From 930304829b2cadd3c88876c6234af702d1e43bd5 Mon Sep 17 00:00:00 2001
From: Evgenii Stepanov <eugenis@google.com>
Date: Fri, 12 Jun 2015 17:18:20 -0700
Subject: [PATCH] Extend sepolicy for SANITIZE_TARGET.

SANITIZE_TARGET adds shared libraries in /data/lib.

Bug: 21785137
Change-Id: I8ac3d059d88d57d24ed762ffc6202a4ce5a42333
---
 Android.mk         | 6 +++++-
 file_contexts_asan | 1 +
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 file_contexts_asan

diff --git a/Android.mk b/Android.mk
index 3635a01a2..8189f88f3 100644
--- a/Android.mk
+++ b/Android.mk
@@ -133,7 +133,11 @@ LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
 
 include $(BUILD_SYSTEM)/base_rules.mk
 
-ALL_FC_FILES := $(call build_policy, file_contexts)
+FILE_CONTEXTS := file_contexts
+ifeq (address,$(strip $(SANITIZE_TARGET)))
+  FILE_CONTEXTS := $(FILE_CONTEXTS) file_contexts_asan
+endif
+ALL_FC_FILES := $(call build_policy, $(FILE_CONTEXTS))
 
 $(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_sepolicy)
 $(LOCAL_BUILT_MODULE):  $(ALL_FC_FILES) $(built_sepolicy) $(HOST_OUT_EXECUTABLES)/checkfc
diff --git a/file_contexts_asan b/file_contexts_asan
new file mode 100644
index 000000000..c12559539
--- /dev/null
+++ b/file_contexts_asan
@@ -0,0 +1 @@
+/data/lib(/.*)?		u:object_r:system_file:s0
-- 
GitLab