1# Copyright (c) 2021 北京万里红科技有限公司 2# Copyright(c) Huawei Technologies Co.,Ltd. 3# 2020-2021.All rights reserved. 4# Copyright(c)2016,Google inc. 5# 6# Permission to use,copy,modify,and/or distribute this software for any 7# purpose with or without fee is hereby granted,provided that the above 8# copyright notice and this permission notice appear in all copies. 9# 10 11import("//build/ohos.gni") 12 13#import("//build/ohos_var.gni") 14#import("//developtools/profiler/build/config.gni") 15 16LIBSEPOL_ROOT_DIR = "//third_party/selinux/libsepol" 17LIBSELINUX_ROOT_DIR = "//third_party/selinux/libselinux" 18CHECKPOLICY_ROOT_DIR = "//third_party/selinux/checkpolicy" 19SECILC_ROOT_DIR = "//third_party/selinux/secilc" 20LIBFTS_ROOT_DIR = "//third_party/FreeBSD" 21LIBPCRE2_ROOT_DIR = "//third_party/pcre2" 22 23ohos_shared_library("libsepol") { 24 md5_check_script = rebase_path("//third_party/selinux/check_md5.sh") 25 _arguments = [ 26 rebase_path("libsepol/cil/src/cil_lexer.c"), 27 rebase_path("libsepol/cil/src/cil_lexer.l"), 28 rebase_path("libsepol/cil/src/cil_lexer.md5"), 29 ] 30 result = exec_script(md5_check_script, _arguments, "string") 31 if (result != "") { 32 exec_script("/usr/bin/flex", 33 [ 34 "-o", 35 rebase_path("libsepol/cil/src/cil_lexer.c"), 36 rebase_path("libsepol/cil/src/cil_lexer.l"), 37 ], 38 "") 39 } 40 41 output_name = "libsepol" 42 version_script = "libsepol.map" 43 sources = [ 44 "$LIBSEPOL_ROOT_DIR/cil/src/cil.c", 45 "$LIBSEPOL_ROOT_DIR/cil/src/cil_binary.c", 46 "$LIBSEPOL_ROOT_DIR/cil/src/cil_build_ast.c", 47 "$LIBSEPOL_ROOT_DIR/cil/src/cil_copy_ast.c", 48 "$LIBSEPOL_ROOT_DIR/cil/src/cil_find.c", 49 "$LIBSEPOL_ROOT_DIR/cil/src/cil_fqn.c", 50 "$LIBSEPOL_ROOT_DIR/cil/src/cil_lexer.c", 51 "$LIBSEPOL_ROOT_DIR/cil/src/cil_list.c", 52 "$LIBSEPOL_ROOT_DIR/cil/src/cil_log.c", 53 "$LIBSEPOL_ROOT_DIR/cil/src/cil_mem.c", 54 "$LIBSEPOL_ROOT_DIR/cil/src/cil_parser.c", 55 "$LIBSEPOL_ROOT_DIR/cil/src/cil_policy.c", 56 "$LIBSEPOL_ROOT_DIR/cil/src/cil_post.c", 57 "$LIBSEPOL_ROOT_DIR/cil/src/cil_reset_ast.c", 58 "$LIBSEPOL_ROOT_DIR/cil/src/cil_resolve_ast.c", 59 "$LIBSEPOL_ROOT_DIR/cil/src/cil_stack.c", 60 "$LIBSEPOL_ROOT_DIR/cil/src/cil_strpool.c", 61 "$LIBSEPOL_ROOT_DIR/cil/src/cil_symtab.c", 62 "$LIBSEPOL_ROOT_DIR/cil/src/cil_tree.c", 63 "$LIBSEPOL_ROOT_DIR/cil/src/cil_verify.c", 64 "$LIBSEPOL_ROOT_DIR/cil/src/cil_write_ast.c", 65 "$LIBSEPOL_ROOT_DIR/src/assertion.c", 66 "$LIBSEPOL_ROOT_DIR/src/avrule_block.c", 67 "$LIBSEPOL_ROOT_DIR/src/avtab.c", 68 "$LIBSEPOL_ROOT_DIR/src/boolean_record.c", 69 "$LIBSEPOL_ROOT_DIR/src/booleans.c", 70 "$LIBSEPOL_ROOT_DIR/src/conditional.c", 71 "$LIBSEPOL_ROOT_DIR/src/constraint.c", 