Merge changes from topic "revert-2715179-BUILD_BROKEN_VENDOR_SEAPP_USES_COREDOMAIN-HHKXHMATFW" into main
* changes:
Don't check seapp violations for U or prior
Revert "Add BUILD_BROKEN_VENDOR_SEAPP_USES_COREDOMAIN"
diff --git a/Android.mk b/Android.mk
index fcecb29..d496f1d 100644
--- a/Android.mk
+++ b/Android.mk
@@ -221,6 +221,14 @@
treble_sysprop_neverallow := false
endif
+ifeq ($(PRODUCT_SHIPPING_API_LEVEL),)
+ #$(warning no product shipping level defined)
+else ifneq ($(call math_lt,29,$(PRODUCT_SHIPPING_API_LEVEL)),)
+ ifneq ($(BUILD_BROKEN_TREBLE_SYSPROP_NEVERALLOW),)
+ $(error BUILD_BROKEN_TREBLE_SYSPROP_NEVERALLOW cannot be set on a device shipping with R or later, and this is tested by CTS.)
+ endif
+endif
+
enforce_sysprop_owner := true
ifeq ($(BUILD_BROKEN_ENFORCE_SYSPROP_OWNER),true)
enforce_sysprop_owner := false
@@ -231,33 +239,14 @@
enforce_debugfs_restriction := true
endif
-ifneq ($(PRODUCT_SHIPPING_API_LEVEL),)
- product_shipping_api_level := $(PRODUCT_SHIPPING_API_LEVEL)
-else
+ifeq ($(PRODUCT_SHIPPING_API_LEVEL),)
#$(warning no product shipping level defined)
- product_shipping_api_level := 0
-endif
-
-ifneq ($(BUILD_BROKEN_TREBLE_SYSPROP_NEVERALLOW),)
- ifneq ($(call math_lt,29,$(product_shipping_api_level)),)
- $(error BUILD_BROKEN_TREBLE_SYSPROP_NEVERALLOW cannot be set on a device shipping with R or later, and this is tested by CTS.)
- endif
-endif
-
-ifneq ($(BUILD_BROKEN_ENFORCE_SYSPROP_OWNER),)
- ifneq ($(call math_lt,30,$(product_shipping_api_level)),)
+else ifneq ($(call math_lt,30,$(PRODUCT_SHIPPING_API_LEVEL)),)
+ ifneq ($(BUILD_BROKEN_ENFORCE_SYSPROP_OWNER),)
$(error BUILD_BROKEN_ENFORCE_SYSPROP_OWNER cannot be set on a device shipping with S or later, and this is tested by CTS.)
endif
endif
-ifneq ($(BUILD_BROKEN_VENDOR_SEAPP_USES_COREDOMAIN),)
- ifneq ($(call math_lt,34,$(product_shipping_api_level)),)
- $(error BUILD_BROKEN_VENDOR_SEAPP_USES_COREDOMAIN cannot be set on a device shipping with V or later, and this is tested by CTS.)
- endif
-endif
-
-product_shipping_api_level :=
-
# Library extension for host-side tests
ifeq ($(HOST_OS),darwin)
SHAREDLIB_EXT=dylib
diff --git a/build/soong/selinux_contexts.go b/build/soong/selinux_contexts.go
index 8e3657b..f3fb33c 100644
--- a/build/soong/selinux_contexts.go
+++ b/build/soong/selinux_contexts.go
@@ -440,8 +440,10 @@
Inputs(inputs).
Input(neverallowFile)
- if (ctx.SocSpecific() || ctx.DeviceSpecific()) && !ctx.DeviceConfig().BuildBrokenVendorSeappUsesCoredomain() {
- checkCmd.Flag("-c") // check coredomain
+ shippingApiLevel := ctx.DeviceConfig().ShippingApiLevel()
+ ApiLevelU := android.ApiLevelOrPanic(ctx, "UpsideDownCake")
+ if (ctx.SocSpecific() || ctx.DeviceSpecific()) && shippingApiLevel.GreaterThan(ApiLevelU) {
+ checkCmd.Flag("-c") // check coredomain for V (or later) launching devices
}
rule.Build("seapp_contexts", "Building seapp_contexts: "+m.Name())