1# Copyright (c) 2021 北京万里红科技有限公司 2# Copyright(c) Huawei Technologies Co.,Ltd. 3# 2020-2021.All rights reserved. 4# Copyright(c)2016,Google inc. 5# 6# Permission to use,copy,modify,and/or distribute this software for any 7# purpose with or without fee is hereby granted,provided that the above 8# copyright notice and this permission notice appear in all copies. 9# 10 11import("//build/ohos.gni") 12 13LIBSEPOL_ROOT_DIR = "//third_party/selinux/libsepol" 14LIBSELINUX_ROOT_DIR = "//third_party/selinux/libselinux" 15CHECKPOLICY_ROOT_DIR = "//third_party/selinux/checkpolicy" 16SECILC_ROOT_DIR = "//third_party/selinux/secilc" 17 18config("third_party_selinux_config") { 19 include_dirs = [ 20 "$LIBSELINUX_ROOT_DIR/include", 21 "$LIBSELINUX_ROOT_DIR", 22 ] 23} 24 25config("third_party_selinux_nolto_config") { 26 if (use_libfuzzer && !is_mac) { 27 cflags = [] 28 } else { 29 cflags = [ 30 "-fno-emulated-tls", 31 "-fno-lto", 32 "-fno-whole-program-vtables", 33 ] 34 } 35} 36 37ohos_shared_library("libsepol") { 38 md5_check_script = rebase_path("//third_party/selinux/check_md5.sh") 39 _arguments = [ 40 rebase_path("libsepol/cil/src/cil_lexer.c"), 41 rebase_path("libsepol/cil/src/cil_lexer.l"), 42 rebase_path("libsepol/cil/src/cil_lexer.md5"), 43 ] 44 result = exec_script(md5_check_script, _arguments, "string") 45 if (result != "") { 46 exec_script("/usr/bin/flex", 47 [ 48 "-o", 49 rebase_path("libsepol/cil/src/cil_lexer.c"), 50 rebase_path("libsepol/cil/src/cil_lexer.l"), 51 ], 52 "") 53 } 54 55 output_name = "libsepol" 56 version_script = "libsepol.map" 57 sources = [ 58 "$LIBSEPOL_ROOT_DIR/cil/src/cil.c", 59 "$LIBSEPOL_ROOT_DIR/cil/src/cil_binary.c", 60 "$LIBSEPOL_ROOT_DIR/cil/src/cil_build_ast.c", 61 "$LIBSEPOL_ROOT_DIR/cil/src/cil_copy_ast.c", 62 "$LIBSEPOL_ROOT_DIR/cil/src/cil_find.c", 63 "$LIBSEPOL_ROOT_DIR/cil/src/cil_fqn.c", 64 "$LIBSEPOL_ROOT_DIR/cil/src/cil_lexer.c", 65 "$LIBSEPOL_ROOT_DIR/cil/src/cil_list.c", 66 "$LIBSEPOL_ROOT_DIR/cil/src/cil_log.c", 67 "$LIBSEPOL_ROOT_DIR/cil/src/cil_mem.c", 68 "$LIBSEPOL_ROOT_DIR/cil/src/cil_parser.c", 69 "$LIBSEPOL_ROOT_DIR/cil/src/cil_policy.c", 70 "$LIBSEPOL_ROOT_DIR/cil/src/cil_post.c", 71 "$LIBSEPOL_ROOT_DIR/cil/src/cil_reset_ast.c", 72 "$LIBSEPOL_ROOT_DIR/cil/src/cil_resolve_ast.c", 73 "$LIBSEPOL_ROOT_DIR/cil/src/cil_stack.c", 74 "$LIBSEPOL_ROOT_DIR/cil/src/cil_strpool.c", 75 "$LIBSEPOL_ROOT_DIR/cil/src/cil_symtab.c", 76 "$LIBSEPOL_ROOT_DIR/cil/src/cil_tree.c", 77 "$LIBSEPOL_ROOT_DIR/cil/src/cil_verify.c", 78 "$LIBSEPOL_ROOT_DIR/cil/src/cil_write_ast.c", 79 "$LIBSEPOL_ROOT_DIR/src/assertion.c", 80 "$LIBSEPOL_ROOT_DIR/src/avrule_block.c", 81 "$LIBSEPOL_ROOT_DIR/src/avtab.c", 82 "$LIBSEPOL_ROOT_DIR/src/boolean_record.c", 83 "$LIBSEPOL_ROOT_DIR/src/booleans.c", 84 "$LIBSEPOL_ROOT_DIR/src/conditional.c", 85 "$LIBSEPOL_ROOT_DIR/src/constraint.c", 86 "$LIBSEPOL_ROOT_DIR/src/context.c", 