tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/Android.bp
Bob Badour 601ebb43a3 [LSC] Add LOCAL_LICENSE_KINDS to system/sepolicy 
Added SPDX-license-identifier-Apache-2.0 to:
  build/Android.bp
  build/soong/Android.bp
  tests/Android.bp
  tools/Android.bp

Added SPDX-license-identifier-Apache-2.0 legacy_unencumbered to:
  Android.bp
  Android.mk
  compat.mk
  contexts_tests.mk
  mac_permissions.mk
  seapp_contexts.mk
  treble_sepolicy_tests_for_release.mk

Added legacy_unencumbered to:
  apex/Android.bp
  tools/sepolicy-analyze/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: I1ab286543ef1bdcb494cf74f2b35e35a08225d28
2021-02-05 01:28:24 -08:00

494 lines
11 KiB
Text
Raw Blame History

// Copyright (C) 2018 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package {
default_applicable_licenses: ["system_sepolicy_license"],
}
// Added automatically by a large-scale-change that took the approach of
// 'apply every license found to every target'. While this makes sure we respect
// every license restriction, it may not be entirely correct.
//
// e.g. GPL in an MIT project might only apply to the contrib/ directory.
//
// Please consider splitting the single license below into multiple licenses,
// taking care not to lose any license_kind information, and overriding the
// default license using the 'licenses: [...]' property on targets as needed.
//
// For unused files, consider creating a 'filegroup' with "//visibility:private"
// to attach the license to, and including a comment whether the files may be
// used in the current project.
// http://go/android-license-faq
license {
name: "system_sepolicy_license",
visibility: [":__subpackages__"],
license_kinds: [
"SPDX-license-identifier-Apache-2.0",
"legacy_unencumbered",
],
license_text: [
"NOTICE",
],
}
cc_defaults { name: "selinux_policy_version", cflags: ["-DSEPOLICY_VERSION=30"], }
se_filegroup {
name: "26.0.board.compat.map",
srcs: [
"compat/26.0/26.0.cil",
],
}
se_filegroup {
name: "27.0.board.compat.map",
srcs: [
"compat/27.0/27.0.cil",
],
}
se_filegroup {
name: "28.0.board.compat.map",
srcs: [
"compat/28.0/28.0.cil",
],
}
se_filegroup {
name: "29.0.board.compat.map",
srcs: [
"compat/29.0/29.0.cil",
],
}
se_filegroup {
name: "30.0.board.compat.map",
srcs: [
"compat/30.0/30.0.cil",
],
}
se_filegroup {
name: "26.0.board.ignore.map",
srcs: [
"compat/26.0/26.0.ignore.cil",
],
}
se_filegroup {
name: "27.0.board.ignore.map",
srcs: [
"compat/27.0/27.0.ignore.cil",
],
}
se_filegroup {
name: "28.0.board.ignore.map",
srcs: [
"compat/28.0/28.0.ignore.cil",
],
}
se_filegroup {
name: "29.0.board.ignore.map",
srcs: [
"compat/29.0/29.0.ignore.cil",
],
}
se_filegroup {
name: "30.0.board.ignore.map",
srcs: [
"compat/30.0/30.0.ignore.cil",
],
}
se_cil_compat_map {
name: "plat_26.0.cil",
stem: "26.0.cil",
bottom_half: [":26.0.board.compat.map"],
top_half: "plat_27.0.cil",
}
se_cil_compat_map {
name: "plat_27.0.cil",
stem: "27.0.cil",
bottom_half: [":27.0.board.compat.map"],
top_half: "plat_28.0.cil",
}
se_cil_compat_map {
name: "plat_28.0.cil",
stem: "28.0.cil",
bottom_half: [":28.0.board.compat.map"],
top_half: "plat_29.0.cil",
}
se_cil_compat_map {
name: "plat_29.0.cil",
stem: "29.0.cil",
bottom_half: [":29.0.board.compat.map"],
top_half: "plat_30.0.cil",
}
se_cil_compat_map {
name: "plat_30.0.cil",
stem: "30.0.cil",
bottom_half: [":30.0.board.compat.map"],
