Add CTS infrastructure to run python sepolicy tests
And add first python test: TestDataTypeViolators. This tests verifies that
all files in /data have the date_file_type attribute, which is used
in various neverallow tests.
The python tests are compiled using the embedded launcher, which
creates a self-contained test+python executable, removing the need
for python to be installed on the host.
Two native host libraries are required. The python embedded launcher
needs libc++ which is packaged as a java resource, and pointed to using
the LD_LIBRARY_PATH in the execution environment. The tests require
libsepol which is statically linking to a shim library called
libsepolwrap. The path to this shim library is passed into the python
executable and opened using dlopen().
In addition to caching per-device policy files, also cache
per-device plat/nonplat file_contexts files. These files are used
in a number of tests, and will be used in all python tests so pulling
them off the device multiple times wastes time.
Bug: 37008075
Test: cts-tradefed run cts -m CtsSecurityHostTestCases -t \
android.security.cts.SELinuxHostTest
Change-Id: I35c79d7bc662fc00b353e7d590672613748ee783
2 files changed