libsepol, secilc: Fix build for Android

The Android build does not like the symbol versioning introduced by commit 8147bc7; the build fails with: host SharedLib: libsepol (out/host/linux-x86/obj/lib/libsepol.so) prebuilts/gcc/linux-x86/host/x86_64-linux-glibc2.15-4.8//x86_64-linux/bin/ld: error: symbol cil_build_policydb has undefined version prebuilts/gcc/linux-x86/host/x86_64-linux-glibc2.15-4.8//x86_64-linux/bin/ld: error: symbol cil_build_policydb has undefined version LIBSEPOL_1.1 clang: error: linker command failed with exit code 1 (use -v to see invocation) Omit the versioned symbols and simply use the current interfaces when building on Android. Commit 36f62b7 also broke the Android build by moving secilc out of libsepol, because the libsepol headers were not installed by the Android.mk file. Export the required libsepol headers for use by secilc and adjust secilc to pick them up from the right location on Android. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2025-02-27 15:00:39 +00:00 · 2015-04-02 11:58:05 -04:00 · 2015-04-02 11:58:05 -04:00 · cacf51cef0
commit cacf51cef0
parent c0064fb732
4 changed files with 38 additions and 2 deletions
--- a/libsepol/Android.mk
+++ b/libsepol/Android.mk
@ -90,6 +90,8 @@ include $(CLEAR_VARS)

 LOCAL_MODULE := libsepol
 LOCAL_MODULE_TAGS := optional
+LOCAL_COPY_HEADERS_TO := sepol
+LOCAL_COPY_HEADERS := include/sepol/handle.h include/sepol/policydb.h cil/include/cil/cil.h
 LOCAL_C_INCLUDES := $(common_includes) 
 LOCAL_CFLAGS := $(yacc_flags) $(common_cflags)
 LOCAL_SRC_FILES := $(common_src_files) $(cil_src_files)
--- a/libsepol/cil/src/cil.c
+++ b/libsepol/cil/src/cil.c
@ -51,6 +51,7 @@
 #include "cil_policy.h"
 #include "cil_strpool.h"

+#ifndef ANDROID
 asm(".symver cil_build_policydb_pdb,        cil_build_policydb@");
 asm(".symver cil_build_policydb_create_pdb, cil_build_policydb@@LIBSEPOL_1.1");

@ -65,6 +66,7 @@ asm(".symver cil_selinuxusers_to_string_nopdb, cil_selinuxusers_to_string@@LIBSE

 asm(".symver cil_filecons_to_string_pdb,   cil_filecons_to_string@");
 asm(".symver cil_filecons_to_string_nopdb, cil_filecons_to_string@@LIBSEPOL_1.1");
+#endif

 int cil_sym_sizes[CIL_SYM_ARRAY_NUM][CIL_SYM_NUM] = {
 	{64, 64, 64, 1 << 13, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64},
@ -352,7 +354,11 @@ exit:
 	return rc;
 }

+#ifdef ANDROID
+int cil_compile(struct cil_db *db)
+#else
 int cil_compile_nopdb(struct cil_db *db)
+#endif
 {
 	int rc = SEPOL_ERR;

@ -396,6 +402,7 @@ exit:
 	return rc;
 }

+#ifndef ANDROID
 int cil_compile_pdb(struct cil_db *db, __attribute__((unused)) sepol_policydb_t *sepol_db)
 {
 	return cil_compile_nopdb(db);
@ -415,8 +422,13 @@ int cil_build_policydb_pdb(cil_db_t *db, sepol_policydb_t *sepol_db)
 exit:
 	return rc;
 }
+#endif

+#ifdef ANDROID
+int cil_build_policydb(cil_db_t *db, sepol_policydb_t **sepol_db)
+#else
 int cil_build_policydb_create_pdb(cil_db_t *db, sepol_policydb_t **sepol_db)
+#endif
 {
 	int rc;

@ -1104,7 +1116,11 @@ const char * cil_node_to_string(struct cil_tree_node *node)
 	return "<unknown>";
 }

+#ifdef ANDROID
+int cil_userprefixes_to_string(struct cil_db *db, char **out, size_t *size)
+#else
 int cil_userprefixes_to_string_nopdb(struct cil_db *db, char **out, size_t *size)
+#endif
 {
 	int rc = SEPOL_ERR;
 	size_t str_len = 0;
@ -1149,10 +1165,12 @@ exit:

 }

+#ifndef ANDROID
 int cil_userprefixes_to_string_pdb(struct cil_db *db, __attribute__((unused)) sepol_policydb_t *sepol_db, char **out, size_t *size)
 {
 	return cil_userprefixes_to_string_nopdb(db, out, size);
 }
+#endif

 static int cil_cats_to_ebitmap(struct cil_cats *cats, struct ebitmap* cats_ebitmap)
 {
@ -1339,7 +1357,11 @@ static int __cil_level_to_string(struct cil_level *lvl, char *out)
 	return str_tmp - out;
 }

+#ifdef ANDROID
+int cil_selinuxusers_to_string(struct cil_db *db, char **out, size_t *size)
+#else
 int cil_selinuxusers_to_string_nopdb(struct cil_db *db, char **out, size_t *size)
+#endif
 {
 	size_t str_len = 0;
 	int buf_pos = 0;
@ -1396,12 +1418,18 @@ int cil_selinuxusers_to_string_nopdb(struct cil_db *db, char **out, size_t *size
 	return SEPOL_OK;
 }

+#ifndef ANDROID
 int cil_selinuxusers_to_string_pdb(struct cil_db *db, __attribute__((unused)) sepol_policydb_t *sepol_db, char **out, size_t *size)
 {
 	return cil_selinuxusers_to_string_nopdb(db, out, size);
 }
+#endif

+#ifdef ANDROID
+int cil_filecons_to_string(struct cil_db *db, char **out, size_t *size)
+#else
 int cil_filecons_to_string_nopdb(struct cil_db *db, char **out, size_t *size)
+#endif
 {
 	uint32_t i = 0;
 	int buf_pos = 0;
@ -1519,10 +1547,12 @@ int cil_filecons_to_string_nopdb(struct cil_db *db, char **out, size_t *size)
 	return SEPOL_OK;
 }

+#ifndef ANDROID
 int cil_filecons_to_string_pdb(struct cil_db *db, __attribute__((unused)) sepol_policydb_t *sepol_db, char **out, size_t *size)
 {
 	return cil_filecons_to_string_nopdb(db, out, size);
 }
+#endif

 void cil_set_disable_dontaudit(struct cil_db *db, int disable_dontaudit)
 {
--- a/secilc/Android.mk
+++ b/secilc/Android.mk
@ -24,8 +24,8 @@ LOCAL_MODULE := secilc
 LOCAL_MODULE_TAGS := optional
 LOCAL_C_INCLUDES := $(common_includes)
 LOCAL_CFLAGS := $(common_cflags)
-LOCAL_SRC_FILES := ./secilc.c
-LOCAL_SHARED_LIRARIES := libsepol
+LOCAL_SRC_FILES := secilc.c
+LOCAL_SHARED_LIBRARIES := libsepol
 LOCAL_MODULE_CLASS := EXECUTABLES

 include $(BUILD_HOST_EXECUTABLE)
--- a/secilc/secilc.c
+++ b/secilc/secilc.c
@ -34,7 +34,11 @@
 #include <getopt.h>
 #include <sys/stat.h>

+#ifdef ANDROID
+#include <sepol/cil.h>
+#else
 #include <sepol/cil/cil.h>
+#endif
 #include <sepol/policydb.h>

 void usage(char *prog)