diff --git a/Android.mk b/Android.mk
index e235bdea8..fb32c6540 100644
--- a/Android.mk
+++ b/Android.mk
@@ -349,7 +349,7 @@ ifneq ($(with_asan),true)
 ifneq ($(SELINUX_IGNORE_NEVERALLOWS),true)
 LOCAL_REQUIRED_MODULES += \
     sepolicy_tests \
-    $(addsuffix _compat_test,$(PLATFORM_SEPOLICY_COMPAT_VERSIONS)) \
+    sepolicy_compat_test \
 
 ifeq ($(PRODUCT_SEPOLICY_SPLIT),true)
 LOCAL_REQUIRED_MODULES += \
@@ -770,11 +770,6 @@ $(foreach v,$(PLATFORM_SEPOLICY_COMPAT_VERSIONS), \
 )
 endif  # PRODUCT_SEPOLICY_SPLIT
 
-$(foreach v,$(PLATFORM_SEPOLICY_COMPAT_VERSIONS), \
-  $(eval version_under_treble_tests := $(v)) \
-  $(eval include $(LOCAL_PATH)/compat.mk) \
-)
-
 built_plat_sepolicy :=
 built_system_ext_sepolicy :=
 built_product_sepolicy :=
diff --git a/build/soong/build_files.go b/build/soong/build_files.go
index 865dbb4cd..0909f70a3 100644
--- a/build/soong/build_files.go
+++ b/build/soong/build_files.go
@@ -124,4 +124,9 @@ func (b *buildFiles) GenerateAndroidBuildActions(ctx android.ModuleContext) {
 		b.srcs[".product_public_for_vendor"] = b.findSrcsInDirs(ctx, ctx.DeviceConfig().BoardProductPublicPrebuiltDirs()...)
 		b.srcs[".product_private_for_vendor"] = b.findSrcsInDirs(ctx, ctx.DeviceConfig().BoardProductPrivatePrebuiltDirs()...)
 	}
+
+	for _, ver := range ctx.DeviceConfig().PlatformSepolicyCompatVersions() {
+		b.srcs[".plat_public_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.ModuleDir(), "prebuilts", "api", ver, "public"))
+		b.srcs[".plat_private_"+ver] = b.findSrcsInDirs(ctx, filepath.Join(ctx.ModuleDir(), "prebuilts", "api", ver, "private"))
+	}
 }
diff --git a/build/soong/compat_cil.go b/build/soong/compat_cil.go
index 46b0f7100..3044425b9 100644
--- a/build/soong/compat_cil.go
+++ b/build/soong/compat_cil.go
@@ -15,13 +15,21 @@
 package selinux
 
 import (
+	"fmt"
+
 	"github.com/google/blueprint/proptools"
 
 	"android/soong/android"
 )
 
+var (
+	compatTestDepTag = dependencyTag{name: "compat_test"}
+)
+
 func init() {
-	android.RegisterModuleType("se_compat_cil", compatCilFactory)
+	ctx := android.InitRegistrationContext
+	ctx.RegisterModuleType("se_compat_cil", compatCilFactory)
+	ctx.RegisterSingletonModuleType("se_compat_test", compatTestFactory)
 }
 
