cf-host-package/policy_inliner.sh - platform/prebuilts/android-emulator-build/common - Git at Google

 #!/bin/bash
 # Copyright 2020 The Android Open Source Project
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.

 # THIS IS DEPRECATED.
 # The plan for policy_inliner.sh and the overall script:
 # 1. Wait for policy_inliner.sh to land in cuttlefish_vmm
 # 2. Re-link this file to the one in cuttlefish_vmm
 # 3. Make the overall script invokable from cuttlefish_vmm project

 function is_policy_file() {
   [[ "${1##*.}" == "policy" ]] && return 0
   return 1
 }

 function inline() {
   input="$1"
   output="$2"
   contents="$3"

   if ! [[ -f $contents ]]; then
     echo "the contents file in $0 is not a file or does not exist."
     exit 14
   fi

   # clean up the outfile
   cat /dev/null > $output
   while IFS= read -r line
   do
     if echo "$line" | egrep "@include[[:space:]]+/usr/share/policy/crosvm/common_device.policy" > /dev/null; then
       cat $contents | egrep "^[a-zA-Z0-9_-]+:" >> $output
       continue
     fi
     echo $line >> $output
   done < "$input"
 }

 need_help="false"

 #
 # -p for crosvm seccomp policy directory
 # -o for output directory where the processed policies land
 # -c for contents file
 #
 while getopts ":p:o:c:h" op; do
   case "$op" in
     p ) policy_dir=${OPTARG}
       ;;
     o ) output_dir=${OPTARG}
       ;;
     c ) contents_file=${OPTARG}
       ;;
     h ) need_help="true"
         ;;
     ? ) need_help="true"
         ;;
   esac
 done

 if [ $OPTIND -eq 1 ]; then
   need_help="true"
 fi

 function help_n_exit() {
   echo "must provide all the -o, -c, and -p options"
   echo "-p for crosvm seccomp policy directory"
   echo "-o for output directory where the processed policies land"
   echo "-c for contents file"
   exit 10
 }

 function rstrip_slash() {
   if  [[ "${1: -1}" != "/" ]] || [[ $1 == "/" ]]; then
     echo $1
   else
     echo "${1::-1}"
   fi
 }

 stripped_policy_dir=$(rstrip_slash $policy_dir)
 stripped_output_dir=$(rstrip_slash $output_dir)

 if [[ $need_help == "true" ]]; then
   help_n_exit
 fi

 for i in $(ls -1 $policy_dir); do
   if is_policy_file $i; then
     inline $stripped_policy_dir/$i $stripped_output_dir/$i $stripped_policy_dir/common_device.policy
   fi
 done
	#!/bin/bash
	# Copyright 2020 The Android Open Source Project
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	# THIS IS DEPRECATED.
	# The plan for policy_inliner.sh and the overall script:
	# 1. Wait for policy_inliner.sh to land in cuttlefish_vmm
	# 2. Re-link this file to the one in cuttlefish_vmm
	# 3. Make the overall script invokable from cuttlefish_vmm project

	function is_policy_file() {
	[[ "${1##*.}" == "policy" ]] && return 0
	return 1
	}

	function inline() {
	input="$1"
	output="$2"
	contents="$3"

	if ! [[ -f $contents ]]; then
	echo "the contents file in $0 is not a file or does not exist."
	exit 14
	fi

	# clean up the outfile
	cat /dev/null > $output
	while IFS= read -r line
	do
	if echo "$line" \| egrep "@include[[:space:]]+/usr/share/policy/crosvm/common_device.policy" > /dev/null; then
	cat $contents \| egrep "^[a-zA-Z0-9_-]+:" >> $output
	continue
	fi
	echo $line >> $output
	done < "$input"
	}

	need_help="false"

	#
	# -p for crosvm seccomp policy directory
	# -o for output directory where the processed policies land
	# -c for contents file
	#
	while getopts ":p:o:c:h" op; do
	case "$op" in
	p ) policy_dir=${OPTARG}
	;;
	o ) output_dir=${OPTARG}
	;;
	c ) contents_file=${OPTARG}
	;;
	h ) need_help="true"
	;;
	? ) need_help="true"
	;;
	esac
	done

	if [ $OPTIND -eq 1 ]; then
	need_help="true"
	fi

	function help_n_exit() {
	echo "must provide all the -o, -c, and -p options"
	echo "-p for crosvm seccomp policy directory"
	echo "-o for output directory where the processed policies land"
	echo "-c for contents file"
	exit 10
	}

	function rstrip_slash() {
	if [[ "${1: -1}" != "/" ]] \|\| [[ $1 == "/" ]]; then
	echo $1
	else
	echo "${1::-1}"
	fi
	}

	stripped_policy_dir=$(rstrip_slash $policy_dir)
	stripped_output_dir=$(rstrip_slash $output_dir)

	if [[ $need_help == "true" ]]; then
	help_n_exit
	fi

	for i in $(ls -1 $policy_dir); do
	if is_policy_file $i; then
	inline $stripped_policy_dir/$i $stripped_output_dir/$i $stripped_policy_dir/common_device.policy
	fi
	done