diff --git a/Android.mk b/Android.mk index 269e66e7c333bf2540a0c5a611216eba97740874..2ef72fc7081612e7b8b276f68f5e236af411345b 100644 --- a/Android.mk +++ b/Android.mk @@ -760,56 +760,64 @@ $(LOCAL_BUILT_MODULE): $(addprefix $(PLAT_PRIVATE_POLICY)/, seapp_contexts) ################################## include $(CLEAR_VARS) -LOCAL_MODULE := property_contexts +LOCAL_MODULE := plat_property_contexts LOCAL_MODULE_CLASS := ETC LOCAL_MODULE_TAGS := optional +# TODO: Change module path to TARGET_SYSTEM_OUT after b/27805372 LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT) include $(BUILD_SYSTEM)/base_rules.mk -all_pc_files := $(call build_policy, property_contexts, $(PLAT_PRIVATE_POLICY) $(BOARD_SEPOLICY_DIRS)) -all_pcfiles_with_nl := $(call add_nl, $(all_pc_files), $(built_nl)) +plat_pcfiles := $(call build_policy, property_contexts, $(PLAT_PRIVATE_POLICY)) -property_contexts.tmp := $(intermediates)/property_contexts.tmp -$(property_contexts.tmp): PRIVATE_PC_FILES := $(all_pcfiles_with_nl) -$(property_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS) -$(property_contexts.tmp): $(all_pcfiles_with_nl) +plat_property_contexts.tmp := $(intermediates)/plat_property_contexts.tmp +$(plat_property_contexts.tmp): PRIVATE_PC_FILES := $(plat_pcfiles) +$(plat_property_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS) +$(plat_property_contexts.tmp): $(plat_pcfiles) @mkdir -p $(dir $@) $(hide) m4 -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_PC_FILES) > $@ $(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_sepolicy) -$(LOCAL_BUILT_MODULE): $(property_contexts.tmp) $(built_sepolicy) $(HOST_OUT_EXECUTABLES)/checkfc +$(LOCAL_BUILT_MODULE): $(plat_property_contexts.tmp) $(built_sepolicy) $(HOST_OUT_EXECUTABLES)/checkfc @mkdir -p $(dir $@) $(hide) sed -e 's/#.*$$//' -e '/^$$/d' $< > $@ $(hide) $(HOST_OUT_EXECUTABLES)/checkfc -p $(PRIVATE_SEPOLICY) $@ -built_pc := $(LOCAL_BUILT_MODULE) -all_pc_files := -all_pcfiles_with_nl := -property_contexts.tmp := +built_plat_pc := $(LOCAL_BUILT_MODULE) +plat_pc_files := +plat_property_contexts.tmp := ################################## include $(CLEAR_VARS) -LOCAL_MODULE := general_property_contexts +LOCAL_MODULE := nonplat_property_contexts LOCAL_MODULE_CLASS := ETC -LOCAL_MODULE_TAGS := tests +LOCAL_MODULE_TAGS := optional +# TODO: Change module path to TARGET_SYSTEM_OUT after b/27805372 +LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT) include $(BUILD_SYSTEM)/base_rules.mk -general_property_contexts.tmp := $(intermediates)/general_property_contexts.tmp -$(general_property_contexts.tmp): $(addprefix $(PLAT_PRIVATE_POLICY)/, property_contexts) +nonplat_pcfiles := $(call build_policy, property_contexts, $(BOARD_SEPOLICY_DIRS) $(REQD_MASK_POLICY)) + +nonplat_property_contexts.tmp := $(intermediates)/nonplat_property_contexts.tmp +$(nonplat_property_contexts.tmp): PRIVATE_PC_FILES := $(nonplat_pcfiles) +$(nonplat_property_contexts.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS) +$(nonplat_property_contexts.tmp): $(nonplat_pcfiles) @mkdir -p $(dir $@) - $(hide) m4 -s $< > $@ + $(hide) m4 -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_PC_FILES) > $@ -$(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_general_sepolicy) -$(LOCAL_BUILT_MODULE): $(general_property_contexts.tmp) $(built_general_sepolicy) $(HOST_OUT_EXECUTABLES)/checkfc $(ACP) + +$(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_sepolicy) +$(LOCAL_BUILT_MODULE): $(nonplat_property_contexts.tmp) $(built_sepolicy) $(HOST_OUT_EXECUTABLES)/checkfc @mkdir -p $(dir $@) $(hide) sed -e 's/#.*$$//' -e '/^$$/d' $< > $@ $(hide) $(HOST_OUT_EXECUTABLES)/checkfc -p $(PRIVATE_SEPOLICY) $@ -general_property_contexts.tmp := +built_nonplat_pc := $(LOCAL_BUILT_MODULE) +nonplat_pc_files := +nonplat_property_contexts.tmp := ################################## include $(CLEAR_VARS) @@ -942,7 +950,7 @@ LOCAL_MODULE_TAGS := optional LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT) include $(BUILD_SYSTEM)/base_rules.mk -$(LOCAL_BUILT_MODULE): $(built_sepolicy) $(built_pc) $(built_plat_fc) \ +$(LOCAL_BUILT_MODULE): $(built_sepolicy) $(built_plat_pc) $(built_nonplat_pc) $(built_plat_fc) \ $(buit_nonplat_fc) $(built_plat_sc) $(built_nonplat_sc) $(built_plat_svc) $(built_nonplat_svc) @mkdir -p $(dir $@) $(hide) echo -n $(BUILD_FINGERPRINT_FROM_FILE) > $@ @@ -957,7 +965,8 @@ built_nonplat_fc := built_general_sepolicy := built_general_sepolicy.conf := built_nl := -built_pc := +built_plat_pc := +built_nonplat_pc := built_nonplat_sc := built_plat_sc := built_sepolicy := diff --git a/private/file_contexts b/private/file_contexts index 90124b73d7be6e38455bb44f4291caf4d4032393..98a3c23956ed185f9d8e96e0909157b1a752ee86 100644 --- a/private/file_contexts +++ b/private/file_contexts @@ -41,7 +41,8 @@ /mapping_sepolicy\.cil u:object_r:rootfs:s0 /nonplat_sepolicy\.cil u:object_r:rootfs:s0 /plat_sepolicy\.cil u:object_r:rootfs:s0 -/property_contexts u:object_r:property_contexts:s0 +/plat_property_contexts u:object_r:property_contexts:s0 +/nonplat_property_contexts u:object_r:property_contexts:s0 /seapp_contexts u:object_r:rootfs:s0 /nonplat_seapp_contexts u:object_r:rootfs:s0 /plat_seapp_contexts u:object_r:rootfs:s0 diff --git a/reqd_mask/property_contexts b/reqd_mask/property_contexts new file mode 100644 index 0000000000000000000000000000000000000000..8e0bdbbde27a948ae3057cb2ac9175f1cc04c5ef --- /dev/null +++ b/reqd_mask/property_contexts @@ -0,0 +1,3 @@ +# empty property_contexts file - this file is used to generate an empty +# non-platform property context for devices without any property_contexts +# customizations.