Snap for 11819167 from e7f2a436659d7dc98c6d8b3a4bac3fe1cb2fba43 to busytown-mac-infra-releasebusytown-mac-infra-release

Change-Id: I2c7c5988e1b6227361f7108187216d30ee9b32f5

16 files changed, 105 insertions, 54 deletions

diff --git a/Android.bp b/Android.bp
index 25eb12f..d24b58d 100644
--- a/Android.bp
+++ b/Android.bp
@@ -253,9 +253,6 @@ cc_library {
     vendor_available: true,
     product_available: true,
     recovery_available: true,
-    vndk: {
-        enabled: true,
-    },
 
     defaults: ["libminijail_flags"],
 
@@ -460,6 +457,9 @@ cc_test {
         },
     },
     data: ["test/*"],
+    test_options: {
+        tags: ["no-remote"],
+    }
 }
 
 
diff --git a/PREUPLOAD.cfg b/PREUPLOAD.cfg
index 254a062..c7d9e54 100644
--- a/PREUPLOAD.cfg
+++ b/PREUPLOAD.cfg
@@ -3,3 +3,6 @@ clang_format = true
 
 [Builtin Hooks Options]
 clang_format = --commit ${PREUPLOAD_COMMIT} --style file --extensions c
+
+[Hook Scripts]
+repo_upload_warning = ./tools/repo_upload_warning ${PREUPLOAD_COMMIT}
diff --git a/gen_syscalls-inl.h b/gen_syscalls-inl.h
index aee71e2..e631424 100644
--- a/gen_syscalls-inl.h
+++ b/gen_syscalls-inl.h
@@ -86,12 +86,21 @@
 #elif __arm64__
 #define __NR_rseq 293
 #endif
+#endif /* __NR_rseq */
 
 #ifndef __NR_clone3
 #define __NR_clone3 435
 #endif
 
-#endif /* __NR_rseq */
+#ifndef __NR_userfaultfd
+#ifdef __x86_64__
+#define __NR_userfaultfd 323
+#elif __i386__
+#define __NR_userfaultfd 374
+#elif __arm64__
+#define __NR_userfaultfd 282
+#endif
+#endif /* __NR_userfaultfd */
 
 #ifndef __NR_membarrier
 #ifdef __x86_64__
diff --git a/rust/minijail-sys/Android.bp b/rust/minijail-sys/Android.bp
index 86c092e..e920e8a 100644
--- a/rust/minijail-sys/Android.bp
+++ b/rust/minijail-sys/Android.bp
@@ -1,8 +1,6 @@
-// This file is generated by cargo2android.py --config cargo2android.json.
+// This file is generated by cargo_embargo.
 // Do not modify this file as changes will be overridden on upgrade.
 