87 "$LIBSEPOL_ROOT_DIR/src/context_record.c", 88 "$LIBSEPOL_ROOT_DIR/src/debug.c", 89 "$LIBSEPOL_ROOT_DIR/src/ebitmap.c", 90 "$LIBSEPOL_ROOT_DIR/src/expand.c", 91 "$LIBSEPOL_ROOT_DIR/src/handle.c", 92 "$LIBSEPOL_ROOT_DIR/src/hashtab.c", 93 "$LIBSEPOL_ROOT_DIR/src/hierarchy.c", 94 "$LIBSEPOL_ROOT_DIR/src/ibendport_record.c", 95 "$LIBSEPOL_ROOT_DIR/src/ibendports.c", 96 "$LIBSEPOL_ROOT_DIR/src/ibpkey_record.c", 97 "$LIBSEPOL_ROOT_DIR/src/ibpkeys.c", 98 "$LIBSEPOL_ROOT_DIR/src/iface_record.c", 99 "$LIBSEPOL_ROOT_DIR/src/interfaces.c", 100 "$LIBSEPOL_ROOT_DIR/src/kernel_to_cil.c", 101 "$LIBSEPOL_ROOT_DIR/src/kernel_to_common.c", 102 "$LIBSEPOL_ROOT_DIR/src/kernel_to_conf.c", 103 "$LIBSEPOL_ROOT_DIR/src/link.c", 104 "$LIBSEPOL_ROOT_DIR/src/mls.c", 105 "$LIBSEPOL_ROOT_DIR/src/module.c", 106 "$LIBSEPOL_ROOT_DIR/src/module_to_cil.c", 107 "$LIBSEPOL_ROOT_DIR/src/node_record.c", 108 "$LIBSEPOL_ROOT_DIR/src/nodes.c", 109 "$LIBSEPOL_ROOT_DIR/src/optimize.c", 110 "$LIBSEPOL_ROOT_DIR/src/polcaps.c", 111 "$LIBSEPOL_ROOT_DIR/src/policydb.c", 112 "$LIBSEPOL_ROOT_DIR/src/policydb_convert.c", 113 "$LIBSEPOL_ROOT_DIR/src/policydb_public.c", 114 "$LIBSEPOL_ROOT_DIR/src/policydb_validate.c", 115 "$LIBSEPOL_ROOT_DIR/src/port_record.c", 116 "$LIBSEPOL_ROOT_DIR/src/ports.c", 117 "$LIBSEPOL_ROOT_DIR/src/services.c", 118 "$LIBSEPOL_ROOT_DIR/src/sidtab.c", 119 "$LIBSEPOL_ROOT_DIR/src/symtab.c", 120 "$LIBSEPOL_ROOT_DIR/src/user_record.c", 121 "$LIBSEPOL_ROOT_DIR/src/users.c", 122 "$LIBSEPOL_ROOT_DIR/src/util.c", 123 "$LIBSEPOL_ROOT_DIR/src/write.c", 124 ] 125 include_dirs = [ 126 "$LIBSEPOL_ROOT_DIR/cil/include", 127 "$LIBSEPOL_ROOT_DIR/include", 128 ] 129 cflags = [ 130 "-D_GNU_SOURCE", 131 "-DHAVE_REALLOCARRAY", 132 "-w", 133 ] 134 install_enable = true 135 install_images = [ 136 "system", 137 "ramdisk", 138 "updater", 139 ] 140 license_file = "$LIBSEPOL_ROOT_DIR/LICENSE" 141 part_name = "selinux" 142 subsystem_name = "thirdparty" 143} 144 145ohos_executable("chkcon") { 146 install_enable = true 147 sources = [ "$LIBSEPOL_ROOT_DIR/utils/chkcon.c" ] 148 deps = [ ":libsepol" ] 149 include_dirs = [ "$LIBSEPOL_ROOT_DIR/include" ] 150 cflags = [ 151 "-D_GNU_SOURCE", 152 "-w", 153 ] 154 license_file = "$LIBSEPOL_ROOT_DIR/LICENSE" 155 part_name = "selinux" 156 subsystem_name = "thirdparty" 157} 158 159ohos_shared_library("libselinux") { 160 output_name = "libselinux" 161 162 sources = [ 163 "$LIBSELINUX_ROOT_DIR/src/avc.c", 164 "$LIBSELINUX_ROOT_DIR/src/avc_internal.c", 165 "$LIBSELINUX_ROOT_DIR/src/avc_sidtab.c", 166 "$LIBSELINUX_ROOT_DIR/src/booleans.c", 167 "$LIBSELINUX_ROOT_DIR/src/callbacks.c", 168 "$LIBSELINUX_ROOT_DIR/src/canonicalize_context.c", 169 "$LIBSELINUX_ROOT_DIR/src/checkAccess.c", 170 "$LIBSELINUX_ROOT_DIR/src/check_context.c", 171 "$LIBSELINUX_ROOT_DIR/src/compute_av.c", 172 "$LIBSELINUX_ROOT_DIR/src/compute_create.c", 