Use prebuilt m4 instead of system m4
Bug: 117561006 Test: treehugger Change-Id: Id794aed10fdffef10490561d2cfeb2a92801b331
This commit is contained in:
Dan Willemsen
parent
a999e39423
commit
3c3e59b2a2
5 changed files with 112 additions and 67 deletions
121
Android.mk
121
Android.mk
|
|
@ -345,6 +345,10 @@ include $(BUILD_SYSTEM)/base_rules.mk
|
|||
|
||||
# sepolicy_policy.conf - All of the policy for the device. This is only used to
|
||||
# check neverallow rules.
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY) $(PLAT_VENDOR_POLICY) \
|
||||
$(PRODUCT_PUBLIC_POLICY) $(PRODUCT_PRIVATE_POLICY) \
|
||||
$(BOARD_VENDOR_SEPOLICY_DIRS) $(BOARD_ODM_SEPOLICY_DIRS))
|
||||
sepolicy_policy.conf := $(intermediates)/policy.conf
|
||||
$(sepolicy_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(sepolicy_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -354,15 +358,17 @@ $(sepolicy_policy.conf): PRIVATE_TGT_WITH_ASAN := $(with_asan)
|
|||
$(sepolicy_policy.conf): PRIVATE_TGT_WITH_NATIVE_COVERAGE := $(with_native_coverage)
|
||||
$(sepolicy_policy.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(sepolicy_policy.conf): PRIVATE_SEPOLICY_SPLIT := $(PRODUCT_SEPOLICY_SPLIT)
|
||||
$(sepolicy_policy.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY) $(PLAT_VENDOR_POLICY) \
|
||||
$(PRODUCT_PUBLIC_POLICY) $(PRODUCT_PRIVATE_POLICY) \
|
||||
$(BOARD_VENDOR_SEPOLICY_DIRS) $(BOARD_ODM_SEPOLICY_DIRS))
|
||||
$(sepolicy_policy.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(sepolicy_policy.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
$(hide) sed '/^\s*dontaudit.*;/d' $@ | sed '/^\s*dontaudit/,/;/d' > $@.dontaudit
|
||||
|
||||
# sepolicy_policy_2.conf - All of the policy for the device. This is only used to
|
||||
# check neverallow rules using sepolicy-analyze, similar to CTS.
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY) $(PLAT_VENDOR_POLICY) \
|
||||
$(PRODUCT_PUBLIC_POLICY) $(PRODUCT_PRIVATE_POLICY) \
|
||||
$(BOARD_VENDOR_SEPOLICY_DIRS) $(BOARD_ODM_SEPOLICY_DIRS))
|
||||
sepolicy_policy_2.conf := $(intermediates)/policy_2.conf
|
||||
$(sepolicy_policy_2.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(sepolicy_policy_2.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -373,10 +379,8 @@ $(sepolicy_policy_2.conf): PRIVATE_TGT_WITH_ASAN := $(with_asan)
|
|||
$(sepolicy_policy_2.conf): PRIVATE_TGT_WITH_NATIVE_COVERAGE := $(with_native_coverage)
|
||||
$(sepolicy_policy_2.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(sepolicy_policy_2.conf): PRIVATE_SEPOLICY_SPLIT := $(PRODUCT_SEPOLICY_SPLIT)
|
||||
$(sepolicy_policy_2.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY) $(PLAT_VENDOR_POLICY) \
|
||||
$(PRODUCT_PUBLIC_POLICY) $(PRODUCT_PRIVATE_POLICY) \
|
||||
$(BOARD_VENDOR_SEPOLICY_DIRS) $(BOARD_ODM_SEPOLICY_DIRS))
|
||||
$(sepolicy_policy_2.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(sepolicy_policy_2.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
$(hide) sed '/^\s*dontaudit.*;/d' $@ | sed '/^\s*dontaudit/,/;/d' > $@.dontaudit
|
||||
|
||||
|
|
@ -409,6 +413,7 @@ built_sepolicy_neverallows := $(LOCAL_BUILT_MODULE)
|
|||
# the compilation of public policy and subsequent removal of CIL policy that
|
||||
# should not be exported.
|
||||
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), $(REQD_MASK_POLICY))
|
||||
reqd_policy_mask.conf := $(intermediates)/reqd_policy_mask.conf
|
||||
$(reqd_policy_mask.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(reqd_policy_mask.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -419,7 +424,8 @@ $(reqd_policy_mask.conf): PRIVATE_TGT_WITH_NATIVE_COVERAGE := $(with_native_cove
|
|||
$(reqd_policy_mask.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(reqd_policy_mask.conf): PRIVATE_SEPOLICY_SPLIT := $(PRODUCT_SEPOLICY_SPLIT)
|
||||
$(reqd_policy_mask.conf): PRIVATE_COMPATIBLE_PROPERTY := $(PRODUCT_COMPATIBLE_PROPERTY)
|
||||
$(reqd_policy_mask.conf): $(call build_policy, $(sepolicy_build_files), $(REQD_MASK_POLICY))
|
||||
$(reqd_policy_mask.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(reqd_policy_mask.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
