Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 122f787b8a10d96c9a95a8e67fc4130bb0f87332 / . / mac_permissions.mk
blob: ad17b8f9084b4ad8659b77c829504ed3ef638cc9 [file] [log] [blame]
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]1include $(CLEAR_VARS)
2
3LOCAL_MODULE := plat_mac_permissions.xml
Bob Badour601ebb42021-02-03 23:07:40 -0800[diff] [blame]4LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
5LOCAL_LICENSE_CONDITIONS := notice unencumbered
6LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]7LOCAL_MODULE_CLASS := ETC
8LOCAL_MODULE_TAGS := optional
9LOCAL_MODULE_PATH := $(TARGET_OUT)/etc/selinux
10
11include $(BUILD_SYSTEM)/base_rules.mk
12
Bowgo Tsaia3429fc2019-09-09 22:05:49 +0800[diff] [blame]13all_plat_mac_perms_keys := $(call build_policy, keys.conf, $(PLAT_PRIVATE_POLICY) $(SYSTEM_EXT_PRIVATE_POLICY) $(PRODUCT_PRIVATE_POLICY))
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]14all_plat_mac_perms_files := $(call build_policy, mac_permissions.xml, $(PLAT_PRIVATE_POLICY))
15
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]16# Build keys.conf
17plat_mac_perms_keys.tmp := $(intermediates)/plat_keys.tmp
18$(plat_mac_perms_keys.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]19$(plat_mac_perms_keys.tmp): PRIVATE_KEYS := $(all_plat_mac_perms_keys)
20$(plat_mac_perms_keys.tmp): $(all_plat_mac_perms_keys) $(M4)
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]21 @mkdir -p $(dir $@)
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]22 $(hide) $(M4) --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_KEYS) > $@
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]23
24# Should be synced with keys.conf.
Oriol Prieto Gasco57f48ae2022-06-20 19:22:39 +0000[diff] [blame]25all_plat_keys := platform sdk_sandbox media networkstack shared testkey bluetooth
Dan Willemsen9d06a8f2019-05-28 21:20:08 +0000[diff] [blame]26all_plat_keys := $(all_plat_keys:%=$(dir $(DEFAULT_SYSTEM_DEV_CERTIFICATE))/%.x509.pem)
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]27
28$(LOCAL_BUILT_MODULE): PRIVATE_MAC_PERMS_FILES := $(all_plat_mac_perms_files)
Thiébaud Weksteen98707252021-12-03 13:38:04 +1100[diff] [blame]29$(LOCAL_BUILT_MODULE): $(plat_mac_perms_keys.tmp) $(HOST_OUT_EXECUTABLES)/insertkeys \
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]30$(all_plat_mac_perms_files) $(all_plat_keys)
31 @mkdir -p $(dir $@)
32 $(hide) DEFAULT_SYSTEM_DEV_CERTIFICATE="$(dir $(DEFAULT_SYSTEM_DEV_CERTIFICATE))" \
Remi NGUYEN VANbd3ab022019-08-07 18:23:47 +0900[diff] [blame]33 MAINLINE_SEPOLICY_DEV_CERTIFICATES="$(MAINLINE_SEPOLICY_DEV_CERTIFICATES)" \
Thiébaud Weksteen98707252021-12-03 13:38:04 +1100[diff] [blame]34 $(HOST_OUT_EXECUTABLES)/insertkeys -t $(TARGET_BUILD_VARIANT) -c $(TOP) $< -o $@ $(PRIVATE_MAC_PERMS_FILES)
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]35
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]36all_plat_keys :=
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]37all_plat_mac_perms_files :=
38all_plat_mac_perms_keys :=
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]39plat_mac_perms_keys.tmp :=
40
41##################################
42include $(CLEAR_VARS)
43
Bowgo Tsaia3429fc2019-09-09 22:05:49 +0800[diff] [blame]44LOCAL_MODULE := system_ext_mac_permissions.xml
Bob Badour601ebb42021-02-03 23:07:40 -0800[diff] [blame]45LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
46LOCAL_LICENSE_CONDITIONS := notice unencumbered
47LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
Bowgo Tsaia3429fc2019-09-09 22:05:49 +0800[diff] [blame]48LOCAL_MODULE_CLASS := ETC
49LOCAL_MODULE_TAGS := optional
50LOCAL_MODULE_PATH := $(TARGET_OUT_SYSTEM_EXT)/etc/selinux
51
52include $(BUILD_SYSTEM)/base_rules.mk
53
54all_system_ext_mac_perms_keys := $(call build_policy, keys.conf, $(SYSTEM_EXT_PRIVATE_POLICY) $(REQD_MASK_POLICY))
