1# Copyright (c) 2021 北京万里红科技有限公司 2# Copyright(c) Huawei Technologies Co.,Ltd. 3# 2020-2021.All rights reserved. 4# Copyright(c)2016,Google inc. 5# 6# Permission to use,copy,modify,and/or distribute this software for any 7# purpose with or without fee is hereby granted,provided that the above 8# copyright notice and this permission notice appear in all copies. 9# 10 11import("//build/ohos.gni") 12 13LIBSEPOL_ROOT_DIR = "//third_party/selinux/libsepol" 14LIBSELINUX_ROOT_DIR = "//third_party/selinux/libselinux" 15CHECKPOLICY_ROOT_DIR = "//third_party/selinux/checkpolicy" 16SECILC_ROOT_DIR = "//third_party/selinux/secilc" 17LIBFTS_ROOT_DIR = "//third_party/FreeBSD" 18LIBPCRE2_ROOT_DIR = "//third_party/pcre2" 19 20config("third_party_selinux_config") { 21 include_dirs = [ 22 "$LIBSELINUX_ROOT_DIR/include", 23 "$LIBSELINUX_ROOT_DIR", 24 "$LIBPCRE2_ROOT_DIR/pcre2/src", 25 "$LIBFTS_ROOT_DIR", 26 ] 27} 28 29ohos_shared_library("libsepol") { 30 md5_check_script = rebase_path("//third_party/selinux/check_md5.sh") 31 _arguments = [ 32 rebase_path("libsepol/cil/src/cil_lexer.c"), 33 rebase_path("libsepol/cil/src/cil_lexer.l"), 34 rebase_path("libsepol/cil/src/cil_lexer.md5"), 35 ] 36 result = exec_script(md5_check_script, _arguments, "string") 37 if (result != "") { 38 exec_script("/usr/bin/flex", 39 [ 40 "-o", 41 rebase_path("libsepol/cil/src/cil_lexer.c"), 42 rebase_path("libsepol/cil/src/cil_lexer.l"), 43 ], 44 "") 45 } 46 47 output_name = "libsepol" 48 version_script = "libsepol.map" 49 sources = [ 50 "$LIBSEPOL_ROOT_DIR/cil/src/cil.c", 51 "$LIBSEPOL_ROOT_DIR/cil/src/cil_binary.c", 52 "$LIBSEPOL_ROOT_DIR/cil/src/cil_build_ast.c", 53 "$LIBSEPOL_ROOT_DIR/cil/src/cil_copy_ast.c", 54 "$LIBSEPOL_ROOT_DIR/cil/src/cil_find.c", 55 "$LIBSEPOL_ROOT_DIR/cil/src/cil_fqn.c", 56 "$LIBSEPOL_ROOT_DIR/cil/src/cil_lexer.c", 57 "$LIBSEPOL_ROOT_DIR/cil/src/cil_list.c", 58 "$LIBSEPOL_ROOT_DIR/cil/src/cil_log.c", 59 "$LIBSEPOL_ROOT_DIR/cil/src/cil_mem.c", 60 "$LIBSEPOL_ROOT_DIR/cil/src/cil_parser.c", 61 "$LIBSEPOL_ROOT_DIR/cil/src/cil_policy.c", 62 "$LIBSEPOL_ROOT_DIR/cil/src/cil_post.c", 63 "$LIBSEPOL_ROOT_DIR/cil/src/cil_reset_ast.c", 64 "$LIBSEPOL_ROOT_DIR/cil/src/cil_resolve_ast.c", 65 "$LIBSEPOL_ROOT_DIR/cil/src/cil_stack.c", 66 "$LIBSEPOL_ROOT_DIR/cil/src/cil_strpool.c", 67 "$LIBSEPOL_ROOT_DIR/cil/src/cil_symtab.c", 68 "$LIBSEPOL_ROOT_DIR/cil/src/cil_tree.c", 69 "$LIBSEPOL_ROOT_DIR/cil/src/cil_verify.c", 70 "$LIBSEPOL_ROOT_DIR/cil/src/cil_write_ast.c", 71 "$LIBSEPOL_ROOT_DIR/src/assertion.c", 72 "$LIBSEPOL_ROOT_DIR/src/avrule_block.c", 73 "$LIBSEPOL_ROOT_DIR/src/avtab.c", 74 "$LIBSEPOL_ROOT_DIR/src/boolean_record.c", 75 "$LIBSEPOL_ROOT_DIR/src/booleans.c", 76 "$LIBSEPOL_ROOT_DIR/src/conditional.c", 77 "$LIBSEPOL_ROOT_DIR/src/constraint.c", 78 "$LIBSEPOL_ROOT_DIR/src/context.c", 79 "$LIBSEPOL_ROOT_DIR/src/context_record.c", 80 "$LIBSEPOL_ROOT_DIR/src/debug.c", 81 "$LIBSEPOL_ROOT_DIR/src/ebitmap.c", 82 "$LIBSEPOL_ROOT_DIR/src/expand.c", 83 "$LIBSEPOL_ROOT_DIR/src/handle.c", 84 "$LIBSEPOL_ROOT_DIR/src/hashtab.c", 85 "$LIBSEPOL_ROOT_DIR/src/hierarchy.c", 86 "$LIBSEPOL_ROOT_DIR/src/ibendport_record.c", 87 "$LIBSEPOL_ROOT_DIR/src/ibendports.c", 88 "$LIBSEPOL_ROOT_DIR/src/ibpkey_record.c", 89 "$LIBSEPOL_ROOT_DIR/src/ibpkeys.c", 90 "$LIBSEPOL_ROOT_DIR/src/iface_record.c", 91 "$LIBSEPOL_ROOT_DIR/src/interfaces.c", 92 "$LIBSEPOL_ROOT_DIR/src/kernel_to_cil.c", 93 "$LIBSEPOL_ROOT_DIR/src/kernel_to_common.c", 94 "$LIBSEPOL_ROOT_DIR/src/kernel_to_conf.c", 95 "$LIBSEPOL_ROOT_DIR/src/link.c", 96 "$LIBSEPOL_ROOT_DIR/src/mls.c", 97 "$LIBSEPOL_ROOT_DIR/src/module.c", 98 "$LIBSEPOL_ROOT_DIR/src/module_to_cil.c", 99 "$LIBSEPOL_ROOT_DIR/src/node_record.c", 100 "$LIBSEPOL_ROOT_DIR/src/nodes.c", 101 "$LIBSEPOL_ROOT_DIR/src/optimize.c", 102 "$LIBSEPOL_ROOT_DIR/src/polcaps.c", 103 "$LIBSEPOL_ROOT_DIR/src/policydb.c", 104 "$LIBSEPOL_ROOT_DIR/src/policydb_convert.c", 105 "$LIBSEPOL_ROOT_DIR/src/policydb_public.c", 106 "$LIBSEPOL_ROOT_DIR/src/policydb_validate.c", 107 "$LIBSEPOL_ROOT_DIR/src/port_record.c", 108 "$LIBSEPOL_ROOT_DIR/src/ports.c", 109 "$LIBSEPOL_ROOT_DIR/src/services.c", 110 "$LIBSEPOL_ROOT_DIR/src/sidtab.c", 111 "$LIBSEPOL_ROOT_DIR/src/symtab.c", 112 "$LIBSEPOL_ROOT_DIR/src/user_record.c", 113 "$LIBSEPOL_ROOT_DIR/src/users.c", 114 "$LIBSEPOL_ROOT_DIR/src/util.c", 115 "$LIBSEPOL_ROOT_DIR/src/write.c", 116 ] 117 include_dirs = [ 118 "$LIBSEPOL_ROOT_DIR/cil/include", 119 "$LIBSEPOL_ROOT_DIR/include", 120 ] 121 cflags = [ 122 "-D_GNU_SOURCE", 123 "-DHAVE_REALLOCARRAY", 124 "-w", 125 ] 126 install_enable = true 127 install_images = [ 128 "system", 129 "ramdisk", 130 "updater", 131 ] 132 license_file = "$LIBSEPOL_ROOT_DIR/COPYING" 133 part_name = "selinux" 134 subsystem_name = "thirdparty" 135} 136 137ohos_executable("chkcon") { 138 install_enable = true 139 sources = [ "$LIBSEPOL_ROOT_DIR/utils/chkcon.c" ] 140 deps = [ ":libsepol" ] 141 include_dirs = [ "$LIBSEPOL_ROOT_DIR/include" ] 142 cflags = [ 143 "-D_GNU_SOURCE", 144 "-w", 145 ] 146 license_file = "$LIBSEPOL_ROOT_DIR/COPYING" 147 part_name = "selinux" 148 subsystem_name = "thirdparty" 149} 150 151ohos_shared_library("libselinux") { 152 output_name = "libselinux" 153 sources = [ 154 "$LIBFTS_ROOT_DIR/lib/libc/gen/fts.c", 155 "$LIBSELINUX_ROOT_DIR/src/avc.c", 156 "$LIBSELINUX_ROOT_DIR/src/avc_internal.c", 157 "$LIBSELINUX_ROOT_DIR/src/avc_sidtab.c", 158 "$LIBSELINUX_ROOT_DIR/src/booleans.c", 159 "$LIBSELINUX_ROOT_DIR/src/callbacks.c", 160 "$LIBSELINUX_ROOT_DIR/src/canonicalize_context.c", 161 "$LIBSELINUX_ROOT_DIR/src/checkAccess.c", 162 "$LIBSELINUX_ROOT_DIR/src/check_context.c", 163 "$LIBSELINUX_ROOT_DIR/src/compute_av.c", 164 "$LIBSELINUX_ROOT_DIR/src/compute_create.c", 165 "$LIBSELINUX_ROOT_DIR/src/compute_member.c", 166 "$LIBSELINUX_ROOT_DIR/src/context.c", 167 "$LIBSELINUX_ROOT_DIR/src/deny_unknown.c", 168 "$LIBSELINUX_ROOT_DIR/src/disable.c", 169 "$LIBSELINUX_ROOT_DIR/src/enabled.c", 170 "$LIBSELINUX_ROOT_DIR/src/fgetfilecon.c", 171 "$LIBSELINUX_ROOT_DIR/src/freecon.c", 172 "$LIBSELINUX_ROOT_DIR/src/fsetfilecon.c", 173 "$LIBSELINUX_ROOT_DIR/src/get_initial_context.c", 174 "$LIBSELINUX_ROOT_DIR/src/getenforce.c", 175 "$LIBSELINUX_ROOT_DIR/src/getfilecon.c", 176 "$LIBSELINUX_ROOT_DIR/src/getpeercon.c", 177 "$LIBSELINUX_ROOT_DIR/src/init.c", 178 "$LIBSELINUX_ROOT_DIR/src/is_customizable_type.c", 179 "$LIBSELINUX_ROOT_DIR/src/label.c", 180 "$LIBSELINUX_ROOT_DIR/src/label_backends_android.c", 181 "$LIBSELINUX_ROOT_DIR/src/label_db.c", 182 "$LIBSELINUX_ROOT_DIR/src/label_file.c", 183 "$LIBSELINUX_ROOT_DIR/src/label_media.c", 184 "$LIBSELINUX_ROOT_DIR/src/label_support.c", 185 "$LIBSELINUX_ROOT_DIR/src/label_x.c", 186 "$LIBSELINUX_ROOT_DIR/src/lgetfilecon.c", 187 "$LIBSELINUX_ROOT_DIR/src/load_policy.c", 188 "$LIBSELINUX_ROOT_DIR/src/lsetfilecon.c", 189 "$LIBSELINUX_ROOT_DIR/src/mapping.c", 190 "$LIBSELINUX_ROOT_DIR/src/matchpathcon.c", 191 "$LIBSELINUX_ROOT_DIR/src/policyvers.c", 192 "$LIBSELINUX_ROOT_DIR/src/procattr.c", 193 "$LIBSELINUX_ROOT_DIR/src/regex.c", 194 "$LIBSELINUX_ROOT_DIR/src/reject_unknown.c", 195 "$LIBSELINUX_ROOT_DIR/src/selinux_config.c", 196 "$LIBSELINUX_ROOT_DIR/src/selinux_restorecon.c", 197 "$LIBSELINUX_ROOT_DIR/src/sestatus.c", 198 "$LIBSELINUX_ROOT_DIR/src/setenforce.c", 199 "$LIBSELINUX_ROOT_DIR/src/setfilecon.c", 200 "$LIBSELINUX_ROOT_DIR/src/setrans_client.c", 201 "$LIBSELINUX_ROOT_DIR/src/seusers.c", 202 "$LIBSELINUX_ROOT_DIR/src/sha1.c", 203 "$LIBSELINUX_ROOT_DIR/src/stringrep.c", 204 ] 205 include_dirs = [ 206 "$LIBSELINUX_ROOT_DIR/include", 207 "$LIBPCRE2_ROOT_DIR/pcre2/src", 208 "$LIBFTS_ROOT_DIR/", 209 "$LIBSEPOL_ROOT_DIR/include", 210 ] 211 212 public_configs = [ ":third_party_selinux_config" ] 213 214 cflags = [ 215 "-DOHOS_FC_INIT", 216 "-D_GNU_SOURCE", 217 "-w", 218 "-DSHARED", 219 "-DUSE_PCRE2", 220 "-U__BIONIC__", 221 "-DAUDITD_LOG_TAG=1003", 222 "-DPCRE2_CODE_UNIT_WIDTH=8", 223 ] 224 deps = [ "$LIBPCRE2_ROOT_DIR:libpcre2" ] 225 install_enable = true 226 install_images = [ 227 "system", 228 "ramdisk", 229 "updater", 230 ] 231 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 232 innerapi_tags = [ 233 "platformsdk_indirect", 234 "chipsetsdk_indirect", 235 ] 236 part_name = "selinux" 237 subsystem_name = "thirdparty" 238} 239 240ohos_executable("setenforce") { 241 install_enable = true 242 sources = [ "$LIBSELINUX_ROOT_DIR/utils/setenforce.c" ] 243 deps = [ ":libselinux" ] 244 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 