# b/37755687
|
||||
CHECKPOLICY_ASAN_OPTIONS := ASAN_OPTIONS=detect_leaks=0
|
||||
|
|
@ -438,6 +444,8 @@ reqd_policy_mask.conf :=
|
|||
# policy that would not compile in checkpolicy on its own. To get around this
|
||||
# limitation, add only the required files from private policy, which will
|
||||
# generate CIL policy that will then be filtered out by the reqd_policy_mask.
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PRODUCT_PUBLIC_POLICY) $(REQD_MASK_POLICY))
|
||||
pub_policy.conf := $(intermediates)/pub_policy.conf
|
||||
$(pub_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(pub_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -448,8 +456,8 @@ $(pub_policy.conf): PRIVATE_TGT_WITH_NATIVE_COVERAGE := $(with_native_coverage)
|
|||
$(pub_policy.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(pub_policy.conf): PRIVATE_SEPOLICY_SPLIT := $(PRODUCT_SEPOLICY_SPLIT)
|
||||
$(pub_policy.conf): PRIVATE_COMPATIBLE_PROPERTY := $(PRODUCT_COMPATIBLE_PROPERTY)
|
||||
$(pub_policy.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PRODUCT_PUBLIC_POLICY) $(REQD_MASK_POLICY))
|
||||
$(pub_policy.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(pub_policy.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
pub_policy.cil := $(intermediates)/pub_policy.cil
|
||||
$(pub_policy.cil): PRIVATE_POL_CONF := $(pub_policy.conf)
|
||||
|
|
@ -464,6 +472,8 @@ $(HOST_OUT_EXECUTABLES)/build_sepolicy $(pub_policy.conf) $(reqd_policy_mask.cil
|
|||
pub_policy.conf :=
|
||||
|
||||
##################################
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(REQD_MASK_POLICY))
|
||||
plat_pub_policy.conf := $(intermediates)/plat_pub_policy.conf
|
||||
$(plat_pub_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(plat_pub_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -474,8 +484,8 @@ $(plat_pub_policy.conf): PRIVATE_TGT_WITH_NATIVE_COVERAGE := $(with_native_cover
|
|||
$(plat_pub_policy.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(plat_pub_policy.conf): PRIVATE_SEPOLICY_SPLIT := $(PRODUCT_SEPOLICY_SPLIT)
|
||||
$(plat_pub_policy.conf): PRIVATE_COMPATIBLE_PROPERTY := $(PRODUCT_COMPATIBLE_PROPERTY)
|
||||
$(plat_pub_policy.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(REQD_MASK_POLICY))
|
||||
$(plat_pub_policy.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(plat_pub_policy.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
|
||||
plat_pub_policy.cil := $(intermediates)/plat_pub_policy.cil
|
||||
|
|
@ -503,6 +513,8 @@ include $(BUILD_SYSTEM)/base_rules.mk
|
|||
# plat_policy.conf - A combination of the private and public platform policy
|
||||
# which will ship with the device. The platform will always reflect the most
|
||||
# recent platform version and is not currently being attributized.
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY))
|
||||
plat_policy.conf := $(intermediates)/plat_policy.conf
|
||||
$(plat_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(plat_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -513,8 +525,8 @@ $(plat_policy.conf): PRIVATE_TGT_WITH_NATIVE_COVERAGE := $(with_native_coverage)
|
|||
$(plat_policy.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(plat_policy.conf): PRIVATE_SEPOLICY_SPLIT := $(PRODUCT_SEPOLICY_SPLIT)
|
||||
$(plat_policy.conf): PRIVATE_COMPATIBLE_PROPERTY := $(PRODUCT_COMPATIBLE_PROPERTY)
|
||||
$(plat_policy.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY))
|
||||
$(plat_policy.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(plat_policy.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
$(hide) sed '/^\s*dontaudit.*;/d' $@ | sed '/^\s*dontaudit/,/;/d' > $@.dontaudit
|
||||
|
||||
|
|
@ -546,6 +558,8 @@ LOCAL_MODULE_PATH := $(TARGET_DEBUG_RAMDISK_OUT)
|
|||
include $(BUILD_SYSTEM)/base_rules.mk
|
||||
|
||||
# userdebug_plat_policy.conf - the userdebug version plat_sepolicy.cil
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY))
|
||||
userdebug_plat_policy.conf := $(intermediates)/userdebug_plat_policy.conf
|
||||
$(userdebug_plat_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(userdebug_plat_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -556,8 +570,8 @@ $(userdebug_plat_policy.conf): PRIVATE_TGT_WITH_NATIVE_COVERAGE := $(with_native
|
|||
$(userdebug_plat_policy.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(userdebug_plat_policy.conf): PRIVATE_SEPOLICY_SPLIT := $(PRODUCT_SEPOLICY_SPLIT)
|
||||
$(userdebug_plat_policy.conf): PRIVATE_COMPATIBLE_PROPERTY := $(PRODUCT_COMPATIBLE_PROPERTY)
|
||||
$(userdebug_plat_policy.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY))
|
||||
$(userdebug_plat_policy.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(userdebug_plat_policy.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