-
-
 package {
     // See: http://go/android-license-faq
     // A large-scale-change added 'default_applicable_licenses' to import
@@ -20,9 +18,7 @@ rust_library {
     cargo_pkg_version: "0.0.13",
     srcs: ["lib.rs"],
     edition: "2018",
-    rustlibs: [
-        "liblibc",
-    ],
+    rustlibs: ["liblibc"],
     shared_libs: [
         "libcap",
         "libminijail",
@@ -32,4 +28,6 @@ rust_library {
         "com.android.compos",
         "com.android.virt",
     ],
+    product_available: true,
+    vendor_available: true,
 }
diff --git a/rust/minijail-sys/build.rs b/rust/minijail-sys/build.rs
index 4aa172d..a223f3a 100644
--- a/rust/minijail-sys/build.rs
+++ b/rust/minijail-sys/build.rs
@@ -94,7 +94,6 @@ fn bindings_generation() -> io::Result<()> {
         .args(&["--blocklist-type", "__uint64_t"])
         .args(&["--allowlist-function", "^minijail_.*"])
         .args(&["--allowlist-var", "^MINIJAIL_.*"])
-        .arg("--size_t-is-usize")
         .arg("--no-layout-tests")
         .arg("--disable-header-comment")
         .args(&["--output", gen_file.to_str().unwrap()])
diff --git a/rust/minijail-sys/cargo2android.json b/rust/minijail-sys/cargo2android.json
deleted file mode 100644
index 4fb4f8f..0000000
--- a/rust/minijail-sys/cargo2android.json
+++ /dev/null
@@ -1,13 +0,0 @@
-{
-  "run": true,
-  "device": true,
-  "apex-available": [
-    "//apex_available:platform",
-    "com.android.compos",
-    "com.android.virt"
-  ],
-  "patch": "patches/Android.bp.patch",
-  "lib-blocklist": [
-    "minijail.pic"
-  ]
-}
diff --git a/rust/minijail-sys/cargo_embargo.json b/rust/minijail-sys/cargo_embargo.json
new file mode 100644
index 0000000..1aab646
--- /dev/null
+++ b/rust/minijail-sys/cargo_embargo.json
@@ -0,0 +1,15 @@
+{
+  "apex_available": [
+    "//apex_available:platform",
+    "com.android.compos",
+    "com.android.virt"
+  ],
+  "package": {
+    "minijail-sys": {
+      "dep_blocklist": [
+        "libminijail.pic"
+      ],
+      "patch": "patches/Android.bp.patch"
+    }
+  }
+}
diff --git a/rust/minijail-sys/patches/Android.bp.patch b/rust/minijail-sys/patches/Android.bp.patch
index fe5115c..a08a9ce 100644
--- a/rust/minijail-sys/patches/Android.bp.patch
+++ b/rust/minijail-sys/patches/Android.bp.patch
@@ -1,11 +1,11 @@
 diff --git a/rust/minijail-sys/Android.bp b/rust/minijail-sys/Android.bp
-index bdba0d7..788dc77 100644
+index cbef76a..e920e8a 100644
 --- a/rust/minijail-sys/Android.bp
 +++ b/rust/minijail-sys/Android.bp
-@@ -14,7 +14,10 @@ rust_library {
-     rustlibs: [
-         "liblibc",
-     ],
+@@ -19,7 +19,10 @@ rust_library {
+     srcs: ["lib.rs"],
+     edition: "2018",
+     rustlibs: ["liblibc"],
 -    shared_libs: ["libcap"],
 +    shared_libs: [
 +        "libcap",
diff --git a/rust/minijail/Android.bp b/rust/minijail/Android.bp
index ba66d81..dce38b3 100644
--- a/rust/minijail/Android.bp
+++ b/rust/minijail/Android.bp
@@ -1,8 +1,6 @@
-// This file is generated by cargo2android.py --config cargo2android.json.
+// This file is generated by cargo_embargo.
 // Do not modify this file as changes will be overridden on upgrade.
 
-
-
 package {
     // See: http://go/android-license-faq
     // A large-scale-change added 'default_applicable_licenses' to import
@@ -14,7 +12,6 @@ package {
 
 rust_library {
     name: "libminijail_rust",
-    stem: "libminijail",
     host_supported: true,
     crate_name: "minijail",
     cargo_env_compat: true,
@@ -30,4 +27,6 @@ rust_library {
         "com.android.compos",
         "com.android.virt",
     ],
+    product_available: true,
+    vendor_available: true,
 }
diff --git a/rust/minijail/cargo2android.json b/rust/minijail/cargo_embargo.json
index d2adf3e..dd2bfad 100644
--- a/rust/minijail/cargo2android.json
+++ b/rust/minijail/cargo_embargo.json
@@ -1,9 +1,8 @@
 {
-  "run": true,
-  "device": true,
-  "apex-available": [
+  "apex_available": [
     "//apex_available:platform",
     "com.android.compos",
     "com.android.virt"
-  ]
+  ],
+  "run_cargo": false
 }
diff --git a/tools/Android.bp b/tools/Android.bp
index 62b3a88..3a3e9c6 100644
--- a/tools/Android.bp
+++ b/tools/Android.bp
@@ -45,6 +45,11 @@ python_test_host {
     data: [
         "testdata/arch_64.json",
     ],
+    version: {
+        py3: {
+            embedded_launcher: true,
+        },
+    },
 }
 
 python_test_host {
@@ -60,6 +65,11 @@ python_test_host {
     data: [
         "testdata/arch_64.json",
     ],
+    version: {
+        py3: {
+            embedded_launcher: true,
+        },
+    },
 }
 
 python_binary_host {
diff --git a/tools/arch.py b/tools/arch.py
index ac2f32b..b245f38 100644
--- a/tools/arch.py
+++ b/tools/arch.py
@@ -45,12 +45,17 @@ class Arch(
     def load_from_json(json_path):
         """Return an Arch from a .json file."""
         with open(json_path, 'r') as json_file:
-            constants = json.load(json_file)
-            return Arch(
-                arch_nr=constants['arch_nr'],
-                arch_name=constants['arch_name'],
-                bits=constants['bits'],
-                syscalls=constants['syscalls'],
-                constants=constants['constants'],
-                syscall_groups=constants.get('syscall_groups', {}),
-            )
+            return Arch.load_from_json_bytes(json_file.read())
+
+    @staticmethod
+    def load_from_json_bytes(json_bytes):
+        """Return an Arch from a json string."""
+        constants = json.loads(json_bytes)
+        return Arch(
+            arch_nr=constants["arch_nr"],
+            arch_name=constants["arch_name"],
+            bits=constants["bits"],
+            syscalls=constants["syscalls"],
+            constants=constants["constants"],
+            syscall_groups=constants.get("syscall_groups", {}),
+        )
diff --git a/tools/compiler_unittest.py b/tools/compiler_unittest.py
index b1592d2..993de59 100755
--- a/tools/compiler_unittest.py
+++ b/tools/compiler_unittest.py
@@ -23,15 +23,16 @@ import random
 import shutil
 import tempfile
 import unittest
+from importlib import resources
 
