tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Android.mk: Support SYSTEM_EXT* sepolicy" am: 5b238f9799

Browse source 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1277793

Change-Id: I245db072c495f1b6a10ee7522836549fc912eb1b
This commit is contained in:
Treehugger Robot 2020-10-12 04:20:32 +00:00 committed by Automerger Merge Worker
commit 9640e3c44d
2 changed files with 23 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
Android.mk
View file

@ -52,8 +52,18 @@ PLAT_PUBLIC_POLICY := $(LOCAL_PATH)/public
PLAT_PRIVATE_POLICY := $(LOCAL_PATH)/private
PLAT_VENDOR_POLICY := $(LOCAL_PATH)/vendor
REQD_MASK_POLICY := $(LOCAL_PATH)/reqd_mask
SYSTEM_EXT_PUBLIC_POLICY := $(BOARD_PLAT_PUBLIC_SEPOLICY_DIR)
SYSTEM_EXT_PRIVATE_POLICY := $(BOARD_PLAT_PRIVATE_SEPOLICY_DIR)
SYSTEM_EXT_PUBLIC_POLICY := $(SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS)
ifneq (,$(BOARD_PLAT_PUBLIC_SEPOLICY_DIR))
# TODO: Disallow BOARD_PLAT_*
SYSTEM_EXT_PUBLIC_POLICY += $(BOARD_PLAT_PUBLIC_SEPOLICY_DIR)
endif
SYSTEM_EXT_PRIVATE_POLICY := $(SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS)
ifneq (,$(BOARD_PLAT_PRIVATE_SEPOLICY_DIR))
# TODO: Disallow BOARD_PLAT_*
SYSTEM_EXT_PRIVATE_POLICY += $(BOARD_PLAT_PRIVATE_SEPOLICY_DIR)
endif
PRODUCT_PUBLIC_POLICY := $(PRODUCT_PUBLIC_SEPOLICY_DIRS)
PRODUCT_PRIVATE_POLICY := $(PRODUCT_PRIVATE_SEPOLICY_DIRS)

11
README
View file

@ -34,6 +34,17 @@ From the Tuna device BoardConfig.mk, device/samsung/tuna/BoardConfig.mk
BOARD_VENDOR_SEPOLICY_DIRS += device/samsung/tuna/sepolicy
Alongside vendor sepolicy dirs, OEMs can also amend the public and private
policy of the product and system_ext partitions:
SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS += device/acme/roadrunner-sepolicy/systemext/public
SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS += device/acme/roadrunner-sepolicy/systemext/private
PRODUCT_PUBLIC_SEPOLICY_DIRS += device/acme/roadrunner-sepolicy/product/public
PRODUCT_PRIVATE_SEPOLICY_DIRS += device/acme/roadrunner-sepolicy/product/private
The old BOARD_PLAT_PUBLIC_SEPOLICY_DIR and BOARD_PLAT_PRIVATE_SEPOLICY_DIR
variables have been deprecated in favour of SYSTEM_EXT_*.
Additionally, OEMs can specify BOARD_SEPOLICY_M4DEFS to pass arbitrary m4
definitions during the build. A definition consists of a string in the form
of macro-name=value. Spaces must NOT be present. This is useful for building modular