$(hide) sed '/^\s*dontaudit.*;/d' $@ | sed '/^\s*dontaudit/,/;/d' > $@.dontaudit
|
||||
|
||||
|
|
@ -590,6 +604,9 @@ include $(BUILD_SYSTEM)/base_rules.mk
|
|||
|
||||
# product_policy.conf - A combination of the private and public product policy
|
||||
# which will ship with the device. Product policy is not attributized.
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY) \
|
||||
$(PRODUCT_PUBLIC_POLICY) $(PRODUCT_PRIVATE_POLICY))
|
||||
product_policy.conf := $(intermediates)/product_policy.conf
|
||||
$(product_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(product_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -600,9 +617,8 @@ $(product_policy.conf): PRIVATE_TGT_WITH_NATIVE_COVERAGE := $(with_native_covera
|
|||
$(product_policy.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(product_policy.conf): PRIVATE_SEPOLICY_SPLIT := $(PRODUCT_SEPOLICY_SPLIT)
|
||||
$(product_policy.conf): PRIVATE_COMPATIBLE_PROPERTY := $(PRODUCT_COMPATIBLE_PROPERTY)
|
||||
$(product_policy.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY) \
|
||||
$(PRODUCT_PUBLIC_POLICY) $(PRODUCT_PRIVATE_POLICY))
|
||||
$(product_policy.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(product_policy.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
$(hide) sed '/dontaudit/d' $@ > $@.dontaudit
|
||||
|
||||
|
|
@ -732,6 +748,9 @@ LOCAL_MODULE_PATH := $(TARGET_OUT_VENDOR)/etc/selinux
|
|||
|
||||
include $(BUILD_SYSTEM)/base_rules.mk
|
||||
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PRODUCT_PUBLIC_POLICY) $(REQD_MASK_POLICY) $(PLAT_VENDOR_POLICY) \
|
||||
$(BOARD_VENDOR_SEPOLICY_DIRS))
|
||||
vendor_policy.conf := $(intermediates)/vendor_policy.conf
|
||||
$(vendor_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(vendor_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -742,9 +761,8 @@ $(vendor_policy.conf): PRIVATE_TGT_WITH_NATIVE_COVERAGE := $(with_native_coverag
|
|||
$(vendor_policy.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(vendor_policy.conf): PRIVATE_SEPOLICY_SPLIT := $(PRODUCT_SEPOLICY_SPLIT)
|
||||
$(vendor_policy.conf): PRIVATE_COMPATIBLE_PROPERTY := $(PRODUCT_COMPATIBLE_PROPERTY)
|
||||
$(vendor_policy.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PRODUCT_PUBLIC_POLICY) $(REQD_MASK_POLICY) $(PLAT_VENDOR_POLICY) \
|
||||
$(BOARD_VENDOR_SEPOLICY_DIRS))
|
||||
$(vendor_policy.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(vendor_policy.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
$(hide) sed '/^\s*dontaudit.*;/d' $@ | sed '/^\s*dontaudit/,/;/d' > $@.dontaudit
|
||||
|
||||
|
|
@ -783,6 +801,9 @@ LOCAL_MODULE_PATH := $(TARGET_OUT_ODM)/etc/selinux
|
|||
|
||||
include $(BUILD_SYSTEM)/base_rules.mk
|
||||
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PRODUCT_PUBLIC_POLICY) $(REQD_MASK_POLICY) $(PLAT_VENDOR_POLICY) \
|
||||
$(BOARD_VENDOR_SEPOLICY_DIRS) $(BOARD_ODM_SEPOLICY_DIRS))
|
||||
odm_policy.conf := $(intermediates)/odm_policy.conf
|
||||
$(odm_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(odm_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -793,9 +814,8 @@ $(odm_policy.conf): PRIVATE_TGT_WITH_NATIVE_COVERAGE := $(with_native_coverage)
|
|||
$(odm_policy.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(odm_policy.conf): PRIVATE_SEPOLICY_SPLIT := $(PRODUCT_SEPOLICY_SPLIT)
|
||||
$(odm_policy.conf): PRIVATE_COMPATIBLE_PROPERTY := $(PRODUCT_COMPATIBLE_PROPERTY)
|
||||
$(odm_policy.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PRODUCT_PUBLIC_POLICY) $(REQD_MASK_POLICY) $(PLAT_VENDOR_POLICY) \
|
||||
$(BOARD_VENDOR_SEPOLICY_DIRS) $(BOARD_ODM_SEPOLICY_DIRS))
|
||||
$(odm_policy.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(odm_policy.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
$(hide) sed '/^\s*dontaudit.*;/d' $@ | sed '/^\s*dontaudit/,/;/d' > $@.dontaudit
|
||||
|
||||
|
|
@ -1001,6 +1021,11 @@ LOCAL_MODULE_PATH := $(TARGET_RECOVERY_ROOT_OUT)
|
|||
|
||||
include $(BUILD_SYSTEM)/base_rules.mk
|
||||
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY) \
|
||||
$(PRODUCT_PUBLIC_POLICY) $(PRODUCT_PRIVATE_POLICY) \