 import arch
 import bpf
 import compiler
 import parser  # pylint: disable=wrong-import-order
 
-ARCH_64 = arch.Arch.load_from_json(
-    os.path.join(
-        os.path.dirname(os.path.abspath(__file__)), 'testdata/arch_64.json'))
+ARCH_64 = arch.Arch.load_from_json_bytes(
+    resources.files("testdata").joinpath("arch_64.json").read_bytes()
+)
 
 
 class CompileFilterStatementTests(unittest.TestCase):
@@ -404,7 +405,8 @@ class CompileFileTests(unittest.TestCase):
             num_entries = 64 * (i + 1) // iterations
             syscalls = dict(
                 zip(
-                    random.sample(self.arch.syscalls.keys(), num_entries),
+                    random.sample(
+                        list(self.arch.syscalls.keys()), num_entries),
                     (random.randint(1, 1024) for _ in range(num_entries)),
                 ))
 
@@ -479,7 +481,8 @@ class CompileFileTests(unittest.TestCase):
         # codegen layer will coalesce filters that compile to the same
         # instructions.
         policy_contents = []
-        for name in random.sample(self.arch.syscalls.keys(), num_entries):
+        for name in random.sample(
+            list(self.arch.syscalls.keys()), num_entries):
             values = random.sample(range(1024), num_entries)
             syscalls[name] = values
             policy_contents.append(
diff --git a/tools/generate_constants_json.py b/tools/generate_constants_json.py
index 3fe8684..005fff8 100755
--- a/tools/generate_constants_json.py
+++ b/tools/generate_constants_json.py
@@ -130,6 +130,8 @@ def main(argv=None):
         constants_json['arch_name'] = 'arm64'
     elif constants_json['arch_nr'] == 0x40000028:
         constants_json['arch_name'] = 'arm'
+    elif constants_json['arch_nr'] == 0xC00000F3:
+        constants_json['arch_name'] = 'riscv64'
     else:
         raise ValueError('Unknown architecture: 0x%08X' %
                          constants_json['arch_nr'])
diff --git a/tools/parser_unittest.py b/tools/parser_unittest.py
index 9e7d6d8..5e7c8a2 100755
--- a/tools/parser_unittest.py
+++ b/tools/parser_unittest.py
@@ -24,14 +24,15 @@ import os
 import shutil
 import tempfile
 import unittest
+from importlib import resources
 
 import arch
 import bpf
 import parser  # pylint: disable=wrong-import-order
 
-ARCH_64 = arch.Arch.load_from_json(
-    os.path.join(
-        os.path.dirname(os.path.abspath(__file__)), 'testdata/arch_64.json'))
+ARCH_64 = arch.Arch.load_from_json_bytes(
+    resources.files("testdata").joinpath("arch_64.json").read_bytes()
+)
 
 
 class TokenizerTests(unittest.TestCase):
diff --git a/tools/repo_upload_warning b/tools/repo_upload_warning
new file mode 100755
index 0000000..3333eba
--- /dev/null
+++ b/tools/repo_upload_warning
@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+
+if git log -n 1 --format='%B' $1 | grep -q -E "^Ignore-Upstream-First: .+" ; then
+  # Change is explicitly marked as ok to skip upstream
+  exit 0
+elif git log -n 1 --format='%s' $1 | grep -q -E "^(UPSTREAM|Upstream): .+" ; then
+  # Change is explicitly marked as coming from the upstream
+  exit 0
+fi
+
+echo "WARNING: Here is not the upstream."
+echo ""
+echo "Do not submit changes to this repository directly. Please submit changes to upstream"
+echo "from https://chromium-review.googlesource.com/q/project:chromiumos/platform/minijail"
+echo ""
+echo "If the change is from the upstream, please prepend \"UPSTREAM: \" to the subject."
+echo ""
+echo "If indeed necessary, please add \"Ignore-Upstream-First: <reason>\" to commit message"
+echo "to bypass."
+
+exit 1