tequilaOS/platform_build
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

delete recovery policy on changing build types

Browse source 
When the build type changes (for example, from "shamu-userdebug"
to "shamu-user"), the build system doesn't delete all files
and start over. Rather, build artifacts from the old build type
are reused for the new build type.

This is problematic for the recovery SELinux policy, which differs
between build types. Reusing a userdebug policy on a user build
is inappropriate and could lead to security bugs.

Force the deletion of the recovery SELinux policy when changing
build types, so it can be properly regenerated. This is consistent
with how we treat the normal SELinux policy (see commit
a8b3d54101).

(cherry picked from commit 3cb10bbd3b)

Change-Id: I1d8ad7e06112777c66abed4546dadb85d35e33e1
This commit is contained in:
Nick Kralevich 2016-02-27 10:41:41 -08:00
parent 6dece90534
commit 133e1e1f16
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
core/cleanbuild.mk
View file

@ -253,6 +253,7 @@ installclean_files := \
$(PRODUCT_OUT)/obj/EXECUTABLES/init_intermediates \
$(PRODUCT_OUT)/obj/ETC/mac_permissions.xml_intermediates \
$(PRODUCT_OUT)/obj/ETC/sepolicy_intermediates \
$(PRODUCT_OUT)/obj/ETC/sepolicy.recovery_intermediates \
$(PRODUCT_OUT)/obj/ETC/init.environ.rc_intermediates
# The files/dirs to delete during a dataclean, which removes any files