|
||||
$(PLAT_VENDOR_POLICY) $(BOARD_VENDOR_SEPOLICY_DIRS) \
|
||||
$(BOARD_ODM_SEPOLICY_DIRS))
|
||||
sepolicy.recovery.conf := $(intermediates)/sepolicy.recovery.conf
|
||||
$(sepolicy.recovery.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(sepolicy.recovery.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -1010,11 +1035,8 @@ $(sepolicy.recovery.conf): PRIVATE_TGT_WITH_ASAN := $(with_asan)
|
|||
$(sepolicy.recovery.conf): PRIVATE_TGT_WITH_NATIVE_COVERAGE := $(with_native_coverage)
|
||||
$(sepolicy.recovery.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(sepolicy.recovery.conf): PRIVATE_TGT_RECOVERY := -D target_recovery=true
|
||||
$(sepolicy.recovery.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY) \
|
||||
$(PRODUCT_PUBLIC_POLICY) $(PRODUCT_PRIVATE_POLICY) \
|
||||
$(PLAT_VENDOR_POLICY) $(BOARD_VENDOR_SEPOLICY_DIRS) \
|
||||
$(BOARD_ODM_SEPOLICY_DIRS))
|
||||
$(sepolicy.recovery.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(sepolicy.recovery.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
$(hide) sed '/^\s*dontaudit.*;/d' $@ | sed '/^\s*dontaudit/,/;/d' > $@.dontaudit
|
||||
|
||||
|
|
@ -1052,6 +1074,8 @@ LOCAL_MODULE_TAGS := tests
|
|||
|
||||
include $(BUILD_SYSTEM)/base_rules.mk
|
||||
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY))
|
||||
$(LOCAL_BUILT_MODULE): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(LOCAL_BUILT_MODULE): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
$(LOCAL_BUILT_MODULE): PRIVATE_TARGET_BUILD_VARIANT := user
|
||||
|
|
@ -1060,8 +1084,8 @@ $(LOCAL_BUILT_MODULE): PRIVATE_WITH_ASAN := false
|
|||
$(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY_SPLIT := cts
|
||||
$(LOCAL_BUILT_MODULE): PRIVATE_COMPATIBLE_PROPERTY := cts
|
||||
$(LOCAL_BUILT_MODULE): PRIVATE_EXCLUDE_BUILD_TEST := true
|
||||
$(LOCAL_BUILT_MODULE): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(PLAT_PUBLIC_POLICY) $(PLAT_PRIVATE_POLICY))
|
||||
$(LOCAL_BUILT_MODULE): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(LOCAL_BUILT_MODULE): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
$(hide) sed '/^\s*dontaudit.*;/d' $@ | sed '/^\s*dontaudit/,/;/d' > $@.dontaudit
|
||||
|
||||
|
|
@ -1114,9 +1138,10 @@ ifeq ($(TARGET_FLATTEN_APEX),true)
|
|||
endif
|
||||
|
||||
file_contexts.local.tmp := $(intermediates)/file_contexts.local.tmp
|
||||
$(file_contexts.local.tmp): $(local_fc_files)
|
||||
$(file_contexts.local.tmp): PRIVATE_FC_FILES := $(local_fc_files)
|
||||
$(file_contexts.local.tmp): $(local_fc_files) $(M4)
|
||||
@mkdir -p $(dir $@)
|
||||
$(hide) m4 --fatal-warnings -s $^ > $@
|
||||
$(hide) $(M4) --fatal-warnings -s $(PRIVATE_FC_FILES) > $@
|
||||
|
||||
device_fc_files := $(call build_vendor_policy, file_contexts)
|
||||
|
||||
|
|
@ -1126,9 +1151,10 @@ endif
|
|||
|
||||
file_contexts.device.tmp := $(intermediates)/file_contexts.device.tmp
|
||||
$(file_contexts.device.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(file_contexts.device.tmp): $(device_fc_files)
|
||||
$(file_contexts.device.tmp): PRIVATE_DEVICE_FC_FILES := $(device_fc_files)
|
||||
$(file_contexts.device.tmp): $(device_fc_files) $(M4)
|
||||
@mkdir -p $(dir $@)
|
||||
$(hide) m4 --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $^ > $@
|
||||
$(hide) $(M4) --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_DEVICE_FC_FILES) > $@
|
||||
|
||||
file_contexts.device.sorted.tmp := $(intermediates)/file_contexts.device.sorted.tmp
|
||||
$(file_contexts.device.sorted.tmp): PRIVATE_SEPOLICY := $(built_sepolicy)
|
||||
|
|
@ -1139,9 +1165,10 @@ $(file_contexts.device.sorted.tmp): $(file_contexts.device.tmp) $(built_sepolicy
|
|||
$(hide) $(HOST_OUT_EXECUTABLES)/fc_sort -i $< -o $@
|
||||
|
||||
file_contexts.concat.tmp := $(intermediates)/file_contexts.concat.tmp
|
||||
$(file_contexts.concat.tmp): $(file_contexts.local.tmp) $(file_contexts.device.sorted.tmp)
|
||||
$(file_contexts.concat.tmp): PRIVATE_CONTEXTS := $(file_contexts.local.tmp) $(file_contexts.device.sorted.tmp)
|
||||
$(file_contexts.concat.tmp): $(file_contexts.local.tmp) $(file_contexts.device.sorted.tmp) $(M4)
