Add build flags for libselinux

Consider /data/data as an app data directory (and skip any restorcon) if
the flag release_selinux_data_data_ignore is enabled.

Test: boot;
      setfattr -x security.sehash /data;
      setfattr -x security.sehash /data/data;
      reboot, restorecon ignores /data/data
Bug: 317296680
Change-Id: If341864555398cd042dbe5b89085821cc2f8a0c0

libselinux/Android.bp

@@ -52,6 +52,7 @@ common_CFLAGS = [
 
 cc_defaults {
     name: "libselinux_defaults",
+    defaults: ["libselinux_flags_defaults"],
 
     cflags: common_CFLAGS,
 
@@ -157,6 +158,28 @@ cc_defaults {
     stl: "none",
 }
 
+soong_config_module_type {
+    name: "cc_defaults_libselinux_flags",
+    module_type: "cc_defaults",
+    config_namespace: "ANDROID",
+    bool_variables: [
+        "release_selinux_data_data_ignore",
+    ],
+    properties: [
+        "cflags",
+    ],
+}
+
+cc_defaults_libselinux_flags {
+    name: "libselinux_flags_defaults",
+    host_supported: true,
+    soong_config_variables: {
+        release_selinux_data_data_ignore: {
+            cflags: ["-DSELINUX_FLAGS_DATA_DATA_IGNORE"],
+        }
+    }
+}
+
 cc_library {
     name: "libselinux",
     defaults: ["libselinux_defaults"],

libselinux/src/android/android_device.c

@@ -281,6 +281,11 @@ struct pkg_info *package_info_lookup(const char *name)
  */
 static bool is_app_data_path(const char *pathname) {
     int flags = FNM_LEADING_DIR|FNM_PATHNAME;
+#ifdef SELINUX_FLAGS_DATA_DATA_IGNORE
+    if (!strcmp(pathname, DATA_DATA_PATH)) {
+        return true;
+    }
+#endif
     return (!strncmp(pathname, DATA_DATA_PREFIX, sizeof(DATA_DATA_PREFIX)-1) ||
         !strncmp(pathname, DATA_USER_PREFIX, sizeof(DATA_USER_PREFIX)-1) ||
         !strncmp(pathname, DATA_USER_DE_PREFIX, sizeof(DATA_USER_DE_PREFIX)-1) ||