Run neverallow tests on build time
sepolicy_neverallows hasn't been running on `m droid` because of
LOCAL_UNINSTALLED_MODULE := true.
Test: m selinux_policy
Change-Id: Ia7a79723a0f92e659171f50a0829baf83f311661
diff --git a/Android.mk b/Android.mk
index 37acb75..5d2a208 100644
--- a/Android.mk
+++ b/Android.mk
@@ -443,7 +443,6 @@
# See Android.bp for details of policy files.
#
built_sepolicy := $(call intermediates-dir-for,ETC,precompiled_sepolicy)/precompiled_sepolicy
-built_sepolicy_neverallows := $(call intermediates-dir-for,ETC,sepolicy_neverallows)/sepolicy_neverallows
##################################
# TODO - remove this. Keep around until we get the filesystem creation stuff taken care of.
@@ -572,6 +571,5 @@
build_policy :=
built_sepolicy :=
-built_sepolicy_neverallows :=
sepolicy_build_files :=
with_asan :=
diff --git a/build/soong/sepolicy_neverallow.go b/build/soong/sepolicy_neverallow.go
index 6e159e9..d46c6b4 100644
--- a/build/soong/sepolicy_neverallow.go
+++ b/build/soong/sepolicy_neverallow.go
@@ -189,10 +189,11 @@
func (n *neverallowTestModule) AndroidMkEntries() []android.AndroidMkEntries {
return []android.AndroidMkEntries{android.AndroidMkEntries{
OutputFile: android.OptionalPathForPath(n.testTimestamp),
- Class: "ETC",
+ Class: "FAKE",
+ Include: "$(BUILD_PHONY_PACKAGE)",
ExtraEntries: []android.AndroidMkExtraEntriesFunc{
func(ctx android.AndroidMkExtraEntriesContext, entries *android.AndroidMkEntries) {
- entries.SetBool("LOCAL_UNINSTALLABLE_MODULE", true)
+ entries.SetPath("LOCAL_ADDITIONAL_DEPENDENCIES", n.testTimestamp)
},
},
}}