|
||||
@mkdir -p $(dir $@)
|
||||
$(hide) m4 --fatal-warnings -s $^ > $@
|
||||
$(hide) $(M4) --fatal-warnings -s $(PRIVATE_CONTEXTS) > $@
|
||||
|
||||
$(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_sepolicy)
|
||||
$(LOCAL_BUILT_MODULE): $(file_contexts.concat.tmp) $(built_sepolicy) $(HOST_OUT_EXECUTABLES)/sefcontext_compile $(HOST_OUT_EXECUTABLES)/checkfc
|
||||
|
|
@ -1199,9 +1226,9 @@ vnd_svcfiles := $(call build_policy, vndservice_contexts, $(PLAT_VENDOR_POLICY)
|
|||
vndservice_contexts.tmp := $(intermediates)/vndservice_contexts.tmp
|
||||
$(vndservice_contexts.tmp): PRIVATE_SVC_FILES := $(vnd_svcfiles)
|
||||
$(vndservice_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(vndservice_contexts.tmp): $(vnd_svcfiles)
|
||||
$(vndservice_contexts.tmp): $(vnd_svcfiles) $(M4)
|
||||
@mkdir -p $(dir $@)
|
||||
$(hide) m4 --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_SVC_FILES) > $@
|
||||
$(hide) $(M4) --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_SVC_FILES) > $@
|
||||
|
||||
$(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_sepolicy)
|
||||
$(LOCAL_BUILT_MODULE): $(vndservice_contexts.tmp) $(built_sepolicy) $(HOST_OUT_EXECUTABLES)/checkfc $(ACP)
|
||||
|
|
@ -1249,6 +1276,8 @@ intermediates := $(call intermediates-dir-for,ETC,built_plat_sepolicy,,,,)
|
|||
# to enable partners to add their own compatibility mapping
|
||||
BASE_PLAT_PUBLIC_POLICY := $(filter-out $(BOARD_PLAT_PUBLIC_SEPOLICY_DIR), $(PLAT_PUBLIC_POLICY))
|
||||
BASE_PLAT_PRIVATE_POLICY := $(filter-out $(BOARD_PLAT_PRIVATE_SEPOLICY_DIR), $(PLAT_PRIVATE_POLICY))
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(BASE_PLAT_PUBLIC_POLICY) $(BASE_PLAT_PRIVATE_POLICY))
|
||||
base_plat_policy.conf := $(intermediates)/base_plat_policy.conf
|
||||
$(base_plat_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(base_plat_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -1258,8 +1287,8 @@ $(base_plat_policy.conf): PRIVATE_TGT_WITH_ASAN := $(with_asan)
|
|||
$(base_plat_policy.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(base_plat_policy.conf): PRIVATE_SEPOLICY_SPLIT := true
|
||||
$(base_plat_policy.conf): PRIVATE_COMPATIBLE_PROPERTY := $(PRODUCT_COMPATIBLE_PROPERTY)
|
||||
$(base_plat_policy.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(BASE_PLAT_PUBLIC_POLICY) $(BASE_PLAT_PRIVATE_POLICY))
|
||||
$(base_plat_policy.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(base_plat_policy.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
$(hide) sed '/^\s*dontaudit.*;/d' $@ | sed '/^\s*dontaudit/,/;/d' > $@.dontaudit
|
||||
|
||||
|
|
@ -1277,6 +1306,8 @@ $(built_sepolicy_neverallows)
|
|||
$(hide) cat $(PRIVATE_ADDITIONAL_CIL_FILES) >> $@
|
||||
$(hide) $(HOST_OUT_EXECUTABLES)/secilc -m -M true -G -c $(POLICYVERS) $(PRIVATE_NEVERALLOW_ARG) $@ -o $@ -f /dev/null
|
||||
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), \
|
||||
$(BASE_PLAT_PUBLIC_POLICY) $(REQD_MASK_POLICY))
|
||||
base_plat_pub_policy.conf := $(intermediates)/base_plat_pub_policy.conf
|
||||
$(base_plat_pub_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$(base_plat_pub_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -1286,8 +1317,8 @@ $(base_plat_pub_policy.conf): PRIVATE_TGT_WITH_ASAN := $(with_asan)
|
|||
$(base_plat_pub_policy.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(base_plat_pub_policy.conf): PRIVATE_SEPOLICY_SPLIT := true
|
||||
$(base_plat_pub_policy.conf): PRIVATE_COMPATIBLE_PROPERTY := $(PRODUCT_COMPATIBLE_PROPERTY)
|
||||
$(base_plat_pub_policy.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$(BASE_PLAT_PUBLIC_POLICY) $(REQD_MASK_POLICY))
|
||||
$(base_plat_pub_policy.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$(base_plat_pub_policy.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
|
||||
base_plat_pub_policy.cil := $(intermediates)/base_plat_pub_policy.cil
|
||||
|
|
|
|||
|
|
@ -263,7 +263,8 @@ func (m *selinuxContextsModule) buildGeneralContexts(ctx android.ModuleContext,
|
|||
rule := android.NewRuleBuilder()
|
||||
|
||||
rule.Command().
