[Buildroot] [PATCH 10/15] package/refpolicy: allow providing user defined modules

Antoine Tenart antoine.tenart at bootlin.com
Fri Sep 4 15:28:06 UTC 2020


Hello,

Quoting Thomas Petazzoni (2020-09-04 17:10:09)
> On Fri, 04 Sep 2020 17:00:17 +0200
> Antoine Tenart <antoine.tenart at bootlin.com> wrote:
> 
> > As a result, REFPOLICY_COPY_EXTRA_MODULES will always be called and
> > the 'buildroot/metadata.xml' file will be installed. This would break
> > the build.
> > 
> > But using:
> > 
> > ifneq ($(qstrip,$(REFPOLICY_EXTRA_MODULES_DIRS)),)
> 
> But indeed, there will always be a space in
> REFPOLICY_EXTRA_MODULES_DIRS. So I guess the most logical change to do
> is:
> 
> REFPOLICY_EXTRA_MODULES_DIRS = \
>         $(strip \
>                 $(call qstrip,$(BR2_REFPOLICY_EXTRA_MODULES_DIRS)) \
>                 $(PACKAGES_SELINUX_EXTRA_MODULES_DIRS))
> 
> > would also not work as REFPOLICY_EXTRA_MODULES_DIRS would be expanded
> > too early, and PACKAGES_SELINUX_EXTRA_MODULES_DIRS might not already
> > contain all the packages selinux's custom modules.
> 
> I'm not sure it's related to being expanded "too early". All those
> variables are recursively expanded, i.e expanded at time of use.

Calling "ifneq ($(REFPOLICY_EXTRA_MODULES_DIRS),)" would expend the
variables in REFPOLICY_EXTRA_MODULES_DIRS, including
REFPOLICY_EXTRA_MODULES_DIRS. But at the time this is done not all the
packages would have been parsed and expanded, and
REFPOLICY_EXTRA_MODULES_DIRS will therefor not contain the full list of
"selinux" folders within packages.

Deferring its expansion to the configure/build target do ensure the
REFPOLICY_EXTRA_MODULES_DIRS list is complete, as all the other packages
would be parsed and expanded by then.

Thanks,
Antoine

-- 
Antoine Ténart, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com



More information about the buildroot mailing list