// top_half: "plat_31.0.cil",
}
se_cil_compat_map {
name: "system_ext_26.0.cil",
stem: "26.0.cil",
bottom_half: [":26.0.board.compat.map"],
top_half: "system_ext_27.0.cil",
system_ext_specific: true,
}
se_cil_compat_map {
name: "system_ext_27.0.cil",
stem: "27.0.cil",
bottom_half: [":27.0.board.compat.map"],
top_half: "system_ext_28.0.cil",
system_ext_specific: true,
}
se_cil_compat_map {
name: "system_ext_28.0.cil",
stem: "28.0.cil",
bottom_half: [":28.0.board.compat.map"],
top_half: "system_ext_29.0.cil",
system_ext_specific: true,
}
se_cil_compat_map {
name: "system_ext_29.0.cil",
stem: "29.0.cil",
bottom_half: [":29.0.board.compat.map"],
top_half: "system_ext_30.0.cil",
system_ext_specific: true,
}
se_cil_compat_map {
name: "system_ext_30.0.cil",
stem: "30.0.cil",
bottom_half: [":30.0.board.compat.map"],
// top_half: "system_ext_31.0.cil",
system_ext_specific: true,
}
se_cil_compat_map {
name: "product_26.0.cil",
stem: "26.0.cil",
bottom_half: [":26.0.board.compat.map"],
top_half: "product_27.0.cil",
product_specific: true,
}
se_cil_compat_map {
name: "product_27.0.cil",
stem: "27.0.cil",
bottom_half: [":27.0.board.compat.map"],
top_half: "product_28.0.cil",
product_specific: true,
}
se_cil_compat_map {
name: "product_28.0.cil",
stem: "28.0.cil",
bottom_half: [":28.0.board.compat.map"],
top_half: "product_29.0.cil",
product_specific: true,
}
se_cil_compat_map {
name: "product_29.0.cil",
stem: "29.0.cil",
bottom_half: [":29.0.board.compat.map"],
top_half: "product_30.0.cil",
product_specific: true,
}
se_cil_compat_map {
name: "product_30.0.cil",
stem: "30.0.cil",
bottom_half: [":30.0.board.compat.map"],
// top_half: "product_31.0.cil",
product_specific: true,
}
se_cil_compat_map {
name: "26.0.ignore.cil",
bottom_half: [":26.0.board.ignore.map"],
top_half: "27.0.ignore.cil",
}
se_cil_compat_map {
name: "27.0.ignore.cil",
bottom_half: [":27.0.board.ignore.map"],
top_half: "28.0.ignore.cil",
}
se_cil_compat_map {
name: "28.0.ignore.cil",
bottom_half: [":28.0.board.ignore.map"],
top_half: "29.0.ignore.cil",
}
se_cil_compat_map {
name: "29.0.ignore.cil",
bottom_half: [":29.0.board.ignore.map"],
top_half: "30.0.ignore.cil",
}
se_cil_compat_map {
name: "30.0.ignore.cil",
bottom_half: [":30.0.board.ignore.map"],
// top_half: "31.0.ignore.cil",
}
prebuilt_etc {
name: "26.0.compat.cil",
src: "private/compat/26.0/26.0.compat.cil",
sub_dir: "selinux/mapping",
}
prebuilt_etc {
name: "27.0.compat.cil",
src: "private/compat/27.0/27.0.compat.cil",
sub_dir: "selinux/mapping",
}
prebuilt_etc {
name: "28.0.compat.cil",
src: "private/compat/28.0/28.0.compat.cil",
sub_dir: "selinux/mapping",
}
prebuilt_etc {
name: "29.0.compat.cil",
src: "private/compat/29.0/29.0.compat.cil",
sub_dir: "selinux/mapping",
}
prebuilt_etc {
name: "30.0.compat.cil",
src: "private/compat/30.0/30.0.compat.cil",
sub_dir: "selinux/mapping",
}
se_filegroup {
name: "file_contexts_files",
srcs: ["file_contexts"],
}
se_filegroup {
name: "file_contexts_asan_files",
srcs: ["file_contexts_asan"],
}
se_filegroup {
name: "file_contexts_overlayfs_files",
srcs: ["file_contexts_overlayfs"],
}
se_filegroup {
name: "hwservice_contexts_files",
srcs: ["hwservice_contexts"],
}
se_filegroup {
name: "property_contexts_files",
srcs: ["property_contexts"],
}
se_filegroup {
name: "service_contexts_files",
srcs: ["service_contexts"],
}
se_filegroup {