|
||||
Text("m4 --fatal-warnings -s").
|
||||
Tool(ctx.Config().PrebuiltBuildTool(ctx, "m4")).
|
||||
Text("--fatal-warnings -s").
|
||||
FlagForEachArg("-D", ctx.DeviceConfig().SepolicyM4Defs()).
|
||||
Inputs(inputs).
|
||||
FlagWithOutput("> ", m.outputPath)
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
# processed by checkpolicy
|
||||
define transform-policy-to-conf
|
||||
@mkdir -p $(dir $@)
|
||||
$(hide) m4 --fatal-warnings $(PRIVATE_ADDITIONAL_M4DEFS) \
|
||||
$(hide) $(M4) --fatal-warnings $(PRIVATE_ADDITIONAL_M4DEFS) \
|
||||
-D mls_num_sens=$(PRIVATE_MLS_SENS) -D mls_num_cats=$(PRIVATE_MLS_CATS) \
|
||||
-D target_build_variant=$(PRIVATE_TARGET_BUILD_VARIANT) \
|
||||
-D target_with_dexpreopt=$(WITH_DEXPREOPT) \
|
||||
|
|
@ -13,6 +13,6 @@ $(hide) m4 --fatal-warnings $(PRIVATE_ADDITIONAL_M4DEFS) \
|
|||
-D target_compatible_property=$(PRIVATE_COMPATIBLE_PROPERTY) \
|
||||
-D target_exclude_build_test=$(PRIVATE_EXCLUDE_BUILD_TEST) \
|
||||
$(PRIVATE_TGT_RECOVERY) \
|
||||
-s $^ > $@
|
||||
-s $(PRIVATE_POLICY_FILES) > $@
|
||||
endef
|
||||
.KATI_READONLY := transform-policy-to-conf
|
||||
|
|
|
|||
|
|
@ -7,14 +7,16 @@ LOCAL_MODULE_PATH := $(TARGET_OUT)/etc/selinux
|
|||
|
||||
include $(BUILD_SYSTEM)/base_rules.mk
|
||||
|
||||
all_plat_mac_perms_keys := $(call build_policy, keys.conf, $(PLAT_PRIVATE_POLICY) $(PRODUCT_PRIVATE_POLICY))
|
||||
all_plat_mac_perms_files := $(call build_policy, mac_permissions.xml, $(PLAT_PRIVATE_POLICY))
|
||||
|
||||
# Build keys.conf
|
||||
plat_mac_perms_keys.tmp := $(intermediates)/plat_keys.tmp
|
||||
$(plat_mac_perms_keys.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(plat_mac_perms_keys.tmp): $(call build_policy, keys.conf, $(PLAT_PRIVATE_POLICY) $(PRODUCT_PRIVATE_POLICY))
|
||||
$(plat_mac_perms_keys.tmp): PRIVATE_KEYS := $(all_plat_mac_perms_keys)
|
||||
$(plat_mac_perms_keys.tmp): $(all_plat_mac_perms_keys) $(M4)
|
||||
@mkdir -p $(dir $@)
|
||||
$(hide) m4 --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $^ > $@
|
||||
|
||||
all_plat_mac_perms_files := $(call build_policy, mac_permissions.xml, $(PLAT_PRIVATE_POLICY))