245 246 cflags = [ 247 "-D_GNU_SOURCE", 248 "-w", 249 ] 250 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 251 part_name = "selinux" 252 subsystem_name = "thirdparty" 253 install_images = [ 254 "system", 255 "updater", 256 ] 257} 258 259ohos_executable("getenforce") { 260 install_enable = true 261 sources = [ "$LIBSELINUX_ROOT_DIR/utils/getenforce.c" ] 262 deps = [ ":libselinux" ] 263 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 264 cflags = [ 265 "-D_GNU_SOURCE", 266 "-w", 267 ] 268 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 269 part_name = "selinux" 270 subsystem_name = "thirdparty" 271 install_images = [ 272 "system", 273 "updater", 274 ] 275} 276 277ohos_executable("getfilecon") { 278 install_enable = true 279 sources = [ "$LIBSELINUX_ROOT_DIR/utils/getfilecon.c" ] 280 deps = [ ":libselinux" ] 281 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 282 cflags = [ 283 "-D_GNU_SOURCE", 284 "-w", 285 ] 286 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 287 part_name = "selinux" 288 subsystem_name = "thirdparty" 289 install_images = [ 290 "system", 291 "updater", 292 ] 293} 294 295ohos_executable("setfilecon") { 296 install_enable = true 297 sources = [ "$LIBSELINUX_ROOT_DIR/utils/setfilecon.c" ] 298 deps = [ ":libselinux" ] 299 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 300 cflags = [ 301 "-D_GNU_SOURCE", 302 "-w", 303 ] 304 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 305 part_name = "selinux" 306 subsystem_name = "thirdparty" 307 install_images = [ 308 "system", 309 "updater", 310 ] 311} 312 313ohos_executable("selinuxexeccon") { 314 install_enable = true 315 sources = [ "$LIBSELINUX_ROOT_DIR/utils/selinuxexeccon.c" ] 316 deps = [ ":libselinux" ] 317 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 318 cflags = [ 319 "-D_GNU_SOURCE", 320 "-w", 321 ] 322 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 323 part_name = "selinux" 324 subsystem_name = "thirdparty" 325 install_images = [ 326 "system", 327 "updater", 328 ] 329} 330 331ohos_executable("selinux_check_access") { 332 install_enable = true 333 sources = [ "$LIBSELINUX_ROOT_DIR/utils/selinux_check_access.c" ] 334 deps = [ ":libselinux" ] 335 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 336 cflags = [ 337 "-D_GNU_SOURCE", 338 "-w", 339 ] 340 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 341 part_name = "selinux" 342 subsystem_name = "thirdparty" 343 install_images = [ 344 "system", 345 "updater", 346 ] 347} 348 349ohos_executable("getpidcon") { 350 install_enable = true 351 sources = [ "$LIBSELINUX_ROOT_DIR/utils/getpidcon.c" ] 352 deps = [ ":libselinux" ] 353 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 354 cflags = [ 355 "-D_GNU_SOURCE", 356 "-w", 357 ] 358 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 