72 "$LIBSEPOL_ROOT_DIR/src/context.c", 73 "$LIBSEPOL_ROOT_DIR/src/context_record.c", 74 "$LIBSEPOL_ROOT_DIR/src/debug.c", 75 "$LIBSEPOL_ROOT_DIR/src/ebitmap.c", 76 "$LIBSEPOL_ROOT_DIR/src/expand.c", 77 "$LIBSEPOL_ROOT_DIR/src/handle.c", 78 "$LIBSEPOL_ROOT_DIR/src/hashtab.c", 79 "$LIBSEPOL_ROOT_DIR/src/hierarchy.c", 80 "$LIBSEPOL_ROOT_DIR/src/ibendport_record.c", 81 "$LIBSEPOL_ROOT_DIR/src/ibendports.c", 82 "$LIBSEPOL_ROOT_DIR/src/ibpkey_record.c", 83 "$LIBSEPOL_ROOT_DIR/src/ibpkeys.c", 84 "$LIBSEPOL_ROOT_DIR/src/iface_record.c", 85 "$LIBSEPOL_ROOT_DIR/src/interfaces.c", 86 "$LIBSEPOL_ROOT_DIR/src/kernel_to_cil.c", 87 "$LIBSEPOL_ROOT_DIR/src/kernel_to_common.c", 88 "$LIBSEPOL_ROOT_DIR/src/kernel_to_conf.c", 89 "$LIBSEPOL_ROOT_DIR/src/link.c", 90 "$LIBSEPOL_ROOT_DIR/src/mls.c", 91 "$LIBSEPOL_ROOT_DIR/src/module.c", 92 "$LIBSEPOL_ROOT_DIR/src/module_to_cil.c", 93 "$LIBSEPOL_ROOT_DIR/src/node_record.c", 94 "$LIBSEPOL_ROOT_DIR/src/nodes.c", 95 "$LIBSEPOL_ROOT_DIR/src/optimize.c", 96 "$LIBSEPOL_ROOT_DIR/src/polcaps.c", 97 "$LIBSEPOL_ROOT_DIR/src/policydb.c", 98 "$LIBSEPOL_ROOT_DIR/src/policydb_convert.c", 99 "$LIBSEPOL_ROOT_DIR/src/policydb_public.c", 100 "$LIBSEPOL_ROOT_DIR/src/policydb_validate.c", 101 "$LIBSEPOL_ROOT_DIR/src/port_record.c", 102 "$LIBSEPOL_ROOT_DIR/src/ports.c", 103 "$LIBSEPOL_ROOT_DIR/src/services.c", 104 "$LIBSEPOL_ROOT_DIR/src/sidtab.c", 105 "$LIBSEPOL_ROOT_DIR/src/symtab.c", 106 "$LIBSEPOL_ROOT_DIR/src/user_record.c", 107 "$LIBSEPOL_ROOT_DIR/src/users.c", 108 "$LIBSEPOL_ROOT_DIR/src/util.c", 109 "$LIBSEPOL_ROOT_DIR/src/write.c", 110 ] 111 include_dirs = [ 112 "$LIBSEPOL_ROOT_DIR/cil/include", 113 "$LIBSEPOL_ROOT_DIR/include", 114 ] 115 cflags = [ 116 "-D_GNU_SOURCE", 117 "-w", 118 ] 119 install_enable = true 120 install_images = [ 121 "system", 122 "ramdisk", 123 "updater", 124 ] 125 license_file = "$LIBSEPOL_ROOT_DIR/COPYING" 126 part_name = "selinux" 127 subsystem_name = "security" 128} 129 130ohos_executable("chkcon") { 131 install_enable = true 132 sources = [ "$LIBSEPOL_ROOT_DIR/utils/chkcon.c" ] 133 deps = [ ":libsepol" ] 134 include_dirs = [ "$LIBSEPOL_ROOT_DIR/include" ] 135 cflags = [ 136 "-D_GNU_SOURCE", 137 "-w", 138 ] 139 license_file = "$LIBSEPOL_ROOT_DIR/COPYING" 140 part_name = "selinux" 141 subsystem_name = "security" 142} 143 144ohos_shared_library("libselinux") { 145 output_name = "libselinux" 146 sources = [ 147 "$LIBFTS_ROOT_DIR/lib/libc/gen/fts.c", 148 "$LIBSELINUX_ROOT_DIR/src/avc.c", 149 "$LIBSELINUX_ROOT_DIR/src/avc_internal.c", 150 "$LIBSELINUX_ROOT_DIR/src/avc_sidtab.c", 151 "$LIBSELINUX_ROOT_DIR/src/booleans.c", 152 "$LIBSELINUX_ROOT_DIR/src/callbacks.c", 153 "$LIBSELINUX_ROOT_DIR/src/canonicalize_context.c", 154 "$LIBSELINUX_ROOT_DIR/src/checkAccess.c", 155 "$LIBSELINUX_ROOT_DIR/src/check_context.c", 156 "$LIBSELINUX_ROOT_DIR/src/compute_av.c", 157 "$LIBSELINUX_ROOT_DIR/src/compute_create.c", 158 "$LIBSELINUX_ROOT_DIR/src/compute_member.c", 159 "$LIBSELINUX_ROOT_DIR/src/context.c", 160 "$LIBSELINUX_ROOT_DIR/src/deny_unknown.c", 161 "$LIBSELINUX_ROOT_DIR/src/disable.c", 162 "$LIBSELINUX_ROOT_DIR/src/enabled.c", 163 "$LIBSELINUX_ROOT_DIR/src/fgetfilecon.c", 164 "$LIBSELINUX_ROOT_DIR/src/freecon.c", 165 "$LIBSELINUX_ROOT_DIR/src/fsetfilecon.c", 166 "$LIBSELINUX_ROOT_DIR/src/get_initial_context.c", 167 "$LIBSELINUX_ROOT_DIR/src/getenforce.c", 168 "$LIBSELINUX_ROOT_DIR/src/getfilecon.c", 169 "$LIBSELINUX_ROOT_DIR/src/getpeercon.c", 170 "$LIBSELINUX_ROOT_DIR/src/init.c", 171 "$LIBSELINUX_ROOT_DIR/src/is_customizable_type.c", 172 "$LIBSELINUX_ROOT_DIR/src/label.c", 173 "$LIBSELINUX_ROOT_DIR/src/label_backends_android.c", 174 "$LIBSELINUX_ROOT_DIR/src/label_db.c", 175 "$LIBSELINUX_ROOT_DIR/src/label_file.c", 176 "$LIBSELINUX_ROOT_DIR/src/label_media.c", 177 "$LIBSELINUX_ROOT_DIR/src/label_support.c", 178 "$LIBSELINUX_ROOT_DIR/src/label_x.c", 179 "$LIBSELINUX_ROOT_DIR/src/lgetfilecon.c", 180 "$LIBSELINUX_ROOT_DIR/src/load_policy.c", 181 "$LIBSELINUX_ROOT_DIR/src/lsetfilecon.c", 182 "$LIBSELINUX_ROOT_DIR/src/mapping.c", 183 "$LIBSELINUX_ROOT_DIR/src/matchpathcon.c", 184 "$LIBSELINUX_ROOT_DIR/src/policyvers.c", 185 "$LIBSELINUX_ROOT_DIR/src/procattr.c", 186 "$LIBSELINUX_ROOT_DIR/src/regex.c", 187 "$LIBSELINUX_ROOT_DIR/src/reject_unknown.c", 188 "$LIBSELINUX_ROOT_DIR/src/selinux_config.c", 189 "$LIBSELINUX_ROOT_DIR/src/selinux_restorecon.c", 190 "$LIBSELINUX_ROOT_DIR/src/sestatus.c", 191 "$LIBSELINUX_ROOT_DIR/src/setenforce.c", 192 "$LIBSELINUX_ROOT_DIR/src/setfilecon.c", 193 "$LIBSELINUX_ROOT_DIR/src/setrans_client.c", 194 "$LIBSELINUX_ROOT_DIR/src/seusers.c", 195 "$LIBSELINUX_ROOT_DIR/src/sha1.c", 196 "$LIBSELINUX_ROOT_DIR/src/stringrep.c", 197 ] 198 include_dirs = [ 199 "$LIBSELINUX_ROOT_DIR/include", 200 "$LIBPCRE2_ROOT_DIR/pcre2/src", 201 "$LIBFTS_ROOT_DIR/", 202 "$LIBSEPOL_ROOT_DIR/include", 203 ] 204 205 cflags = [ 206 "-D_GNU_SOURCE", 207 "-w", 208 "-DSHARED", 209 "-DUSE_PCRE2", 210 "-U__BIONIC__", 211 "-DAUDITD_LOG_TAG=1003", 212 "-DPCRE2_CODE_UNIT_WIDTH=8", 213 ] 214 deps = [ "$LIBPCRE2_ROOT_DIR:libpcre2" ] 215 install_enable = true 216 install_images = [ 217 "system", 218 "ramdisk", 219 "updater", 220 ] 221 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 222 part_name = "selinux" 223 subsystem_name = "security" 224} 225 226ohos_executable("setenforce") { 227 install_enable = true 228 sources = [ "$LIBSELINUX_ROOT_DIR/utils/setenforce.c" ] 229 deps = [ ":libselinux" ] 230 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 231 232 cflags = [ 233 "-D_GNU_SOURCE", 234 "-w", 235 ] 236 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 237 part_name = "selinux" 238 subsystem_name = "security" 239} 240 241ohos_executable("getenforce") { 242 install_enable = true 243 sources = [ "$LIBSELINUX_ROOT_DIR/utils/getenforce.c" ] 244 deps = [ ":libselinux" ] 245 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 246 cflags = [ 247 "-D_GNU_SOURCE", 248 "-w", 249 ] 250 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 251 part_name = "selinux" 252 subsystem_name = "security" 253} 254 255ohos_executable("getfilecon") { 256 install_enable = true 257 sources = [ "$LIBSELINUX_ROOT_DIR/utils/getfilecon.c" ] 258 deps = [ ":libselinux" ] 259 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 260 cflags = [ 261 "-D_GNU_SOURCE", 262 "-w", 263 ] 264 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 265 part_name = "selinux" 266 subsystem_name = "security" 267} 268 269ohos_executable("setfilecon") { 270 install_enable = true 271 sources = [ "$LIBSELINUX_ROOT_DIR/utils/setfilecon.c" ] 272 deps = [ ":libselinux" ] 273 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 274 cflags = [ 275 "-D_GNU_SOURCE", 276 "-w", 277 ] 278 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 279 part_name = "selinux" 280 subsystem_name = "security" 281} 282 283ohos_executable("selinuxexeccon") { 284 install_enable = true 285 sources = [ "$LIBSELINUX_ROOT_DIR/utils/selinuxexeccon.c" ] 286 deps = [ ":libselinux" ] 287 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 288 cflags = [ 289 "-D_GNU_SOURCE", 290 "-w", 291 ] 292 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 293 part_name = "selinux" 294 subsystem_name = "security" 295} 296 297ohos_executable("selinux_check_access") { 298 install_enable = true 299 sources = [ "$LIBSELINUX_ROOT_DIR/utils/selinux_check_access.c" ] 300 deps = [ ":libselinux" ] 301 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 302 cflags = [ 303 "-D_GNU_SOURCE", 304 "-w", 305 ] 306 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 307 part_name = "selinux" 308 subsystem_name = "security" 309} 310 311ohos_executable("getpidcon") { 312 install_enable = true 313 sources = [ "$LIBSELINUX_ROOT_DIR/utils/getpidcon.c" ] 314 deps = [ ":libselinux" ] 315 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 316 cflags = [ 317 "-D_GNU_SOURCE", 318 "-w", 319 ] 320 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 321 part_name = "selinux" 322 subsystem_name = "security" 