|
||||
$(hide) $(M4) --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_KEYS) > $@
|
||||
|
||||
# Should be synced with keys.conf.
|
||||
all_plat_keys := platform media networkstack shared testkey
|
||||
|
|
@ -27,8 +29,9 @@ $(all_plat_mac_perms_files) $(all_plat_keys)
|
|||
$(hide) DEFAULT_SYSTEM_DEV_CERTIFICATE="$(dir $(DEFAULT_SYSTEM_DEV_CERTIFICATE))" \
|
||||
$(HOST_OUT_EXECUTABLES)/insertkeys.py -t $(TARGET_BUILD_VARIANT) -c $(TOP) $< -o $@ $(PRIVATE_MAC_PERMS_FILES)
|
||||
|
||||
all_mac_perms_files :=
|
||||
all_plat_keys :=
|
||||
all_plat_mac_perms_files :=
|
||||
all_plat_mac_perms_keys :=
|
||||
plat_mac_perms_keys.tmp :=
|
||||
|
||||
##################################
|
||||
|
|
@ -41,14 +44,16 @@ LOCAL_MODULE_PATH := $(TARGET_OUT_PRODUCT)/etc/selinux
|
|||
|
||||
include $(BUILD_SYSTEM)/base_rules.mk
|
||||
|
||||
all_product_mac_perms_keys := $(call build_policy, keys.conf, $(PRODUCT_PRIVATE_POLICY) $(REQD_MASK_POLICY))
|
||||
all_product_mac_perms_files := $(call build_policy, mac_permissions.xml, $(PRODUCT_PRIVATE_POLICY) $(REQD_MASK_POLICY))
|
||||
|
||||
# Build keys.conf
|
||||
product_mac_perms_keys.tmp := $(intermediates)/product_keys.tmp
|
||||
$(product_mac_perms_keys.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(product_mac_perms_keys.tmp): $(call build_policy, keys.conf, $(PRODUCT_PRIVATE_POLICY) $(REQD_MASK_POLICY))
|
||||
$(product_mac_perms_keys.tmp): PRIVATE_KEYS := $(all_product_mac_perms_keys)
|
||||
$(product_mac_perms_keys.tmp): $(all_product_mac_perms_keys)
|
||||
@mkdir -p $(dir $@)
|
||||
$(hide) m4 --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $^ > $@
|
||||
|
||||
all_product_mac_perms_files := $(call build_policy, mac_permissions.xml, $(PRODUCT_PRIVATE_POLICY) $(REQD_MASK_POLICY))
|
||||
$(hide) $(M4) --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $^ > $@
|
||||
|
||||
$(LOCAL_BUILT_MODULE): PRIVATE_MAC_PERMS_FILES := $(all_product_mac_perms_files)
|
||||
$(LOCAL_BUILT_MODULE): $(product_mac_perms_keys.tmp) $(HOST_OUT_EXECUTABLES)/insertkeys.py \
|
||||
|
|
@ -58,6 +63,7 @@ $(all_product_mac_perms_files)
|
|||
|
||||
product_mac_perms_keys.tmp :=
|
||||
all_product_mac_perms_files :=
|
||||
all_product_mac_perms_keys :=
|
||||
|
||||
##################################
|
||||
include $(CLEAR_VARS)
|
||||
|
|
@ -69,14 +75,16 @@ LOCAL_MODULE_PATH := $(TARGET_OUT_VENDOR)/etc/selinux
|
|||
|
||||
include $(BUILD_SYSTEM)/base_rules.mk
|
||||
|
||||
all_vendor_mac_perms_keys := $(call build_policy, keys.conf, $(PLAT_VENDOR_POLICY) $(BOARD_VENDOR_SEPOLICY_DIRS) $(REQD_MASK_POLICY))
|
||||
all_vendor_mac_perms_files := $(call build_policy, mac_permissions.xml, $(PLAT_VENDOR_POLICY) $(BOARD_VENDOR_SEPOLICY_DIRS) $(REQD_MASK_POLICY))
|
||||
|
||||
# Build keys.conf
|
||||
vendor_mac_perms_keys.tmp := $(intermediates)/vendor_keys.tmp
|
||||
$(vendor_mac_perms_keys.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(vendor_mac_perms_keys.tmp): $(call build_policy, keys.conf, $(PLAT_VENDOR_POLICY) $(BOARD_VENDOR_SEPOLICY_DIRS) $(REQD_MASK_POLICY))
|
||||
$(vendor_mac_perms_keys.tmp): PRIVATE_KEYS := $(all_vendor_mac_perms_keys)
|
||||
$(vendor_mac_perms_keys.tmp): $(all_vendor_mac_perms_keys) $(M4)
|
||||
@mkdir -p $(dir $@)
|
||||
$(hide) m4 --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $^ > $@
|
||||
|
||||
all_vendor_mac_perms_files := $(call build_policy, mac_permissions.xml, $(PLAT_VENDOR_POLICY) $(BOARD_VENDOR_SEPOLICY_DIRS) $(REQD_MASK_POLICY))
|
||||
