Add BUILD_BROKEN_VENDOR_SEAPP_USES_COREDOMAIN
Starting from Android V, vendor seapp_contexts files can't assign coredomain to vendor apps, as it's Treble violation. This build broken variable is to suppress the enforcement for devices launching with U or prior. Bug: 280547417 Test: set BUILD_BROKEN_VENDOR_SEAPP_USES_COREDOMAIN := true and build Change-Id: I7b91db8183a867aa490e490e56cb872ea830b21f
This commit is contained in:
Inseob Kim
parent
5a70ae0fc8
commit
d8de8757ae
2 changed files with 23 additions and 12 deletions
33
Android.mk
33
Android.mk
|
|
@ -221,14 +221,6 @@ ifeq ($(BUILD_BROKEN_TREBLE_SYSPROP_NEVERALLOW),true)
|
|||
treble_sysprop_neverallow := false
|
||||
endif
|
||||
|
||||
ifeq ($(PRODUCT_SHIPPING_API_LEVEL),)
|
||||
#$(warning no product shipping level defined)
|
||||
else ifneq ($(call math_lt,29,$(PRODUCT_SHIPPING_API_LEVEL)),)
|
||||
ifneq ($(BUILD_BROKEN_TREBLE_SYSPROP_NEVERALLOW),)
|
||||
$(error BUILD_BROKEN_TREBLE_SYSPROP_NEVERALLOW cannot be set on a device shipping with R or later, and this is tested by CTS.)
|
||||
endif
|
||||
endif
|
||||
|
||||
enforce_sysprop_owner := true
|
||||
ifeq ($(BUILD_BROKEN_ENFORCE_SYSPROP_OWNER),true)
|
||||
enforce_sysprop_owner := false
|
||||
|
|
@ -239,14 +231,33 @@ ifeq ($(PRODUCT_SET_DEBUGFS_RESTRICTIONS),true)
|
|||
enforce_debugfs_restriction := true
|
||||
endif
|
||||
|
||||
ifeq ($(PRODUCT_SHIPPING_API_LEVEL),)
|
||||
ifneq ($(PRODUCT_SHIPPING_API_LEVEL),)
|
||||
product_shipping_api_level := $(PRODUCT_SHIPPING_API_LEVEL)
|
||||
else
|
||||
#$(warning no product shipping level defined)
|
||||
else ifneq ($(call math_lt,30,$(PRODUCT_SHIPPING_API_LEVEL)),)
|
||||
ifneq ($(BUILD_BROKEN_ENFORCE_SYSPROP_OWNER),)
|
||||
product_shipping_api_level := 0
|
||||
endif
|
||||
|
||||
ifneq ($(BUILD_BROKEN_TREBLE_SYSPROP_NEVERALLOW),)
|
||||
ifneq ($(call math_lt,29,$(product_shipping_api_level)),)
|
||||
$(error BUILD_BROKEN_TREBLE_SYSPROP_NEVERALLOW cannot be set on a device shipping with R or later, and this is tested by CTS.)
|
||||
endif
|
||||
endif
|
||||
|
||||
ifneq ($(BUILD_BROKEN_ENFORCE_SYSPROP_OWNER),)
|
||||
ifneq ($(call math_lt,30,$(product_shipping_api_level)),)
|
||||
$(error BUILD_BROKEN_ENFORCE_SYSPROP_OWNER cannot be set on a device shipping with S or later, and this is tested by CTS.)
|
||||
endif
|
||||
endif
|
||||
|
||||
ifneq ($(BUILD_BROKEN_VENDOR_SEAPP_USES_COREDOMAIN),)
|
||||
ifneq ($(call math_lt,34,$(product_shipping_api_level)),)
|
||||
$(error BUILD_BROKEN_VENDOR_SEAPP_USES_COREDOMAIN cannot be set on a device shipping with V or later, and this is tested by CTS.)
|
||||
endif
|
||||
endif
|
||||
|
||||
product_shipping_api_level :=
|
||||
|
||||
# Library extension for host-side tests
|
||||
ifeq ($(HOST_OS),darwin)
|
||||
SHAREDLIB_EXT=dylib
|
||||
|
|
|
|||
|
|
@ -440,7 +440,7 @@ func (m *selinuxContextsModule) buildSeappContexts(ctx android.ModuleContext, in
|
|||
Inputs(inputs).
|
||||
Input(neverallowFile)
|
||||
|
||||
if ctx.SocSpecific() || ctx.DeviceSpecific() {
|
||||
if (ctx.SocSpecific() || ctx.DeviceSpecific()) && !ctx.DeviceConfig().BuildBrokenVendorSeappUsesCoredomain() {
|
||||
checkCmd.Flag("-c") // check coredomain
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue