Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 9823116355b6289bcd60a687b86e94e939674087^! / .
commit9823116355b6289bcd60a687b86e94e939674087[log] [tgz]
authorBowgo Tsai <bowgotsai@google.com>Mon Sep 09 22:05:29 2019 +0800
committerBowgo Tsai <bowgotsai@google.com>Thu Sep 26 21:29:30 2019 +0800
treec530afd0f6bae96fad6d4d52e3165483b2619ab3
parent1864cd02fc345d92d28a245b9b082e580dd907bf [diff]
Separate system_ext_service_contexts out of system sepolicy.

Bug: 137712473
Test: boot crosshatch
Change-Id: If483e7a99dc07f082dd0ecd0162a54140a3267de

diff --git a/Android.bp b/Android.bp
index e8bb270..b3e26ba 100644
--- a/Android.bp
+++ b/Android.bp

@@ -290,6 +290,12 @@
 }
 
 service_contexts {
+    name: "system_ext_service_contexts",
+    srcs: [":service_contexts_files"],
+    system_ext_specific: true,
+}
+
+service_contexts {
     name: "product_service_contexts",
     srcs: [":service_contexts_files"],
     product_specific: true,

diff --git a/Android.mk b/Android.mk
index e570247..f8b6803 100644
--- a/Android.mk
+++ b/Android.mk

@@ -321,6 +321,8 @@
     system_ext_property_contexts \
     system_ext_property_contexts_test \
     system_ext_seapp_contexts \
+    system_ext_service_contexts \
+    system_ext_service_contexts_test \
     system_ext_mapping_file \
 
 endif

diff --git a/contexts_tests.mk b/contexts_tests.mk
index 0b7e856..ac1c341 100644
--- a/contexts_tests.mk
+++ b/contexts_tests.mk

@@ -245,6 +245,17 @@
 ##################################
 include $(CLEAR_VARS)
 
+LOCAL_MODULE := system_ext_service_contexts_test
+LOCAL_MODULE_CLASS := FAKE
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SYSTEM)/base_rules.mk
+
+$(eval $(call run_contexts_test, $(system_ext_out)/system_ext_service_contexts, $(checkfc), -s))
+
+##################################
+include $(CLEAR_VARS)
+
 LOCAL_MODULE := product_service_contexts_test
 LOCAL_MODULE_CLASS := FAKE
 LOCAL_MODULE_TAGS := optional

diff --git a/private/file_contexts b/private/file_contexts
index 3d967a7..aa620fa 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -426,6 +426,7 @@
 /(system_ext|system/system_ext)/etc/selinux/system_ext_hwservice_contexts u:object_r:hwservice_contexts_file:s0
 /(system_ext|system/system_ext)/etc/selinux/system_ext_property_contexts  u:object_r:property_contexts_file:s0
 /(system_ext|system/system_ext)/etc/selinux/system_ext_seapp_contexts     u:object_r:seapp_contexts_file:s0
+/(system_ext|system/system_ext)/etc/selinux/system_ext_service_contexts   u:object_r:service_contexts_file:s0
 
 #############################
 # Vendor files from /(product|system/product)/vendor_overlay