$(hide) $(M4) --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_KEYS) > $@
|
||||
|
||||
$(LOCAL_BUILT_MODULE): PRIVATE_MAC_PERMS_FILES := $(all_vendor_mac_perms_files)
|
||||
$(LOCAL_BUILT_MODULE): $(vendor_mac_perms_keys.tmp) $(HOST_OUT_EXECUTABLES)/insertkeys.py \
|
||||
|
|
@ -86,6 +94,7 @@ $(all_vendor_mac_perms_files)
|
|||
|
||||
vendor_mac_perms_keys.tmp :=
|
||||
all_vendor_mac_perms_files :=
|
||||
all_vendor_mac_perms_keys :=
|
||||
|
||||
##################################
|
||||
include $(CLEAR_VARS)
|
||||
|
|
@ -97,14 +106,16 @@ LOCAL_MODULE_PATH := $(TARGET_OUT_ODM)/etc/selinux
|
|||
|
||||
include $(BUILD_SYSTEM)/base_rules.mk
|
||||
|
||||
all_odm_mac_perms_keys := $(call build_policy, keys.conf, $(BOARD_ODM_SEPOLICY_DIRS) $(REQD_MASK_POLICY))
|
||||
all_odm_mac_perms_files := $(call build_policy, mac_permissions.xml, $(BOARD_ODM_SEPOLICY_DIRS) $(REQD_MASK_POLICY))
|
||||
|
||||
# Build keys.conf
|
||||
odm_mac_perms_keys.tmp := $(intermediates)/odm_keys.tmp
|
||||
$(odm_mac_perms_keys.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$(odm_mac_perms_keys.tmp): $(call build_policy, keys.conf, $(BOARD_ODM_SEPOLICY_DIRS) $(REQD_MASK_POLICY))
|
||||
$(odm_mac_perms_keys.tmp): PRIVATE_KEYS := $(all_odm_mac_perms_keys)
|
||||
$(odm_mac_perms_keys.tmp): $(all_odm_mac_perms_keys) $(M4)
|
||||
@mkdir -p $(dir $@)
|
||||
$(hide) m4 --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $^ > $@
|
||||
|
||||
all_odm_mac_perms_files := $(call build_policy, mac_permissions.xml, $(BOARD_ODM_SEPOLICY_DIRS) $(REQD_MASK_POLICY))
|
||||
$(hide) $(M4) --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_KEYS) > $@
|
||||
|
||||
$(LOCAL_BUILT_MODULE): PRIVATE_MAC_PERMS_FILES := $(all_odm_mac_perms_files)
|
||||
$(LOCAL_BUILT_MODULE): $(odm_mac_perms_keys.tmp) $(HOST_OUT_EXECUTABLES)/insertkeys.py \
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ include $(BUILD_SYSTEM)/base_rules.mk
|
|||
# been maintained by our mapping files.
|
||||
$(version)_PLAT_PUBLIC_POLICY := $(LOCAL_PATH)/prebuilts/api/$(version)/public
|
||||
$(version)_PLAT_PRIVATE_POLICY := $(LOCAL_PATH)/prebuilts/api/$(version)/private
|
||||
policy_files := $(call build_policy, $(sepolicy_build_files), $($(version)_PLAT_PUBLIC_POLICY) $($(version)_PLAT_PRIVATE_POLICY))
|
||||
$(version)_plat_policy.conf := $(intermediates)/$(version)_plat_policy.conf
|
||||
$($(version)_plat_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
|
||||
$($(version)_plat_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
|
||||
|
|
@ -25,11 +26,12 @@ $($(version)_plat_policy.conf): PRIVATE_TGT_WITH_ASAN := $(with_asan)
|
|||
$($(version)_plat_policy.conf): PRIVATE_TGT_WITH_NATIVE_COVERAGE := $(with_native_coverage)
|
||||
$($(version)_plat_policy.conf): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
|
||||
$($(version)_plat_policy.conf): PRIVATE_SEPOLICY_SPLIT := true
|
||||
$($(version)_plat_policy.conf): $(call build_policy, $(sepolicy_build_files), \
|
||||
$($(version)_PLAT_PUBLIC_POLICY) $($(version)_PLAT_PRIVATE_POLICY))
|
||||
$($(version)_plat_policy.conf): PRIVATE_POLICY_FILES := $(policy_files)
|
||||
$($(version)_plat_policy.conf): $(policy_files) $(M4)
|
||||
$(transform-policy-to-conf)
|
||||
$(hide) sed '/dontaudit/d' $@ > $@.dontaudit
|
||||
|
||||
policy_files :=
|
||||
|
||||
built_$(version)_plat_sepolicy := $(intermediates)/built_$(version)_plat_sepolicy
|
||||
$(built_$(version)_plat_sepolicy): PRIVATE_ADDITIONAL_CIL_FILES := \
|
||||
|
|
|
|||
Loading…
Reference in a new issue