e49714542e
This CL lists all the exported platform properties in private/exported_property_contexts. Additionally accessing core_property_type from vendor components is restricted. Instead public_readable_property_type is used to allow vendor components to read exported platform properties, and accessibility from vendor_init is also specified explicitly. Note that whitelisting would be applied only if PRODUCT_COMPATIBLE_PROPERTY is set on. Bug: 38146102 Test: tested on walleye with PRODUCT_COMPATIBLE_PROPERTY=true Change-Id: I304ba428cc4ca82668fec2ddeb17c971e7ec065e
16 lines
657 B
Makefile
16 lines
657 B
Makefile
# Command to turn collection of policy files into a policy.conf file to be
|
|
# processed by checkpolicy
|
|
define transform-policy-to-conf
|
|
@mkdir -p $(dir $@)
|
|
$(hide) m4 $(PRIVATE_ADDITIONAL_M4DEFS) \
|
|
-D mls_num_sens=$(PRIVATE_MLS_SENS) -D mls_num_cats=$(PRIVATE_MLS_CATS) \
|
|
-D target_build_variant=$(TARGET_BUILD_VARIANT) \
|
|
-D target_with_dexpreopt=$(WITH_DEXPREOPT) \
|
|
-D target_arch=$(PRIVATE_TGT_ARCH) \
|
|
-D target_with_asan=$(PRIVATE_TGT_WITH_ASAN) \
|
|
-D target_full_treble=$(PRIVATE_SEPOLICY_SPLIT) \
|
|
-D target_compatible_property=$(PRIVATE_COMPATIBLE_PROPERTY) \
|
|
$(PRIVATE_TGT_RECOVERY) \
|
|
-s $^ > $@
|
|
endef
|
|
.KATI_READONLY := transform-policy-to-conf
|