 // se_compat_cil collects and installs backwards compatibility cil files.
@@ -107,3 +115,154 @@ func (c *compatCil) AndroidMkEntries() []android.AndroidMkEntries {
 		},
 	}}
 }
+
+func (c *compatCil) OutputFiles(tag string) (android.Paths, error) {
+	switch tag {
+	case "":
+		return android.Paths{c.installSource}, nil
+	default:
+		return nil, fmt.Errorf("unsupported module reference tag %q", tag)
+	}
+}
+
+var _ android.OutputFileProducer = (*compatCil)(nil)
+
+// se_compat_test checks if compat files ({ver}.cil, {ver}.compat.cil) files are compatible with
+// current policy.
+func compatTestFactory() android.SingletonModule {
+	f := &compatTestModule{}
+	android.InitAndroidModule(f)
+	android.AddLoadHook(f, func(ctx android.LoadHookContext) {
+		f.loadHook(ctx)
+	})
+	return f
+}
+
+type compatTestModule struct {
+	android.SingletonModuleBase
+
+	compatTestTimestamp android.ModuleOutPath
+}
+
+func (f *compatTestModule) createPlatPubVersionedModule(ctx android.LoadHookContext, ver string) {
+	confName := fmt.Sprintf("pub_policy_%s.conf", ver)
+	cilName := fmt.Sprintf("pub_policy_%s.cil", ver)
+	platPubVersionedName := fmt.Sprintf("plat_pub_versioned_%s.cil", ver)
+
+	ctx.CreateModule(policyConfFactory, &nameProperties{
+		Name: proptools.StringPtr(confName),
+	}, &policyConfProperties{
+		Srcs: []string{
+			fmt.Sprintf(":se_build_files{.plat_public_%s}", ver),
+			":se_build_files{.reqd_mask}",
+		},
+		Installable: proptools.BoolPtr(false),
+	})
+
+	ctx.CreateModule(policyCilFactory, &nameProperties{
+		Name: proptools.StringPtr(cilName),
+	}, &policyCilProperties{
+		Src:          proptools.StringPtr(":" + confName),
+		Filter_out:   []string{":reqd_policy_mask.cil"},
+		Secilc_check: proptools.BoolPtr(false),
+		Installable:  proptools.BoolPtr(false),
+	})
+
+	ctx.CreateModule(versionedPolicyFactory, &nameProperties{
+		Name: proptools.StringPtr(platPubVersionedName),
+	}, &versionedPolicyProperties{
+		Base:          proptools.StringPtr(":" + cilName),
+		Target_policy: proptools.StringPtr(":" + cilName),
+		Version:       proptools.StringPtr(ver),
+		Installable:   proptools.BoolPtr(false),
+	})
+}
+
+func (f *compatTestModule) createCompatTestModule(ctx android.LoadHookContext, ver string) {
+	srcs := []string{
+		":plat_sepolicy.cil",
+		":system_ext_sepolicy.cil",
+		":product_sepolicy.cil",
+		fmt.Sprintf(":plat_%s.cil", ver),
+		fmt.Sprintf(":%s.compat.cil", ver),
+		fmt.Sprintf(":system_ext_%s.cil", ver),
+		fmt.Sprintf(":system_ext_%s.compat.cil", ver),
+		fmt.Sprintf(":product_%s.cil", ver),
+	}
+
+	if ver == ctx.DeviceConfig().BoardSepolicyVers() {
+		srcs = append(srcs,
+			":plat_pub_versioned.cil",
+			":vendor_sepolicy.cil",
+			":odm_sepolicy.cil",
+		)
+	} else {
+		srcs = append(srcs, fmt.Sprintf(":plat_pub_versioned_%s.cil", ver))
+	}
+
+	compatTestName := fmt.Sprintf("%s_compat_test", ver)
+	ctx.CreateModule(policyBinaryFactory, &nameProperties{
+		Name: proptools.StringPtr(compatTestName),
+	}, &policyBinaryProperties{
+		Srcs:              srcs,
+		Ignore_neverallow: proptools.BoolPtr(true),
+		Installable:       proptools.BoolPtr(false),
+	})
+}
+
+func (f *compatTestModule) loadHook(ctx android.LoadHookContext) {
+	for _, ver := range ctx.DeviceConfig().PlatformSepolicyCompatVersions() {
+		f.createPlatPubVersionedModule(ctx, ver)
+		f.createCompatTestModule(ctx, ver)
+	}
+}
+
+func (f *compatTestModule) DepsMutator(ctx android.BottomUpMutatorContext) {
+	for _, ver := range ctx.DeviceConfig().PlatformSepolicyCompatVersions() {
+		ctx.AddDependency(f, compatTestDepTag, fmt.Sprintf("%s_compat_test", ver))
+	}
+}
+
+func (f *compatTestModule) GenerateSingletonBuildActions(ctx android.SingletonContext) {
