def GetCoreDomains():
global alldomains
global coredomains
for d in alldomains:
# TestCoredomainViolations will verify if coredomain was incorrectly
# applied.
if "coredomain" in alldomains[d].attributes:
alldomains[d].coredomain = True
coredomains.add(d)
# check whether domains are executed off of /system or /vendor
if d in coredomainWhitelist:
continue
# TODO, add checks to prevent app domains from being incorrectly
# labeled as coredomain. Apps don't have entrypoints as they're always
# dynamically transitioned to by zygote.
if d in appdomains:
continue
if not alldomains[d].entrypointpaths:
continue
for path in alldomains[d].entrypointpaths:
# Processes with entrypoint on /system
if ((MatchPathPrefix(path, "/system")
and not MatchPathPrefix(path, "/system/vendor"))
or MatchPathPrefix(path, "/init")
or MatchPathPrefix(path, "/charger")):
alldomains[d].fromSystem = True
# Processes with entrypoint on /vendor or /system/vendor
if (MatchPathPrefix(path, "/vendor")
or MatchPathPrefix(path, "/system/vendor")):
alldomains[d].fromVendor = True
# Work around to *not* mark /sbin services as system
if MatchPathPrefix(path, "/sbin"):
alldomains[d].fromSystem = False
alldomains[d].fromVendor = False
def GetCoreDomains():
global alldomains
global coredomains
for d in alldomains:
domain = alldomains[d]
# TestCoredomainViolations will verify if coredomain was incorrectly
# applied.
if "coredomain" in domain.attributes:
domain.coredomain = True
coredomains.add(d)
# check whether domains are executed off of /system or /vendor
if d in coredomainAllowlist:
continue
# TODO(b/153112003): add checks to prevent app domains from being
# incorrectly labeled as coredomain. Apps don't have entrypoints as
# they're always dynamically transitioned to by zygote.
if d in appdomains:
continue
# TODO(b/153112747): need to handle cases where there is a dynamic
# transition OR there happens to be no context in AOSP files.
if not domain.entrypointpaths:
continue
for path in domain.entrypointpaths:
vendor = any(
MatchPathPrefix(path, prefix)
for prefix in ["/vendor", "/odm"])
system = any(
MatchPathPrefix(path, prefix)
for prefix in ["/init", "/system_ext", "/product"])
# only mark entrypoint as system if it is not in legacy /system/vendor
if MatchPathPrefix(path, "/system/vendor"):
vendor = True
elif MatchPathPrefix(path, "/system"):
system = True
if not vendor and not system:
domain.error += "Unrecognized entrypoint for " + d + " at " + path + "\n"
domain.fromSystem = domain.fromSystem or system
domain.fromVendor = domain.fromVendor or vendor