173 "$LIBSELINUX_ROOT_DIR/src/compute_member.c", 174 "$LIBSELINUX_ROOT_DIR/src/context.c", 175 "$LIBSELINUX_ROOT_DIR/src/deny_unknown.c", 176 "$LIBSELINUX_ROOT_DIR/src/disable.c", 177 "$LIBSELINUX_ROOT_DIR/src/enabled.c", 178 "$LIBSELINUX_ROOT_DIR/src/fgetfilecon.c", 179 "$LIBSELINUX_ROOT_DIR/src/freecon.c", 180 "$LIBSELINUX_ROOT_DIR/src/fsetfilecon.c", 181 "$LIBSELINUX_ROOT_DIR/src/get_initial_context.c", 182 "$LIBSELINUX_ROOT_DIR/src/getenforce.c", 183 "$LIBSELINUX_ROOT_DIR/src/getfilecon.c", 184 "$LIBSELINUX_ROOT_DIR/src/getpeercon.c", 185 "$LIBSELINUX_ROOT_DIR/src/ignore_path.c", 186 "$LIBSELINUX_ROOT_DIR/src/init.c", 187 "$LIBSELINUX_ROOT_DIR/src/is_customizable_type.c", 188 "$LIBSELINUX_ROOT_DIR/src/label.c", 189 "$LIBSELINUX_ROOT_DIR/src/label_backends_android.c", 190 "$LIBSELINUX_ROOT_DIR/src/label_db.c", 191 "$LIBSELINUX_ROOT_DIR/src/label_file.c", 192 "$LIBSELINUX_ROOT_DIR/src/label_media.c", 193 "$LIBSELINUX_ROOT_DIR/src/label_support.c", 194 "$LIBSELINUX_ROOT_DIR/src/label_x.c", 195 "$LIBSELINUX_ROOT_DIR/src/lgetfilecon.c", 196 "$LIBSELINUX_ROOT_DIR/src/load_policy.c", 197 "$LIBSELINUX_ROOT_DIR/src/lsetfilecon.c", 198 "$LIBSELINUX_ROOT_DIR/src/mapping.c", 199 "$LIBSELINUX_ROOT_DIR/src/matchpathcon.c", 200 "$LIBSELINUX_ROOT_DIR/src/policyvers.c", 201 "$LIBSELINUX_ROOT_DIR/src/procattr.c", 202 "$LIBSELINUX_ROOT_DIR/src/regex.c", 203 "$LIBSELINUX_ROOT_DIR/src/reject_unknown.c", 204 "$LIBSELINUX_ROOT_DIR/src/selinux_config.c", 205 "$LIBSELINUX_ROOT_DIR/src/selinux_restorecon.c", 206 "$LIBSELINUX_ROOT_DIR/src/sestatus.c", 207 "$LIBSELINUX_ROOT_DIR/src/setenforce.c", 208 "$LIBSELINUX_ROOT_DIR/src/setfilecon.c", 209 "$LIBSELINUX_ROOT_DIR/src/setrans_client.c", 210 "$LIBSELINUX_ROOT_DIR/src/seusers.c", 211 "$LIBSELINUX_ROOT_DIR/src/sha1.c", 212 "$LIBSELINUX_ROOT_DIR/src/stringrep.c", 213 ] 214 215 if (current_toolchain == host_toolchain) { 216 # host build 217 sources += [ "$LIBSELINUX_ROOT_DIR/src/selinux_internal.c" ] 218 } 219 220 include_dirs = [ 221 "$LIBSELINUX_ROOT_DIR/include", 222 "$LIBSEPOL_ROOT_DIR/include", 223 ] 224 225 configs = [ ":third_party_selinux_nolto_config" ] 226 227 public_configs = [ ":third_party_selinux_config" ] 228 229 cflags = [ 230 "-DOHOS_FC_INIT", 231 "-D_GNU_SOURCE", 232 "-w", 233 "-DSHARED", 234 "-DUSE_PCRE2", 235 "-U__BIONIC__", 236 "-DAUDITD_LOG_TAG=1003", 237 "-DPCRE2_CODE_UNIT_WIDTH=8", 238 ] 239 external_deps = [ "pcre2:libpcre2" ] 240 public_external_deps = [ "FreeBSD:libfreebsd_static" ] 241 install_enable = true 242 install_images = [ 243 "system", 244 "ramdisk", 245 "updater", 246 ] 247 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 248 innerapi_tags = [ 249 "platformsdk_indirect", 250 "chipsetsdk_indirect", 251 ] 252 part_name = "selinux" 253 subsystem_name = "thirdparty" 254} 255 256ohos_executable("setenforce") { 257 install_enable = true 258 sources = [ "$LIBSELINUX_ROOT_DIR/utils/setenforce.c" ] 259 deps = [ ":libselinux" ] 260 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 261 262 cflags = [ 263 "-D_GNU_SOURCE", 264 "-w", 265 ] 266 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 267 part_name = "selinux" 268 subsystem_name = "thirdparty" 269 install_images = [ 270 "system", 271 "updater", 272 ] 273} 274 275ohos_executable("getenforce") { 276 install_enable = true 277 sources = [ "$LIBSELINUX_ROOT_DIR/utils/getenforce.c" ] 278 deps = [ ":libselinux" ] 279 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 280 cflags = [ 281 "-D_GNU_SOURCE", 282 "-w", 283 ] 284 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 285 part_name = "selinux" 286 subsystem_name = "thirdparty" 287 install_images = [ 288 "system", 289 "updater", 290 ] 291} 292 293ohos_executable("getfilecon") { 294 install_enable = true 295 sources = [ "$LIBSELINUX_ROOT_DIR/utils/getfilecon.c" ] 296 deps = [ ":libselinux" ] 297 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 298 cflags = [ 299 "-D_GNU_SOURCE", 300 "-w", 301 ] 302 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 303 part_name = "selinux" 304 subsystem_name = "thirdparty" 305 install_images = [ 306 "system", 307 "updater", 308 ] 309} 310 311ohos_executable("setfilecon") { 312 install_enable = true 313 sources = [ "$LIBSELINUX_ROOT_DIR/utils/setfilecon.c" ] 314 deps = [ ":libselinux" ] 315 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 316 cflags = [ 317 "-D_GNU_SOURCE", 318 "-w", 319 ] 320 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 321 part_name = "selinux" 322 subsystem_name = "thirdparty" 323 install_images = [ 324 "system", 325 "updater", 326 ] 327} 328 329ohos_executable("selinuxexeccon") { 330 install_enable = true 331 sources = [ "$LIBSELINUX_ROOT_DIR/utils/selinuxexeccon.c" ] 332 deps = [ ":libselinux" ] 333 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 334 cflags = [ 335 "-D_GNU_SOURCE", 336 "-w", 337 ] 338 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 339 part_name = "selinux" 340 subsystem_name = "thirdparty" 341 install_images = [ 342 "system", 343 "updater", 344 ] 345} 346 347ohos_executable("selinux_check_access") { 348 install_enable = true 349 sources = [ "$LIBSELINUX_ROOT_DIR/utils/selinux_check_access.c" ] 350 deps = [ ":libselinux" ] 351 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 352 cflags = [ 353 "-D_GNU_SOURCE", 354 "-w", 355 ] 356 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 357 part_name = "selinux" 358 subsystem_name = "thirdparty" 359 install_images = [ 360 "system", 361 "updater", 362 ] 363} 364 365ohos_executable("getpidcon") { 366 install_enable = true 367 sources = [ "$LIBSELINUX_ROOT_DIR/utils/getpidcon.c" ] 368 deps = [ ":libselinux" ] 369 include_dirs = [ "$LIBSELINUX_ROOT_DIR/include" ] 