+	// does nothing; se_compat_test is a singeton because two compat test modules don't make sense.
+}
+
+func (f *compatTestModule) GenerateAndroidBuildActions(ctx android.ModuleContext) {
+	var inputs android.Paths
+	ctx.VisitDirectDepsWithTag(compatTestDepTag, func(child android.Module) {
+		o, ok := child.(android.OutputFileProducer)
+		if !ok {
+			panic(fmt.Errorf("Module %q should be an OutputFileProducer but it isn't", ctx.OtherModuleName(child)))
+		}
+
+		outputs, err := o.OutputFiles("")
+		if err != nil {
+			panic(fmt.Errorf("Module %q error while producing output: %v", ctx.OtherModuleName(child), err))
+		}
+		if len(outputs) != 1 {
+			panic(fmt.Errorf("Module %q should produce exactly one output, but did %q", ctx.OtherModuleName(child), outputs.Strings()))
+		}
+
+		inputs = append(inputs, outputs[0])
+	})
+
+	f.compatTestTimestamp = android.PathForModuleOut(ctx, "timestamp")
+	rule := android.NewRuleBuilder(pctx, ctx)
+	rule.Command().Text("touch").Output(f.compatTestTimestamp).Implicits(inputs)
+	rule.Build("compat", "compat test timestamp for: "+f.Name())
+}
+
+func (f *compatTestModule) AndroidMkEntries() []android.AndroidMkEntries {
+	return []android.AndroidMkEntries{android.AndroidMkEntries{
+		Class: "FAKE",
+		// OutputFile is needed, even though BUILD_PHONY_PACKAGE doesn't use it.
+		// Without OutputFile this module won't be exported to Makefile.
+		OutputFile: android.OptionalPathForPath(f.compatTestTimestamp),
+		Include:    "$(BUILD_PHONY_PACKAGE)",
+		ExtraEntries: []android.AndroidMkExtraEntriesFunc{
+			func(ctx android.AndroidMkExtraEntriesContext, entries *android.AndroidMkEntries) {
+				entries.SetString("LOCAL_ADDITIONAL_DEPENDENCIES", f.compatTestTimestamp.String())
+			},
+		},
+	}}
+}
diff --git a/compat.mk b/compat.mk
deleted file mode 100644
index 4aed8648f..000000000
--- a/compat.mk
+++ /dev/null
@@ -1,56 +0,0 @@
-version := $(version_under_treble_tests)
-
-include $(CLEAR_VARS)
-#################################
-# build this target to ensure the compat permissions files all build against the current policy
-#
-LOCAL_MODULE := $(version)_compat_test
-LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
-LOCAL_LICENSE_CONDITIONS := notice unencumbered
-LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
-LOCAL_REQUIRED_MODULES := $(version).compat.cil
-LOCAL_MODULE_CLASS := FAKE
-LOCAL_MODULE_TAGS := optional
-
-include $(BUILD_SYSTEM)/base_rules.mk
-
-all_cil_files := \
-    $(built_plat_cil) \
-    $(built_plat_mapping_cil) \
-    $(built_pub_vers_cil) \
-    $(ALL_MODULES.$(version).compat.cil.BUILT) \
-
-ifdef HAS_SYSTEM_EXT_SEPOLICY
-all_cil_files += $(built_system_ext_cil)
-endif
-
-ifdef HAS_SYSTEM_EXT_PUBLIC_SEPOLICY
-all_cil_files += $(built_system_ext_mapping_cil)
-endif
-
-ifdef HAS_PRODUCT_SEPOLICY
-all_cil_files += $(built_product_cil)
-endif
-
-ifdef HAS_PRODUCT_PUBLIC_SEPOLICY
-all_cil_files += $(built_product_mapping_cil)
-endif
-
-ifneq ($(mixed_sepolicy_build),true)
-
-all_cil_files += $(built_vendor_cil)
-
-ifdef BOARD_ODM_SEPOLICY_DIRS
-all_cil_files += $(built_odm_cil)
-endif
-
-endif # ifneq ($(mixed_sepolicy_build),true)
-
-$(LOCAL_BUILT_MODULE): PRIVATE_CIL_FILES := $(all_cil_files)
-$(LOCAL_BUILT_MODULE): $(HOST_OUT_EXECUTABLES)/secilc $(HOST_OUT_EXECUTABLES)/sepolicy-analyze $(all_cil_files)
-	@mkdir -p $(dir $@)
-	$(hide) $< -m -N -M true -G -c $(POLICYVERS) $(PRIVATE_CIL_FILES) -o $@ -f /dev/null
-
-all_cil_files :=
-version :=
-version_under_treble_tests :=
diff --git a/compat/Android.bp b/compat/Android.bp
index fd1a86484..bc8409a13 100644
--- a/compat/Android.bp
+++ b/compat/Android.bp
@@ -269,3 +269,7 @@ se_compat_cil {
     stem: "32.0.compat.cil",
     system_ext_specific: true,
 }
+
+se_compat_test {
+    name: "sepolicy_compat_test",
+}