n" + ", ".join(removed_attributes) + "\n" 59*e4a36f41SAndroid Build Coastguard Worker 60*e4a36f41SAndroid Build Coastguard Worker if added_attributes: 61*e4a36f41SAndroid Build Coastguard Worker results += "The following public attributes were added:\n" + ", ".join(added_attributes) + "\n" 62*e4a36f41SAndroid Build Coastguard Worker 63*e4a36f41SAndroid Build Coastguard Worker if results: 64*e4a36f41SAndroid Build Coastguard Worker sys.exit(f'''{results} 65*e4a36f41SAndroid Build Coastguard Worker****************************** 66*e4a36f41SAndroid Build Coastguard WorkerYou have tried to change system/sepolicy/public after vendor API freeze. 67*e4a36f41SAndroid Build Coastguard WorkerTo make these errors go away, you can guard types and attributes listed above, 68*e4a36f41SAndroid Build Coastguard Workerso they won't be included to the release build. 69*e4a36f41SAndroid Build Coastguard Worker 70*e4a36f41SAndroid Build Coastguard WorkerSee an example of how to guard them: 71*e4a36f41SAndroid Build Coastguard Worker https://android-review.googlesource.com/3050544 72*e4a36f41SAndroid Build Coastguard Worker****************************** 73*e4a36f41SAndroid Build Coastguard Worker''') 74*e4a36f41SAndroid Build Coastguard Worker 75*e4a36f41SAndroid Build Coastguard Workerif __name__ == '__main__': 76*e4a36f41SAndroid Build Coastguard Worker do_main() 77