55all_system_ext_mac_perms_files := $(call build_policy, mac_permissions.xml, $(SYSTEM_EXT_PRIVATE_POLICY) $(REQD_MASK_POLICY))
56
57# Build keys.conf
58system_ext_mac_perms_keys.tmp := $(intermediates)/system_ext_keys.tmp
59$(system_ext_mac_perms_keys.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
60$(system_ext_mac_perms_keys.tmp): PRIVATE_KEYS := $(all_system_ext_mac_perms_keys)
Dan Willemsen081b1642020-07-23 17:59:38 -0700[diff] [blame]61$(system_ext_mac_perms_keys.tmp): $(all_system_ext_mac_perms_keys) $(M4)
Bowgo Tsaia3429fc2019-09-09 22:05:49 +0800[diff] [blame]62 @mkdir -p $(dir $@)
Dan Willemsen081b1642020-07-23 17:59:38 -0700[diff] [blame]63 $(hide) $(M4) --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_KEYS) > $@
Bowgo Tsaia3429fc2019-09-09 22:05:49 +0800[diff] [blame]64
65$(LOCAL_BUILT_MODULE): PRIVATE_MAC_PERMS_FILES := $(all_system_ext_mac_perms_files)
Thiébaud Weksteen98707252021-12-03 13:38:04 +1100[diff] [blame]66$(LOCAL_BUILT_MODULE): $(system_ext_mac_perms_keys.tmp) $(HOST_OUT_EXECUTABLES)/insertkeys \
Bowgo Tsaia3429fc2019-09-09 22:05:49 +0800[diff] [blame]67$(all_system_ext_mac_perms_files)
68 @mkdir -p $(dir $@)
Thiébaud Weksteen98707252021-12-03 13:38:04 +1100[diff] [blame]69 $(hide) $(HOST_OUT_EXECUTABLES)/insertkeys -t $(TARGET_BUILD_VARIANT) -c $(TOP) $< -o $@ $(PRIVATE_MAC_PERMS_FILES)
Bowgo Tsaia3429fc2019-09-09 22:05:49 +0800[diff] [blame]70
71system_ext_mac_perms_keys.tmp :=
72all_system_ext_mac_perms_files :=
73all_system_ext_mac_perms_keys :=
74
75##################################
76include $(CLEAR_VARS)
77
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]78LOCAL_MODULE := product_mac_permissions.xml
Bob Badour601ebb42021-02-03 23:07:40 -0800[diff] [blame]79LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
80LOCAL_LICENSE_CONDITIONS := notice unencumbered
81LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]82LOCAL_MODULE_CLASS := ETC
83LOCAL_MODULE_TAGS := optional
84LOCAL_MODULE_PATH := $(TARGET_OUT_PRODUCT)/etc/selinux
85
86include $(BUILD_SYSTEM)/base_rules.mk
87
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]88all_product_mac_perms_keys := $(call build_policy, keys.conf, $(PRODUCT_PRIVATE_POLICY) $(REQD_MASK_POLICY))
89all_product_mac_perms_files := $(call build_policy, mac_permissions.xml, $(PRODUCT_PRIVATE_POLICY) $(REQD_MASK_POLICY))
90
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]91# Build keys.conf
92product_mac_perms_keys.tmp := $(intermediates)/product_keys.tmp
93$(product_mac_perms_keys.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]94$(product_mac_perms_keys.tmp): PRIVATE_KEYS := $(all_product_mac_perms_keys)
Dan Willemsen081b1642020-07-23 17:59:38 -0700[diff] [blame]95$(product_mac_perms_keys.tmp): $(all_product_mac_perms_keys) $(M4)
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]96 @mkdir -p $(dir $@)
Dan Willemsen081b1642020-07-23 17:59:38 -0700[diff] [blame]97 $(hide) $(M4) --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_KEYS) > $@
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]98
99$(LOCAL_BUILT_MODULE): PRIVATE_MAC_PERMS_FILES := $(all_product_mac_perms_files)
Thiébaud Weksteen98707252021-12-03 13:38:04 +1100[diff] [blame]100$(LOCAL_BUILT_MODULE): $(product_mac_perms_keys.tmp) $(HOST_OUT_EXECUTABLES)/insertkeys \
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]101$(all_product_mac_perms_files)
102 @mkdir -p $(dir $@)
Thiébaud Weksteen98707252021-12-03 13:38:04 +1100[diff] [blame]103 $(hide) $(HOST_OUT_EXECUTABLES)/insertkeys -t $(TARGET_BUILD_VARIANT) -c $(TOP) $< -o $@ $(PRIVATE_MAC_PERMS_FILES)
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]104
105product_mac_perms_keys.tmp :=
106all_product_mac_perms_files :=
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]107all_product_mac_perms_keys :=