323} 324 325ohos_executable("checkpolicy") { 326 md5_check_script = rebase_path("//third_party/selinux/check_md5.sh") 327 _arguments = [ 328 rebase_path("checkpolicy/y.tab.c"), 329 rebase_path("checkpolicy/policy_parse.y"), 330 rebase_path("checkpolicy/y.tab.md5"), 331 ] 332 result = exec_script(md5_check_script, _arguments, "string") 333 if (result != "") { 334 exec_script("/usr/bin/bison", 335 [ 336 "-y", 337 "-d", 338 rebase_path("checkpolicy/policy_parse.y"), 339 "-o", 340 rebase_path("checkpolicy/y.tab.c"), 341 ], 342 "") 343 } 344 _arguments = [] 345 _arguments = [ 346 rebase_path("checkpolicy/policy_scan.c"), 347 rebase_path("checkpolicy/policy_scan.l"), 348 rebase_path("checkpolicy/policy_scan.md5"), 349 ] 350 result = exec_script(md5_check_script, _arguments, "string") 351 if (result != "") { 352 exec_script("/usr/bin/flex", 353 [ 354 "-o", 355 rebase_path("checkpolicy/policy_scan.c"), 356 rebase_path("checkpolicy/policy_scan.l"), 357 ], 358 "") 359 } 360 install_enable = true 361 sources = [ 362 "$CHECKPOLICY_ROOT_DIR/checkpolicy.c", 363 "$CHECKPOLICY_ROOT_DIR/module_compiler.c", 364 "$CHECKPOLICY_ROOT_DIR/parse_util.c", 365 "$CHECKPOLICY_ROOT_DIR/policy_define.c", 366 "$CHECKPOLICY_ROOT_DIR/policy_scan.c", 367 "$CHECKPOLICY_ROOT_DIR/queue.c", 368 "$CHECKPOLICY_ROOT_DIR/y.tab.c", 369 ] 370 deps = [ ":libsepol" ] 371 include_dirs = [ 372 "$LIBSEPOL_ROOT_DIR/cil/include", 373 "$LIBSEPOL_ROOT_DIR/include", 374 "$CHECKPOLICY_ROOT_DIR", 375 ] 376 cflags = [ 377 "-Wall", 378 "-Werror", 379 "-Wshadow", 380 ] 381 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 382 part_name = "selinux" 383 subsystem_name = "security" 384} 385 386ohos_executable("secilc") { 387 install_enable = true 388 sources = [ "$SECILC_ROOT_DIR/secilc.c" ] 389 deps = [ ":libsepol" ] 390 include_dirs = [ 391 "$LIBSEPOL_ROOT_DIR/cil/include", 392 "$LIBSEPOL_ROOT_DIR/include", 393 ] 394 cflags = [ 395 "-Wall", 396 "-Werror", 397 "-Wshadow", 398 ] 399 license_file = "$LIBSEPOL_ROOT_DIR/COPYING" 400 part_name = "selinux" 401 subsystem_name = "security" 402} 403 404ohos_executable("sefcontext_compile") { 405 install_enable = true 406 sources = [ "$LIBSELINUX_ROOT_DIR/utils/sefcontext_compile.c" ] 407 deps = [ 408 ":libselinux", 409 ":libsepol", 410 "$LIBPCRE2_ROOT_DIR:libpcre2", 411 ] 412 include_dirs = [ 413 "$LIBSELINUX_ROOT_DIR/include", 414 "$LIBPCRE2_ROOT_DIR/pcre2/src", 415 "$LIBSEPOL_ROOT_DIR/include", 416 ] 417 cflags = [ 418 "-D_GNU_SOURCE", 419 "-DUSE_PCRE2", 420 "-DPCRE2_CODE_UNIT_WIDTH=8", 421 "-w", 422 ] 423 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 424 part_name = "selinux" 425 subsystem_name = "security" 426} 427