1# Copyright (c) 2021 北京万里红科技有限公司 2# Copyright(c) Huawei Technologies Co.,Ltd. 3# 2020-2021.All rights reserved. 4# Copyright(c)2016,Google inc. 5# 6# Permission to use,copy,modify,and/or distribute this software for any 7# purpose with or without fee is hereby granted,provided that the above 8# copyright notice and this permission notice appear in all copies. 9# 10 11import("//build/ohos.gni") 12 13LIBSEPOL_ROOT_DIR = "//third_party/selinux/libsepol" 14LIBSELINUX_ROOT_DIR = "//third_party/selinux/libselinux" 15CHECKPOLICY_ROOT_DIR = "//third_party/selinux/checkpolicy" 16SECILC_ROOT_DIR = "//third_party/selinux/secilc" 17LIBFTS_ROOT_DIR = "//third_party/FreeBSD" 18LIBPCRE2_ROOT_DIR = "//third_party/pcre2" 19 20config("third_party_selinux_config") { 21 include_dirs = [ 22 "$LIBSELINUX_ROOT_DIR/include", 23 "$LIBSELINUX_ROOT_DIR", 24 "$LIBPCRE2_ROOT_DIR/pcre2/src", 25 "$LIBFTS_ROOT_DIR", 26 ] 27} 28 29config("third_party_selinux_nolto_config") { 30 if (use_libfuzzer && !is_mac) { 31 cflags = [] 32 } else { 33 cflags = [ 34 "-fno-emulated-tls", 35 "-fno-lto", 36 "-fno-whole-program-vtables", 37 ] 38 } 39} 40 41ohos_shared_library("libsepol") { 42 md5_check_script = rebase_path("//third_party/selinux/check_md5.sh") 43 _arguments = [ 44 rebase_path("libsepol/cil/src/cil_lexer.c"), 45 rebase_path("libsepol/cil/src/cil_lexer.l"), 46 rebase_path("libsepol/cil/src/cil_lexer.md5"), 47 ] 48 result = exec_script(md5_check_script, _arguments, "string") 49 if (result != "") { 50 exec_script("/usr/bin/flex", 51 [ 52 "-o", 53 rebase_path("libsepol/cil/src/cil_lexer.c"), 54 rebase_path("libsepol/cil/src/cil_lexer.l"), 55 ], 56 "") 57 } 58 59 output_name = "libsepol" 60 version_script = "libsepol.map" 61 sources = [ 62 "$LIBSEPOL_ROOT_DIR/cil/src/cil.c", 63 "$LIBSEPOL_ROOT_DIR/cil/src/cil_binary.c", 64 "$LIBSEPOL_ROOT_DIR/cil/src/cil_build_ast.c", 65 "$LIBSEPOL_ROOT_DIR/cil/src/cil_copy_ast.c", 66 "$LIBSEPOL_ROOT_DIR/cil/src/cil_find.c", 67 "$LIBSEPOL_ROOT_DIR/cil/src/cil_fqn.c", 68 "$LIBSEPOL_ROOT_DIR/cil/src/cil_lexer.c", 69 "$LIBSEPOL_ROOT_DIR/cil/src/cil_list.c", 70 "$LIBSEPOL_ROOT_DIR/cil/src/cil_log.c", 71 "$LIBSEPOL_ROOT_DIR/cil/src/cil_mem.c", 72 "$LIBSEPOL_ROOT_DIR/cil/src/cil_parser.c", 73 "$LIBSEPOL_ROOT_DIR/cil/src/cil_policy.c", 74 "$LIBSEPOL_ROOT_DIR/cil/src/cil_post.c", 75 "$LIBSEPOL_ROOT_DIR/cil/src/cil_reset_ast.c", 76 "$LIBSEPOL_ROOT_DIR/cil/src/cil_resolve_ast.c", 77 "$LIBSEPOL_ROOT_DIR/cil/src/cil_stack.c", 78 "$LIBSEPOL_ROOT_DIR/cil/src/cil_strpool.c", 79 "$LIBSEPOL_ROOT_DIR/cil/src/cil_symtab.c", 80 "$LIBSEPOL_ROOT_DIR/cil/src/cil_tree.c", 81 "$LIBSEPOL_ROOT_DIR/cil/src/cil_verify.c", 82 "$LIBSEPOL_ROOT_DIR/cil/src/cil_write_ast.c", 83 "$LIBSEPOL_ROOT_DIR/src/assertion.c", 84 "$LIBSEPOL_ROOT_DIR/src/avrule_block.c", 85 "$LIBSEPOL_ROOT_DIR/src/avtab.c", 86 "$LIBSEPOL_ROOT_DIR/src/boolean_record.c", 87 "$LIBSEPOL_ROOT_DIR/src/booleans.c", 