Finalize prebuilt CTS artifacts
These three files, general_sepolicy.conf / mapping.cil /
plat_sepolicy.cil will be used to test vendor sepolicy's neverallow
rules.
Ignore-AOSP-First: vFRC
Bug: 330671085
Test: build
Change-Id: I763c9a1e647d614b84c0f7fe3d69affbe64f6153
diff --git a/tools/finalize-vintf-resources.sh b/tools/finalize-vintf-resources.sh
index 7d0ae51..2fcf351 100755
--- a/tools/finalize-vintf-resources.sh
+++ b/tools/finalize-vintf-resources.sh
@@ -22,11 +22,12 @@
top=$1
ver=$2
-mkdir -p "$top/system/sepolicy/prebuilts/api/${ver}/"
-cp -r "$top/system/sepolicy/public/" "$top/system/sepolicy/prebuilts/api/${ver}/"
-cp -r "$top/system/sepolicy/private/" "$top/system/sepolicy/prebuilts/api/${ver}/"
+prebuilt_dir=$top/system/sepolicy/prebuilts/api/$ver
+mkdir -p "$prebuilt_dir"
+cp -r "$top/system/sepolicy/public/" "$prebuilt_dir"
+cp -r "$top/system/sepolicy/private/" "$prebuilt_dir"
-cat > "$top/system/sepolicy/prebuilts/api/${ver}/Android.bp" <<EOF
+cat > "$prebuilt_dir/Android.bp" <<EOF
// Automatically generated file, do not edit!
se_policy_conf {
name: "${ver}_plat_pub_policy.conf",
@@ -99,3 +100,22 @@
},
}
EOF
+
+# Build general_sepolicy.conf, plat_sepolicy.cil, and mapping file for CTS
+DIST_DIR=out/dist $top/build/soong/soong_ui.bash --make-mode dist sepolicy_finalize
+
+cp "$top/out/dist/plat_sepolicy.cil" "$prebuilt_dir/${ver}_plat_sepolicy.cil"
+cp "$top/out/dist/general_sepolicy.conf" "$prebuilt_dir/${ver}_general_sepolicy.conf"
+cp "$top/out/dist/$ver.cil" "$prebuilt_dir/${ver}_mapping.cil"
+
+cat >> "$prebuilt_dir/Android.bp" <<EOF
+
+filegroup {
+ name: "${ver}_sepolicy_cts_data",
+ srcs: [
+ "${ver}_general_sepolicy.conf",
+ "${ver}_plat_sepolicy.cil",
+ "${ver}_mapping.cil",
+ ],
+}
+EOF