name: "keystore2_key_contexts_files",
srcs: ["keystore2_key_contexts"],
}
file_contexts {
name: "plat_file_contexts",
srcs: [":file_contexts_files"],
product_variables: {
address_sanitize: {
srcs: [":file_contexts_asan_files"],
},
debuggable: {
srcs: [":file_contexts_overlayfs_files"],
},
},
flatten_apex: {
srcs: ["apex/*-file_contexts"],
},
recovery_available: true,
}
file_contexts {
name: "vendor_file_contexts",
srcs: [":file_contexts_files"],
soc_specific: true,
recovery_available: true,
}
file_contexts {
name: "system_ext_file_contexts",
srcs: [":file_contexts_files"],
system_ext_specific: true,
recovery_available: true,
}
file_contexts {
name: "product_file_contexts",
srcs: [":file_contexts_files"],
product_specific: true,
recovery_available: true,
}
file_contexts {
name: "odm_file_contexts",
srcs: [":file_contexts_files"],
device_specific: true,
recovery_available: true,
}
hwservice_contexts {
name: "plat_hwservice_contexts",
srcs: [":hwservice_contexts_files"],
}
hwservice_contexts {
name: "system_ext_hwservice_contexts",
srcs: [":hwservice_contexts_files"],
system_ext_specific: true,
}
hwservice_contexts {
name: "product_hwservice_contexts",
srcs: [":hwservice_contexts_files"],
product_specific: true,
}
hwservice_contexts {
name: "vendor_hwservice_contexts",
srcs: [":hwservice_contexts_files"],
reqd_mask: true,
soc_specific: true,
}
hwservice_contexts {
name: "odm_hwservice_contexts",
srcs: [":hwservice_contexts_files"],
device_specific: true,
}
property_contexts {
name: "plat_property_contexts",
srcs: [":property_contexts_files"],
recovery_available: true,
}
property_contexts {
name: "system_ext_property_contexts",
srcs: [":property_contexts_files"],
system_ext_specific: true,
recovery_available: true,
}
property_contexts {
name: "product_property_contexts",
srcs: [":property_contexts_files"],
product_specific: true,
recovery_available: true,
}
property_contexts {
name: "vendor_property_contexts",
srcs: [":property_contexts_files"],
reqd_mask: true,
soc_specific: true,
recovery_available: true,
}
property_contexts {
name: "odm_property_contexts",
srcs: [":property_contexts_files"],
device_specific: true,
recovery_available: true,
}
service_contexts {
name: "plat_service_contexts",
srcs: [":service_contexts_files"],
}
service_contexts {
name: "system_ext_service_contexts",
srcs: [":service_contexts_files"],
system_ext_specific: true,
}
service_contexts {
name: "product_service_contexts",
srcs: [":service_contexts_files"],
product_specific: true,
}
service_contexts {
name: "vendor_service_contexts",
srcs: [":service_contexts_files"],
reqd_mask: true,
soc_specific: true,
}
keystore2_key_contexts {
name: "plat_keystore2_key_contexts",
srcs: [":keystore2_key_contexts_files"],
}
keystore2_key_contexts {
name: "system_keystore2_key_contexts",
srcs: [":keystore2_key_contexts_files"],
system_ext_specific: true,
}
keystore2_key_contexts {
name: "product_keystore2_key_contexts",
srcs: [":keystore2_key_contexts_files"],
product_specific: true,
}
keystore2_key_contexts {
name: "vendor_keystore2_key_contexts",
srcs: [":keystore2_key_contexts_files"],
reqd_mask: true,
soc_specific: true,
}
// For vts_treble_sys_prop_test
filegroup {
name: "private_property_contexts",
srcs: ["private/property_contexts"],
visibility: [
"//test/vts-testcase/security/system_property",
],
}
Reference in a new issue View git blame Copy permalink