88 "$LIBSEPOL_ROOT_DIR/src/conditional.c", 89 "$LIBSEPOL_ROOT_DIR/src/constraint.c", 90 "$LIBSEPOL_ROOT_DIR/src/context.c", 91 "$LIBSEPOL_ROOT_DIR/src/context_record.c", 92 "$LIBSEPOL_ROOT_DIR/src/debug.c", 93 "$LIBSEPOL_ROOT_DIR/src/ebitmap.c", 94 "$LIBSEPOL_ROOT_DIR/src/expand.c", 95 "$LIBSEPOL_ROOT_DIR/src/handle.c", 96 "$LIBSEPOL_ROOT_DIR/src/hashtab.c", 97 "$LIBSEPOL_ROOT_DIR/src/hierarchy.c", 98 "$LIBSEPOL_ROOT_DIR/src/ibendport_record.c", 99 "$LIBSEPOL_ROOT_DIR/src/ibendports.c", 100 "$LIBSEPOL_ROOT_DIR/src/ibpkey_record.c", 101 "$LIBSEPOL_ROOT_DIR/src/ibpkeys.c", 102 "$LIBSEPOL_ROOT_DIR/src/iface_record.c", 103 "$LIBSEPOL_ROOT_DIR/src/interfaces.c", 104 "$LIBSEPOL_ROOT_DIR/src/kernel_to_cil.c", 105 "$LIBSEPOL_ROOT_DIR/src/kernel_to_common.c", 106 "$LIBSEPOL_ROOT_DIR/src/kernel_to_conf.c", 107 "$LIBSEPOL_ROOT_DIR/src/link.c", 108 "$LIBSEPOL_ROOT_DIR/src/mls.c", 109 "$LIBSEPOL_ROOT_DIR/src/module.c", 110 "$LIBSEPOL_ROOT_DIR/src/module_to_cil.c", 111 "$LIBSEPOL_ROOT_DIR/src/node_record.c", 112 "$LIBSEPOL_ROOT_DIR/src/nodes.c", 113 "$LIBSEPOL_ROOT_DIR/src/optimize.c", 114 "$LIBSEPOL_ROOT_DIR/src/polcaps.c", 115 "$LIBSEPOL_ROOT_DIR/src/policydb.c", 116 "$LIBSEPOL_ROOT_DIR/src/policydb_convert.c", 117 "$LIBSEPOL_ROOT_DIR/src/policydb_public.c", 118 "$LIBSEPOL_ROOT_DIR/src/policydb_validate.c", 119 "$LIBSEPOL_ROOT_DIR/src/port_record.c", 120 "$LIBSEPOL_ROOT_DIR/src/ports.c", 121 "$LIBSEPOL_ROOT_DIR/src/services.c", 122 "$LIBSEPOL_ROOT_DIR/src/sidtab.c", 123 "$LIBSEPOL_ROOT_DIR/src/symtab.c", 124 "$LIBSEPOL_ROOT_DIR/src/user_record.c", 125 "$LIBSEPOL_ROOT_DIR/src/users.c", 126 "$LIBSEPOL_ROOT_DIR/src/util.c", 127 "$LIBSEPOL_ROOT_DIR/src/write.c", 128 ] 129 include_dirs = [ 130 "$LIBSEPOL_ROOT_DIR/cil/include", 131 "$LIBSEPOL_ROOT_DIR/include", 132 ] 133 cflags = [ 134 "-D_GNU_SOURCE", 135 "-DHAVE_REALLOCARRAY", 136 "-w", 137 ] 138 install_enable = true 139 install_images = [ 140 "system", 141 "ramdisk", 142 "updater", 143 ] 144 license_file = "$LIBSEPOL_ROOT_DIR/LICENSE" 145 part_name = "selinux" 146 subsystem_name = "thirdparty" 147} 148 149ohos_executable("chkcon") { 150 install_enable = true 151 sources = [ "$LIBSEPOL_ROOT_DIR/utils/chkcon.c" ] 152 deps = [ ":libsepol" ] 153 include_dirs = [ "$LIBSEPOL_ROOT_DIR/include" ] 154 cflags = [ 155 "-D_GNU_SOURCE", 156 "-w", 157 ] 158 license_file = "$LIBSEPOL_ROOT_DIR/LICENSE" 159 part_name = "selinux" 160 subsystem_name = "thirdparty" 161} 162 163ohos_shared_library("libselinux") { 164 output_name = "libselinux" 165 166 sources = [ 167 "$LIBFTS_ROOT_DIR/lib/libc/gen/fts.c", 168 "$LIBSELINUX_ROOT_DIR/src/avc.c", 169 "$LIBSELINUX_ROOT_DIR/src/avc_internal.c", 170 "$LIBSELINUX_ROOT_DIR/src/avc_sidtab.c", 171 "$LIBSELINUX_ROOT_DIR/src/booleans.c", 172 "$LIBSELINUX_ROOT_DIR/src/callbacks.c", 173 "$LIBSELINUX_ROOT_DIR/src/canonicalize_context.c", 174 "$LIBSELINUX_ROOT_DIR/src/checkAccess.c", 175 "$LIBSELINUX_ROOT_DIR/src/check_context.c", 176 "$LIBSELINUX_ROOT_DIR/src/compute_av.c", 177 "$LIBSELINUX_ROOT_DIR/src/compute_create.c", 178 "$LIBSELINUX_ROOT_DIR/src/compute_member.c", 179 "$LIBSELINUX_ROOT_DIR/src/context.c", 180 "$LIBSELINUX_ROOT_DIR/src/deny_unknown.c", 181 "$LIBSELINUX_ROOT_DIR/src/disable.c", 182 "$LIBSELINUX_ROOT_DIR/src/enabled.c", 183 "$LIBSELINUX_ROOT_DIR/src/fgetfilecon.c", 184 "$LIBSELINUX_ROOT_DIR/src/freecon.c", 185 "$LIBSELINUX_ROOT_DIR/src/fsetfilecon.c", 186 "$LIBSELINUX_ROOT_DIR/src/get_initial_context.c", 187 "$LIBSELINUX_ROOT_DIR/src/getenforce.c", 188 "$LIBSELINUX_ROOT_DIR/src/getfilecon.c", 189 "$LIBSELINUX_ROOT_DIR/src/getpeercon.c", 190 "$LIBSELINUX_ROOT_DIR/src/init.c", 191 "$LIBSELINUX_ROOT_DIR/src/is_customizable_type.c", 192 "$LIBSELINUX_ROOT_DIR/src/label.c", 193 "$LIBSELINUX_ROOT_DIR/src/label_backends_android.c", 194 "$LIBSELINUX_ROOT_DIR/src/label_db.c", 195 "$LIBSELINUX_ROOT_DIR/src/label_file.c", 196 "$LIBSELINUX_ROOT_DIR/src/label_media.c", 197 "$LIBSELINUX_ROOT_DIR/src/label_support.c", 198 "$LIBSELINUX_ROOT_DIR/src/label_x.c", 199 "$LIBSELINUX_ROOT_DIR/src/lgetfilecon.c", 200 "$LIBSELINUX_ROOT_DIR/src/load_policy.c", 201 "$LIBSELINUX_ROOT_DIR/src/lsetfilecon.c", 202 "$LIBSELINUX_ROOT_DIR/src/mapping.c", 203 "$LIBSELINUX_ROOT_DIR/src/matchpathcon.c", 204 "$LIBSELINUX_ROOT_DIR/src/policyvers.c", 205 "$LIBSELINUX_ROOT_DIR/src/procattr.c", 206 "$LIBSELINUX_ROOT_DIR/src/regex.c", 207 "$LIBSELINUX_ROOT_DIR/src/reject_unknown.c", 208 "$LIBSELINUX_ROOT_DIR/src/selinux_config.c", 209 "$LIBSELINUX_ROOT_DIR/src/selinux_restorecon.c", 210 "$LIBSELINUX_ROOT_DIR/src/sestatus.c", 211 "$LIBSELINUX_ROOT_DIR/src/setenforce.c", 212 "$LIBSELINUX_ROOT_DIR/src/setfilecon.c", 213 "$LIBSELINUX_ROOT_DIR/src/setrans_client.c", 214 "$LIBSELINUX_ROOT_DIR/src/seusers.c", 215 "$LIBSELINUX_ROOT_DIR/src/sha1.c", 216 "$LIBSELINUX_ROOT_DIR/src/stringrep.c", 217 ] 218 219 if (current_toolchain == host_toolchain) { 220 # host build 221 sources += [ "$LIBSELINUX_ROOT_DIR/src/selinux_internal.c" ] 222 } 223 224 include_dirs = [ 225 "$LIBSELINUX_ROOT_DIR/include", 226 "$LIBPCRE2_ROOT_DIR/pcre2/src", 227 "$LIBFTS_ROOT_DIR/", 228 "$LIBSEPOL_ROOT_DIR/include", 229 ] 230 231 configs = [ ":third_party_selinux_nolto_config" ] 232 233 public_configs = [ ":third_party_selinux_config" ] 234 235 cflags = [ 236 "-DOHOS_FC_INIT", 237 "-D_GNU_SOURCE", 238 "-w", 239 "-DSHARED", 240 "-DUSE_PCRE2", 241 "-U__BIONIC__", 242 "-DAUDITD_LOG_TAG=1003", 243 "-DPCRE2_CODE_UNIT_WIDTH=8", 244 ] 245 deps = [ "$LIBPCRE2_ROOT_DIR:libpcre2" ] 246 install_enable = true 247 install_images = [ 248 "system", 249 "ramdisk", 250 "updater", 251 ] 252 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 253 innerapi_tags = [ 254 "platformsdk_indirect", 255 "chipsetsdk_indirect", 256 ] 257 part_name = "selinux" 258 subsystem_name = "thirdparty" 259} 260 