Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / d57789fde83d97eaf8ab0b973afd08ffaa93d883^! / . / Android.mk
commitd57789fde83d97eaf8ab0b973afd08ffaa93d883[log] [tgz]
authorTri Vo <trong@google.com>Mon Dec 17 16:35:41 2018 -0800
committerTri Vo <trong@google.com>Mon Dec 17 16:57:57 2018 -0800
tree25988181117937a2657010ad345d7920e4af01e9
parentf0b4fedc1c29dcf7cf90c860a38275b14db4a6f0 [diff] [blame]
Replace "grep -f" with python util.

grep can potentially run out of memory on Mac builds for large input
files. So we add a python util to handle filtering out files.

We will also need this util to filter plat_sepolicy.cil out of
product_sepolicy.cil

Bug: 119305624
Test: boot aosp_taimen
Change-Id: I61cd68f407ea5de43a06bf522a5fc149e5067e8c

diff --git a/Android.mk b/Android.mk
index fcf9d9a..36009d3 100644
--- a/Android.mk
+++ b/Android.mk

@@ -392,10 +392,12 @@
 plat_pub_policy.cil := $(intermediates)/plat_pub_policy.cil
 $(plat_pub_policy.cil): PRIVATE_POL_CONF := $(plat_pub_policy.conf)
 $(plat_pub_policy.cil): PRIVATE_REQD_MASK := $(reqd_policy_mask.cil)
-$(plat_pub_policy.cil): $(HOST_OUT_EXECUTABLES)/checkpolicy $(plat_pub_policy.conf) $(reqd_policy_mask.cil)
+$(plat_pub_policy.cil): $(HOST_OUT_EXECUTABLES)/checkpolicy \
+$(HOST_OUT_EXECUTABLES)/build_sepolicy $(plat_pub_policy.conf) $(reqd_policy_mask.cil)
 	@mkdir -p $(dir $@)
-	$(hide) $(CHECKPOLICY_ASAN_OPTIONS) $< -C -M -c $(POLICYVERS) -o $@.tmp $(PRIVATE_POL_CONF)
-	$(hide) grep -Fxv -f $(PRIVATE_REQD_MASK) $@.tmp > $@
+	$(hide) $(CHECKPOLICY_ASAN_OPTIONS) $< -C -M -c $(POLICYVERS) -o $@ $(PRIVATE_POL_CONF)
+	$(hide) $(HOST_OUT_EXECUTABLES)/build_sepolicy -a $(HOST_OUT_EXECUTABLES) filter_out \
+		-f $(PRIVATE_REQD_MASK) -t $@
 
 plat_pub_policy.conf :=
 
@@ -1641,10 +1643,12 @@
 base_plat_pub_policy.cil := $(intermediates)/base_plat_pub_policy.cil
 $(base_plat_pub_policy.cil): PRIVATE_POL_CONF := $(base_plat_pub_policy.conf)
 $(base_plat_pub_policy.cil): PRIVATE_REQD_MASK := $(reqd_policy_mask.cil)
-$(base_plat_pub_policy.cil): $(HOST_OUT_EXECUTABLES)/checkpolicy $(base_plat_pub_policy.conf) $(reqd_policy_mask.cil)
+$(base_plat_pub_policy.cil): $(HOST_OUT_EXECUTABLES)/checkpolicy \
+$(HOST_OUT_EXECUTABLES)/build_sepolicy $(base_plat_pub_policy.conf) $(reqd_policy_mask.cil)
 	@mkdir -p $(dir $@)
-	$(hide) $(CHECKPOLICY_ASAN_OPTIONS) $< -C -M -c $(POLICYVERS) -o $@.tmp $(PRIVATE_POL_CONF)
-	$(hide) grep -Fxv -f $(PRIVATE_REQD_MASK) $@.tmp > $@
+	$(hide) $(CHECKPOLICY_ASAN_OPTIONS) $< -C -M -c $(POLICYVERS) -o $@ $(PRIVATE_POL_CONF)
+	$(hide) $(HOST_OUT_EXECUTABLES)/build_sepolicy -a $(HOST_OUT_EXECUTABLES) filter_out \
+		-f $(PRIVATE_REQD_MASK) -t $@
 
 all_fc_files := $(built_plat_fc) $(built_vendor_fc)
 ifdef BOARD_ODM_SEPOLICY_DIRS