diff options
author | Matt Delco <delco@chromium.org> | 2020-02-07 17:12:47 -0800 |
---|---|---|
committer | Treehugger Robot <treehugger-gerrit@google.com> | 2020-02-12 15:59:49 +0000 |
commit | a12687bc602fe52f75c5a61b6d49f18bba909787 (patch) | |
tree | 7f5f73eff5fe1e21acb23c11efe67a6f4b9c84db | |
parent | 6123e5aea63e669b9df73f7fa287e27ad28db426 (diff) | |
download | platform_external_minijail-a12687bc602fe52f75c5a61b6d49f18bba909787.tar.gz platform_external_minijail-a12687bc602fe52f75c5a61b6d49f18bba909787.tar.bz2 platform_external_minijail-a12687bc602fe52f75c5a61b6d49f18bba909787.zip |
add support for python installer
The best I could come up with for allowing compile_seccomp_policy
to be an executable script installed via setup.py.
Originally I cooked up a trick where setup.py also had:
data_files=[('minijail', ['constants.json'])],
and compile_seccomp_policy.py used:
constants_file = 'constants.json'
if pkg_resources.resource_exists(__name__, constants_file):
constants_file = pkg_resources.resource_filename(__name__, constants_file)
so that a package can ship with a constants.json and auotmatically use
it. This works when installed as a 'dist-package' egg, but CrOS installs
as a 'site-package' where this trick don't work (constants.json ends up in
another location under /usr, not to mention being stored with a board) and it
complicates the dependency story for the Makefile so I punted.
For both 'dist-package' and 'site-package' the plain "import XXX" form doesn't work
for files located in the same directory (results in a ModuleNotFoundError error),
so I've added a "from minijail import XXX" fallback so new & original cases both
work okay.
Bug: None
Test: `make tests`. Ran 'python3 setup.py install --record files.txt'
and verified the stubs in /usr/local/bin could be used to launch the 3
scripts without import errors.
Change-Id: I61fe0b624960c89fd715c1c60213edc2b736ad1c
-rw-r--r-- | setup.py | 51 | ||||
-rw-r--r-- | tools/README.md | 6 | ||||
-rwxr-xr-x | tools/compile_seccomp_policy.py | 20 | ||||
-rw-r--r-- | tools/compiler.py | 8 | ||||
-rwxr-xr-x | tools/generate_constants_json.py | 6 | ||||
-rwxr-xr-x | tools/generate_seccomp_policy.py | 6 | ||||
-rw-r--r-- | tools/parser.py | 6 |
7 files changed, 87 insertions, 16 deletions
diff --git a/setup.py b/setup.py new file mode 100644 index 00000000..ab02ddf5 --- /dev/null +++ b/setup.py @@ -0,0 +1,51 @@ +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- +# +# Copyright (C) 2020 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""A file that specifies how to install minijail's python-based tool(s).""" + +import os +from setuptools import setup + + +this_directory = os.path.abspath(os.path.dirname(__file__)) +with open(os.path.join(this_directory, 'README.md'), encoding='utf-8') as f: + long_description = f.read() + +setup(name='minijail', + version='0.12', + description='A set of tools for Minijail', + classifiers=[ + 'Programming Language :: Python :: 3', + 'License :: OSI Approved :: Apache Software License', + 'Operating System :: Linux', + ], + python_requires='>=3.6', + license='Apache License 2.0', + long_description=long_description, + long_description_content_type='text/markdown', + author='Minijail Developers', + author_email='minijail-dev@google.com', + url='https://google.github.io/minijail/', + packages=['minijail'], + package_dir={'minijail': 'tools'}, + entry_points={ + 'console_scripts': [ + 'compile_seccomp_policy = minijail.compile_seccomp_policy:main', + 'generate_seccomp_policy = minijail.generate_seccomp_policy:main', + 'generate_constants_json = minijail.generate_constants_json:main', + ], + }, +) diff --git a/tools/README.md b/tools/README.md index 95997af6..d056797c 100644 --- a/tools/README.md +++ b/tools/README.md @@ -37,12 +37,6 @@ profile-guided optimization of the generated BPF code. The generated BPF code can be analyzed using [libseccomp](https://github.com/seccomp/libseccomp)'s `tools/scmp_bpf_disasm`. -*** note -**Note:** This tool is currently only supported for native and Android builds. -In Chrome OS builds, the build-time generation of arch-specific `constants.json` -is not yet enabled. -*** - ### Sample usage ```shell diff --git a/tools/compile_seccomp_policy.py b/tools/compile_seccomp_policy.py index 5887e917..f3b9eea3 100755 --- a/tools/compile_seccomp_policy.py +++ b/tools/compile_seccomp_policy.py @@ -25,10 +25,16 @@ from __future__ import print_function import argparse import sys -import arch -import bpf -import compiler -import parser +try: + import arch + import bpf + import compiler + import parser +except ImportError: + from minijail import arch + from minijail import bpf + from minijail import compiler + from minijail import parser def parse_args(argv): @@ -61,8 +67,12 @@ def parse_args(argv): return parser.parse_args(argv) -def main(argv): +def main(argv=None): """Main entrypoint.""" + + if argv is None: + argv = sys.argv[1:] + opts = parse_args(argv) parsed_arch = arch.Arch.load_from_json(opts.arch_json) policy_compiler = compiler.PolicyCompiler(parsed_arch) diff --git a/tools/compiler.py b/tools/compiler.py index 4e3881ae..161eadf0 100644 --- a/tools/compiler.py +++ b/tools/compiler.py @@ -20,8 +20,12 @@ from __future__ import print_function import enum -import bpf -import parser # pylint: disable=wrong-import-order +try: + import bpf + import parser # pylint: disable=wrong-import-order +except ImportError: + from minijail import bpf + from minijail import parser # pylint: disable=wrong-import-order class OptimizationStrategy(enum.Enum): diff --git a/tools/generate_constants_json.py b/tools/generate_constants_json.py index ae958ab4..814c4aee 100755 --- a/tools/generate_constants_json.py +++ b/tools/generate_constants_json.py @@ -72,8 +72,12 @@ def parse_llvm_ir(ir): return ParseResults(table_name=table_name, table_entries=table_entries) -def main(argv): +def main(argv=None): """Main entrypoint.""" + + if argv is None: + argv = sys.argv[1:] + parser = argparse.ArgumentParser(description=__doc__) parser.add_argument('--output', help='The path of the generated constants.json file.', diff --git a/tools/generate_seccomp_policy.py b/tools/generate_seccomp_policy.py index fe122d53..2cfb6118 100755 --- a/tools/generate_seccomp_policy.py +++ b/tools/generate_seccomp_policy.py @@ -117,8 +117,12 @@ def parse_trace_file(trace_filename, syscalls, arg_inspection): arg_inspection[syscall].value_set.add(arg_value) -def main(argv): +def main(argv=None): """Main entrypoint.""" + + if argv is None: + argv = sys.argv[1:] + opts = parse_args(argv) syscalls = collections.defaultdict(int) diff --git a/tools/parser.py b/tools/parser.py index d58dbd6e..a2ba336e 100644 --- a/tools/parser.py +++ b/tools/parser.py @@ -25,7 +25,11 @@ import itertools import os.path import re -import bpf +try: + import bpf +except ImportError: + from minijail import bpf + Token = collections.namedtuple( 'Token', ['type', 'value', 'filename', 'line', 'line_number', 'column']) |