261ohos_executable("setenforce") { 262 install_enable = true 263 sources = [ "$LIBSELINUX_ROOT_DIR/utils/setenforce.c" ] 264 deps = [ ":libselinux" ] 265 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 266 267 cflags = [ 268 "-D_GNU_SOURCE", 269 "-w", 270 ] 271 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 272 part_name = "selinux" 273 subsystem_name = "thirdparty" 274 install_images = [ 275 "system", 276 "updater", 277 ] 278} 279 280ohos_executable("getenforce") { 281 install_enable = true 282 sources = [ "$LIBSELINUX_ROOT_DIR/utils/getenforce.c" ] 283 deps = [ ":libselinux" ] 284 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 285 cflags = [ 286 "-D_GNU_SOURCE", 287 "-w", 288 ] 289 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 290 part_name = "selinux" 291 subsystem_name = "thirdparty" 292 install_images = [ 293 "system", 294 "updater", 295 ] 296} 297 298ohos_executable("getfilecon") { 299 install_enable = true 300 sources = [ "$LIBSELINUX_ROOT_DIR/utils/getfilecon.c" ] 301 deps = [ ":libselinux" ] 302 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 303 cflags = [ 304 "-D_GNU_SOURCE", 305 "-w", 306 ] 307 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 308 part_name = "selinux" 309 subsystem_name = "thirdparty" 310 install_images = [ 311 "system", 312 "updater", 313 ] 314} 315 316ohos_executable("setfilecon") { 317 install_enable = true 318 sources = [ "$LIBSELINUX_ROOT_DIR/utils/setfilecon.c" ] 319 deps = [ ":libselinux" ] 320 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 321 cflags = [ 322 "-D_GNU_SOURCE", 323 "-w", 324 ] 325 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 326 part_name = "selinux" 327 subsystem_name = "thirdparty" 328 install_images = [ 329 "system", 330 "updater", 331 ] 332} 333 334ohos_executable("selinuxexeccon") { 335 install_enable = true 336 sources = [ "$LIBSELINUX_ROOT_DIR/utils/selinuxexeccon.c" ] 337 deps = [ ":libselinux" ] 338 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 339 cflags = [ 340 "-D_GNU_SOURCE", 341 "-w", 342 ] 343 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 344 part_name = "selinux" 345 subsystem_name = "thirdparty" 346 install_images = [ 347 "system", 348 "updater", 349 ] 350} 351 352ohos_executable("selinux_check_access") { 353 install_enable = true 354 sources = [ "$LIBSELINUX_ROOT_DIR/utils/selinux_check_access.c" ] 355 deps = [ ":libselinux" ] 356 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 357 cflags = [ 358 "-D_GNU_SOURCE", 359 "-w", 360 ] 361 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 362 part_name = "selinux" 363 subsystem_name = "thirdparty" 364 install_images = [ 365 "system", 366 "updater", 367 ] 368} 369 370ohos_executable("getpidcon") { 371 install_enable = true 372 sources = [ "$LIBSELINUX_ROOT_DIR/utils/getpidcon.c" ] 373 deps = [ ":libselinux" ] 374 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 