Extend sepolicy for SANITIZE_TARGET. SANITIZE_TARGET adds shared libraries in /data/lib. Bug: 21785137 Change-Id: I8ac3d059d88d57d24ed762ffc6202a4ce5a42333

commit: 930304829b2cadd3c88876c6234af702d1e43bd5 [log] [tgz]
author: Evgenii Stepanov <eugenis@google.com> Fri Jun 12 17:18:20 2015 -0700
committer: Evgenii Stepanov <eugenis@google.com> Fri Jun 12 17:19:30 2015 -0700
tree: 9d8db2302c475b1b9870aea90f8f8f001dede2f3
parent: cc905d8cdb5bf40fdb5b7dc87a547e2b8248e51d [diff]
diff --git a/Android.mk b/Android.mk
index 3635a01..8189f88 100644
--- a/Android.mk
+++ b/Android.mk

@@ -133,7 +133,11 @@
 
 include $(BUILD_SYSTEM)/base_rules.mk
 
-ALL_FC_FILES := $(call build_policy, file_contexts)
+FILE_CONTEXTS := file_contexts
+ifeq (address,$(strip $(SANITIZE_TARGET)))
+  FILE_CONTEXTS := $(FILE_CONTEXTS) file_contexts_asan
+endif
+ALL_FC_FILES := $(call build_policy, $(FILE_CONTEXTS))
 
 $(LOCAL_BUILT_MODULE): PRIVATE_SEPOLICY := $(built_sepolicy)
 $(LOCAL_BUILT_MODULE):  $(ALL_FC_FILES) $(built_sepolicy) $(HOST_OUT_EXECUTABLES)/checkfc

diff --git a/file_contexts_asan b/file_contexts_asan
new file mode 100644
index 0000000..c125595
--- /dev/null
+++ b/file_contexts_asan

@@ -0,0 +1 @@
+/data/lib(/.*)?		u:object_r:system_file:s0
commit	930304829b2cadd3c88876c6234af702d1e43bd5	[log] [tgz]
author	Evgenii Stepanov <eugenis@google.com>	Fri Jun 12 17:18:20 2015 -0700
committer	Evgenii Stepanov <eugenis@google.com>	Fri Jun 12 17:19:30 2015 -0700
tree	9d8db2302c475b1b9870aea90f8f8f001dede2f3
parent	cc905d8cdb5bf40fdb5b7dc87a547e2b8248e51d [diff]