Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 50aa029f4b6cf5cce7a71214ccd284c20ce45513^! / . / Android.bp
commit50aa029f4b6cf5cce7a71214ccd284c20ce45513[log] [tgz]
authorTri Vo <trong@google.com>Sat Jun 01 17:04:13 2019 -0700
committerTri Vo <trong@google.com>Sat Jun 01 17:20:34 2019 -0700
tree7905b6bc76d3100af9e4855353a4a954bf87505a
parent336d0fed4ec39fb1d260d1b4466aeee383d620c5 [diff] [blame]
Reland "Add 29.0 mapping files"

Steps taken to produce the mapping files:

1. Add prebuilts/api/29.0/[plat_pub_versioned.cil|vendor_sepolicy.cil]
plat_pub_versioned.cil contains all public attributes and types from Q
Leave vendor_sepolicy.cil is empty.

2. Add new file private/compat/29.0/29.0.cil by doing the following:
- copy /system/etc/selinux/mapping/29.0.cil from pi-dev aosp_arm64-eng
device to private/compat/29.0/29.0.cil
- remove all attribute declaration statement (typeattribute ...) and
sort lines alphabetically
- some selinux types were added/renamed/deleted w.r.t 29 sepolicy.
Find all such types using treble_sepolicy_tests_29.0 test.
- for all these types figure out where to map them by looking at
28.0.[ignore.]cil files and add approprite entries to 29.0.[ignore.]cil.

This change also enables treble_sepolicy_tests_29.0 and installs
29.0.cil mapping file onto the device.

Bug: 133155528
Bug: 133196056
Test: m treble_sepolicy_tests_29.0
Test: m 29.0_compat_test
Test: m selinux_policy
Change-Id: I9e83e9bf118c8b8f8fcf84d5c0dcb6eb588e0d55

diff --git a/Android.bp b/Android.bp
index 2934cd9..bf91041 100644
--- a/Android.bp
+++ b/Android.bp

@@ -36,6 +36,13 @@
 }
 
 se_filegroup {
+    name: "29.0.board.compat.map",
+    srcs: [
+        "compat/29.0/29.0.cil",
+    ],
+}
+
+se_filegroup {
     name: "26.0.board.ignore.map",
     srcs: [
         "compat/26.0/26.0.ignore.cil",
@@ -56,6 +63,13 @@
     ],
 }
 
+se_filegroup {
+    name: "29.0.board.ignore.map",
+    srcs: [
+        "compat/29.0/29.0.ignore.cil",
+    ],
+}
+
 se_cil_compat_map {
     name: "26.0.cil",
     bottom_half: [":26.0.board.compat.map"],
@@ -71,7 +85,13 @@
 se_cil_compat_map {
     name: "28.0.cil",
     bottom_half: [":28.0.board.compat.map"],
-    // top_half: "29.0.cil",
+    top_half: "29.0.cil",
+}
+
+se_cil_compat_map {
+    name: "29.0.cil",
+    bottom_half: [":29.0.board.compat.map"],
+    // top_half: "30.0.cil",
 }
 
 se_cil_compat_map {
@@ -92,9 +112,15 @@
     // top_half: "29.0.ignore.cil",
 }
 
+se_cil_compat_map {
+    name: "29.0.ignore.cil",
+    bottom_half: [":29.0.board.ignore.map"],
+    // top_half: "30.0.ignore.cil",
+}
+
 prebuilt_etc {
-    name: "28.0.compat.cil",
-    src: "private/compat/28.0/28.0.compat.cil",
+    name: "26.0.compat.cil",
+    src: "private/compat/26.0/26.0.compat.cil",
     sub_dir: "selinux/mapping",
 }
 
@@ -105,8 +131,14 @@
 }
 
 prebuilt_etc {
-    name: "26.0.compat.cil",
-    src: "private/compat/26.0/26.0.compat.cil",
+    name: "28.0.compat.cil",
+    src: "private/compat/28.0/28.0.compat.cil",
+    sub_dir: "selinux/mapping",
+}
+
+prebuilt_etc {
+    name: "29.0.compat.cil",
+    src: "private/compat/29.0/29.0.compat.cil",
     sub_dir: "selinux/mapping",
 }