370 cflags = [ 371 "-D_GNU_SOURCE", 372 "-w", 373 ] 374 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 375 part_name = "selinux" 376 subsystem_name = "thirdparty" 377 install_images = [ 378 "system", 379 "updater", 380 ] 381} 382 383ohos_executable("checkpolicy") { 384 md5_check_script = rebase_path("//third_party/selinux/check_md5.sh") 385 _arguments = [ 386 rebase_path("checkpolicy/y.tab.c"), 387 rebase_path("checkpolicy/policy_parse.y"), 388 rebase_path("checkpolicy/y.tab.md5"), 389 ] 390 result = exec_script(md5_check_script, _arguments, "string") 391 if (result != "") { 392 exec_script("/usr/bin/bison", 393 [ 394 "-y", 395 "-d", 396 rebase_path("checkpolicy/policy_parse.y"), 397 "-o", 398 rebase_path("checkpolicy/y.tab.c"), 399 ], 400 "") 401 } 402 _arguments = [] 403 _arguments = [ 404 rebase_path("checkpolicy/policy_scan.c"), 405 rebase_path("checkpolicy/policy_scan.l"), 406 rebase_path("checkpolicy/policy_scan.md5"), 407 ] 408 result = exec_script(md5_check_script, _arguments, "string") 409 if (result != "") { 410 exec_script("/usr/bin/flex", 411 [ 412 "-o", 413 rebase_path("checkpolicy/policy_scan.c"), 414 rebase_path("checkpolicy/policy_scan.l"), 415 ], 416 "") 417 } 418 install_enable = true 419 sources = [ 420 "$CHECKPOLICY_ROOT_DIR/checkpolicy.c", 421 "$CHECKPOLICY_ROOT_DIR/module_compiler.c", 422 "$CHECKPOLICY_ROOT_DIR/parse_util.c", 423 "$CHECKPOLICY_ROOT_DIR/policy_define.c", 424 "$CHECKPOLICY_ROOT_DIR/policy_scan.c", 425 "$CHECKPOLICY_ROOT_DIR/queue.c", 426 "$CHECKPOLICY_ROOT_DIR/y.tab.c", 427 ] 428 deps = [ ":libsepol" ] 429 include_dirs = [ 430 "$LIBSEPOL_ROOT_DIR/cil/include", 431 "$LIBSEPOL_ROOT_DIR/include", 432 "$CHECKPOLICY_ROOT_DIR", 433 ] 434 cflags = [ 435 "-Wall", 436 "-Werror", 437 "-Wshadow", 438 ] 439 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 440 part_name = "selinux" 441 subsystem_name = "thirdparty" 442} 443 444ohos_executable("secilc") { 445 install_enable = true 446 sources = [ "$SECILC_ROOT_DIR/secilc.c" ] 447 deps = [ ":libsepol" ] 448 include_dirs = [ 449 "$LIBSEPOL_ROOT_DIR/cil/include", 450 "$LIBSEPOL_ROOT_DIR/include", 451 ] 452 cflags = [ 453 "-Wall", 454 "-Werror", 455 "-Wshadow", 456 ] 457 license_file = "$LIBSEPOL_ROOT_DIR/LICENSE" 458 part_name = "selinux" 459 subsystem_name = "thirdparty" 460} 461 462ohos_executable("sefcontext_compile") { 463 install_enable = true 464 sources = [ "$LIBSELINUX_ROOT_DIR/utils/sefcontext_compile.c" ] 465 deps = [ 466 ":libselinux", 467 ":libsepol", 468 ] 469 external_deps = [ "pcre2:libpcre2" ] 470 include_dirs = [ 471 "$LIBSELINUX_ROOT_DIR/include", 472 "$LIBSEPOL_ROOT_DIR/include", 473 ] 474 cflags = [ 475 "-D_GNU_SOURCE", 476 "-DUSE_PCRE2", 477 "-DPCRE2_CODE_UNIT_WIDTH=8", 478 "-w", 479 ] 480 license_file = "$LIBSELINUX_ROOT_DIR/LICENSE" 481 part_name = "selinux" 482 subsystem_name = "thirdparty" 483} 484