tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add /odm/etc/selinux/odm_seapp_contexts

Browse source 
Bug: 64240127
Test: normal boot a device
Change-Id: I3626357237cc18a99511f1ebd9dd3ff5a7655963
This commit is contained in:
Bowgo Tsai 2017-11-29 16:15:28 +08:00
parent bae1517a58
commit ecf656b06f
2 changed files with 27 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
Android.mk
View file

@ -254,7 +254,8 @@ endif
ifdef BOARD_ODM_SEPOLICY_DIRS
LOCAL_REQUIRED_MODULES += \
odm_sepolicy.cil \
odm_file_contexts
odm_file_contexts \
odm_seapp_contexts
endif
include $(BUILD_PHONY_PACKAGE)
@ -1069,6 +1070,29 @@ $(LOCAL_BUILT_MODULE): $(built_sepolicy) $(vendor_sc_files) $(HOST_OUT_EXECUTABL
built_vendor_sc := $(LOCAL_BUILT_MODULE)
vendor_sc_files :=
##################################
include $(CLEAR_VARS)
LOCAL_MODULE := odm_seapp_contexts
LOCAL_MODULE_CLASS := ETC
LOCAL_MODULE_TAGS := optional
LOCAL_MODULE_PATH := $(TARGET_OUT_ODM)/etc/selinux
include $(BUILD_SYSTEM)/base_rules.mk
odm_sc_files := $(call build_policy, seapp_contexts, $(BOARD_ODM_SEPOLICY_DIRS))
plat_sc_neverallow_files := $(call build_policy, seapp_contexts, $(PLAT_PRIVATE_POLICY))
$(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_sepolicy)
$(LOCAL_BUILT_MODULE): PRIVATE_SC_FILES := $(odm_sc_files)
$(LOCAL_BUILT_MODULE): PRIVATE_SC_NEVERALLOW_FILES := $(plat_sc_neverallow_files)
$(LOCAL_BUILT_MODULE): $(built_sepolicy) $(odm_sc_files) $(HOST_OUT_EXECUTABLES)/checkseapp $(plat_sc_neverallow_files)
@mkdir -p $(dir $@)
$(hide) grep -ihe '^neverallow' $(PRIVATE_SC_NEVERALLOW_FILES) > $@.tmp
$(hide) $(HOST_OUT_EXECUTABLES)/checkseapp -p $(PRIVATE_SEPOLICY) -o $@ $(PRIVATE_SC_FILES) $@.tmp
built_odm_sc := $(LOCAL_BUILT_MODULE)
odm_sc_files :=
##################################
include $(CLEAR_VARS)
LOCAL_MODULE := plat_seapp_neverallows
@ -1502,6 +1526,7 @@ built_vendor_cil :=
built_vendor_pc :=
built_vendor_sc :=
built_odm_cil :=
built_odm_sc :=
built_plat_sc :=
built_precompiled_sepolicy :=
built_sepolicy :=

1
private/file_contexts
View file

@ -341,6 +341,7 @@
/(odm|vendor/odm)/etc/selinux/odm_sepolicy.cil u:object_r:sepolicy_file:s0
/(odm|vendor/odm)/etc/selinux/odm_file_contexts u:object_r:file_contexts_file:s0
/(odm|vendor/odm)/etc/selinux/odm_seapp_contexts u:object_r:seapp_contexts_file:s0
#############################
# Product files