359 part_name = "selinux" 360 subsystem_name = "thirdparty" 361 install_images = [ 362 "system", 363 "updater", 364 ] 365} 366 367ohos_executable("checkpolicy") { 368 md5_check_script = rebase_path("//third_party/selinux/check_md5.sh") 369 _arguments = [ 370 rebase_path("checkpolicy/y.tab.c"), 371 rebase_path("checkpolicy/policy_parse.y"), 372 rebase_path("checkpolicy/y.tab.md5"), 373 ] 374 result = exec_script(md5_check_script, _arguments, "string") 375 if (result != "") { 376 exec_script("/usr/bin/bison", 377 [ 378 "-y", 379 "-d", 380 rebase_path("checkpolicy/policy_parse.y"), 381 "-o", 382 rebase_path("checkpolicy/y.tab.c"), 383 ], 384 "") 385 } 386 _arguments = [] 387 _arguments = [ 388 rebase_path("checkpolicy/policy_scan.c"), 389 rebase_path("checkpolicy/policy_scan.l"), 390 rebase_path("checkpolicy/policy_scan.md5"), 391 ] 392 result = exec_script(md5_check_script, _arguments, "string") 393 if (result != "") { 394 exec_script("/usr/bin/flex", 395 [ 396 "-o", 397 rebase_path("checkpolicy/policy_scan.c"), 398 rebase_path("checkpolicy/policy_scan.l"), 399 ], 400 "") 401 } 402 install_enable = true 403 sources = [ 404 "$CHECKPOLICY_ROOT_DIR/checkpolicy.c", 405 "$CHECKPOLICY_ROOT_DIR/module_compiler.c", 406 "$CHECKPOLICY_ROOT_DIR/parse_util.c", 407 "$CHECKPOLICY_ROOT_DIR/policy_define.c", 408 "$CHECKPOLICY_ROOT_DIR/policy_scan.c", 409 "$CHECKPOLICY_ROOT_DIR/queue.c", 410 "$CHECKPOLICY_ROOT_DIR/y.tab.c", 411 ] 412 deps = [ ":libsepol" ] 413 include_dirs = [ 414 "$LIBSEPOL_ROOT_DIR/cil/include", 415 "$LIBSEPOL_ROOT_DIR/include", 416 "$CHECKPOLICY_ROOT_DIR", 417 ] 418 cflags = [ 419 "-Wall", 420 "-Werror", 421 "-Wshadow", 422 ] 423 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 424 part_name = "selinux" 425 subsystem_name = "thirdparty" 426} 427 428ohos_executable("secilc") { 429 install_enable = true 430 sources = [ "$SECILC_ROOT_DIR/secilc.c" ] 431 deps = [ ":libsepol" ] 432 include_dirs = [ 433 "$LIBSEPOL_ROOT_DIR/cil/include", 434 "$LIBSEPOL_ROOT_DIR/include", 435 ] 436 cflags = [ 437 "-Wall", 438 "-Werror", 439 "-Wshadow", 440 ] 441 license_file = "$LIBSEPOL_ROOT_DIR/COPYING" 442 part_name = "selinux" 443 subsystem_name = "thirdparty" 444} 445 446ohos_executable("sefcontext_compile") { 447 install_enable = true 448 sources = [ "$LIBSELINUX_ROOT_DIR/utils/sefcontext_compile.c" ] 449 deps = [ 450 ":libselinux", 451 ":libsepol", 452 "$LIBPCRE2_ROOT_DIR:libpcre2", 453 ] 454 include_dirs = [ 455 "$LIBSELINUX_ROOT_DIR/include", 456 "$LIBPCRE2_ROOT_DIR/pcre2/src", 457 "$LIBSEPOL_ROOT_DIR/include", 458 ] 459 cflags = [ 460 "-D_GNU_SOURCE", 461 "-DUSE_PCRE2", 462 "-DPCRE2_CODE_UNIT_WIDTH=8", 463 "-w", 464 ] 465 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 466 part_name = "selinux" 467 subsystem_name = "thirdparty" 468} 469