375 cflags = [ 376 "-D_GNU_SOURCE", 377 "-w", 378 ] 379 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 380 part_name = "selinux" 381 subsystem_name = "thirdparty" 382 install_images = [ 383 "system", 384 "updater", 385 ] 386} 387 388ohos_executable("checkpolicy") { 389 md5_check_script = rebase_path("//third_party/selinux/check_md5.sh") 390 _arguments = [ 391 rebase_path("checkpolicy/y.tab.c"), 392 rebase_path("checkpolicy/policy_parse.y"), 393 rebase_path("checkpolicy/y.tab.md5"), 394 ] 395 result = exec_script(md5_check_script, _arguments, "string") 396 if (result != "") { 397 exec_script("/usr/bin/bison", 398 [ 399 "-y", 400 "-d", 401 rebase_path("checkpolicy/policy_parse.y"), 402 "-o", 403 rebase_path("checkpolicy/y.tab.c"), 404 ], 405 "") 406 } 407 _arguments = [] 408 _arguments = [ 409 rebase_path("checkpolicy/policy_scan.c"), 410 rebase_path("checkpolicy/policy_scan.l"), 411 rebase_path("checkpolicy/policy_scan.md5"), 412 ] 413 result = exec_script(md5_check_script, _arguments, "string") 414 if (result != "") { 415 exec_script("/usr/bin/flex", 416 [ 417 "-o", 418 rebase_path("checkpolicy/policy_scan.c"), 419 rebase_path("checkpolicy/policy_scan.l"), 420 ], 421 "") 422 } 423 install_enable = true 424 sources = [ 425 "$CHECKPOLICY_ROOT_DIR/checkpolicy.c", 426 "$CHECKPOLICY_ROOT_DIR/module_compiler.c", 427 "$CHECKPOLICY_ROOT_DIR/parse_util.c", 428 "$CHECKPOLICY_ROOT_DIR/policy_define.c", 429 "$CHECKPOLICY_ROOT_DIR/policy_scan.c", 430 "$CHECKPOLICY_ROOT_DIR/queue.c", 431 "$CHECKPOLICY_ROOT_DIR/y.tab.c", 432 ] 433 deps = [ ":libsepol" ] 434 include_dirs = [ 435 "$LIBSEPOL_ROOT_DIR/cil/include", 436 "$LIBSEPOL_ROOT_DIR/include", 437 "$CHECKPOLICY_ROOT_DIR", 438 ] 439 cflags = [ 440 "-Wall", 441 "-Werror", 442 "-Wshadow", 443 ] 444 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 445 part_name = "selinux" 446 subsystem_name = "thirdparty" 447} 448 449ohos_executable("secilc") { 450 install_enable = true 451 sources = [ "$SECILC_ROOT_DIR/secilc.c" ] 452 deps = [ ":libsepol" ] 453 include_dirs = [ 454 "$LIBSEPOL_ROOT_DIR/cil/include", 455 "$LIBSEPOL_ROOT_DIR/include", 456 ] 457 cflags = [ 458 "-Wall", 459 "-Werror", 460 "-Wshadow", 461 ] 462 license_file = "$LIBSEPOL_ROOT_DIR/LICENSE" 463 part_name = "selinux" 464 subsystem_name = "thirdparty" 465} 466 467ohos_executable("sefcontext_compile") { 468 install_enable = true 469 sources = [ "$LIBSELINUX_ROOT_DIR/utils/sefcontext_compile.c" ] 470 deps = [ 471 ":libselinux", 472 ":libsepol", 473 "$LIBPCRE2_ROOT_DIR:libpcre2", 474 ] 475 include_dirs = [ 476 "$LIBSELINUX_ROOT_DIR/include", 477 "$LIBPCRE2_ROOT_DIR/pcre2/src", 478 "$LIBSEPOL_ROOT_DIR/include", 479 ] 480 cflags = [ 481 "-D_GNU_SOURCE", 482 "-DUSE_PCRE2", 483 "-DPCRE2_CODE_UNIT_WIDTH=8", 484 "-w", 485 ] 486 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 487 part_name = "selinux" 488 subsystem_name = "thirdparty" 489} 490