Drop the use of a policy version suffix on the sepolicy file.

The policy version suffix support was carried over from conventional
Linux distributions, where we needed to support simultaneous installation
of multiple kernels and policies.  This isn't required for Android, so
get rid of it and thereby simplify the policy pathname.

We still default to generating a specific policy version (the highest
one supported by the emulator kernel), but this can be overridden
by setting POLICYVERS on the make command-line or in the environment.

Requires a corresponding change to libselinux.

Change-Id: I40c88e13e8063ea37c2b9ab5b3ff8b0aa595402a
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

Android.mk

@@ -9,7 +9,7 @@ include $(CLEAR_VARS)
 # SELinux policy version.
 # Must be <= /selinux/policyvers reported by the Android kernel.
 # Must be within the compatibility range reported by checkpolicy -V.
-POLICYVERS := 24
+POLICYVERS ?= 24
 
 MLS_SENS=1
 MLS_CATS=1024
@@ -31,7 +31,6 @@ include $(CLEAR_VARS)
 LOCAL_MODULE := sepolicy
 LOCAL_MODULE_CLASS := ETC
 LOCAL_MODULE_TAGS := optional
-LOCAL_MODULE_SUFFIX := .$(POLICYVERS)
 LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
 
 include $(BUILD_SYSTEM)/base_rules.mk
@@ -79,9 +78,9 @@ $(seapp_contexts.tmp): $(LOCAL_PATH)/seapp_contexts $(LOCAL_POLICY_SC)
 	@mkdir -p $(dir $@)
 	$(hide) m4 -s $^ > $@
 
-$(LOCAL_BUILT_MODULE) : $(seapp_contexts.tmp) $(TARGET_ROOT_OUT)/sepolicy.$(POLICYVERS) $(HOST_OUT_EXECUTABLES)/checkseapp
+$(LOCAL_BUILT_MODULE) : $(seapp_contexts.tmp) $(TARGET_ROOT_OUT)/sepolicy $(HOST_OUT_EXECUTABLES)/checkseapp
 	@mkdir -p $(dir $@)
-	$(HOST_OUT_EXECUTABLES)/checkseapp -p $(TARGET_ROOT_OUT)/sepolicy.24 -o $@ $<
+	$(HOST_OUT_EXECUTABLES)/checkseapp -p $(TARGET_ROOT_OUT)/sepolicy -o $@ $<
 
 seapp_contexts.tmp :=
 ##################################