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]108
109##################################
110include $(CLEAR_VARS)
111
112LOCAL_MODULE := vendor_mac_permissions.xml
Bob Badour601ebb42021-02-03 23:07:40 -0800[diff] [blame]113LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
114LOCAL_LICENSE_CONDITIONS := notice unencumbered
115LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]116LOCAL_MODULE_CLASS := ETC
117LOCAL_MODULE_TAGS := optional
118LOCAL_MODULE_PATH := $(TARGET_OUT_VENDOR)/etc/selinux
119
120include $(BUILD_SYSTEM)/base_rules.mk
121
Inseob Kim7174ffe2021-12-08 22:45:58 +0900[diff] [blame]122all_vendor_mac_perms_keys := $(call build_policy, keys.conf, $(BOARD_PLAT_VENDOR_POLICY) $(BOARD_VENDOR_SEPOLICY_DIRS) $(BOARD_REQD_MASK_POLICY))
123all_vendor_mac_perms_files := $(call build_policy, mac_permissions.xml, $(BOARD_PLAT_VENDOR_POLICY) $(BOARD_VENDOR_SEPOLICY_DIRS) $(BOARD_REQD_MASK_POLICY))
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]124
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]125# Build keys.conf
126vendor_mac_perms_keys.tmp := $(intermediates)/vendor_keys.tmp
127$(vendor_mac_perms_keys.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]128$(vendor_mac_perms_keys.tmp): PRIVATE_KEYS := $(all_vendor_mac_perms_keys)
129$(vendor_mac_perms_keys.tmp): $(all_vendor_mac_perms_keys) $(M4)
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]130 @mkdir -p $(dir $@)
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]131 $(hide) $(M4) --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_KEYS) > $@
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]132
133$(LOCAL_BUILT_MODULE): PRIVATE_MAC_PERMS_FILES := $(all_vendor_mac_perms_files)
Thiébaud Weksteen98707252021-12-03 13:38:04 +1100[diff] [blame]134$(LOCAL_BUILT_MODULE): $(vendor_mac_perms_keys.tmp) $(HOST_OUT_EXECUTABLES)/insertkeys \
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]135$(all_vendor_mac_perms_files)
136 @mkdir -p $(dir $@)
Bowgo Tsai3ffd6b32020-06-02 22:16:12 +0800[diff] [blame]137 $(hide) DEFAULT_SYSTEM_DEV_CERTIFICATE="$(dir $(DEFAULT_SYSTEM_DEV_CERTIFICATE))" \
Thiébaud Weksteen98707252021-12-03 13:38:04 +1100[diff] [blame]138 $(HOST_OUT_EXECUTABLES)/insertkeys -t $(TARGET_BUILD_VARIANT) -c $(TOP) $< -o $@ $(PRIVATE_MAC_PERMS_FILES)
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]139
140vendor_mac_perms_keys.tmp :=
141all_vendor_mac_perms_files :=
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]142all_vendor_mac_perms_keys :=
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]143
144##################################
145include $(CLEAR_VARS)
146
147LOCAL_MODULE := odm_mac_permissions.xml
Bob Badour601ebb42021-02-03 23:07:40 -0800[diff] [blame]148LOCAL_LICENSE_KINDS := SPDX-license-identifier-Apache-2.0 legacy_unencumbered
149LOCAL_LICENSE_CONDITIONS := notice unencumbered
150LOCAL_NOTICE_FILE := $(LOCAL_PATH)/NOTICE
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]151LOCAL_MODULE_CLASS := ETC
152LOCAL_MODULE_TAGS := optional
153LOCAL_MODULE_PATH := $(TARGET_OUT_ODM)/etc/selinux
154
155include $(BUILD_SYSTEM)/base_rules.mk
156
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]157all_odm_mac_perms_keys := $(call build_policy, keys.conf, $(BOARD_ODM_SEPOLICY_DIRS) $(REQD_MASK_POLICY))
158all_odm_mac_perms_files := $(call build_policy, mac_permissions.xml, $(BOARD_ODM_SEPOLICY_DIRS) $(REQD_MASK_POLICY))
159
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]160# Build keys.conf
161odm_mac_perms_keys.tmp := $(intermediates)/odm_keys.tmp
162$(odm_mac_perms_keys.tmp): PRIVATE_ADDITIONAL_M4DEFS := $(LOCAL_ADDITIONAL_M4DEFS)
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]163$(odm_mac_perms_keys.tmp): PRIVATE_KEYS := $(all_odm_mac_perms_keys)
164$(odm_mac_perms_keys.tmp): $(all_odm_mac_perms_keys) $(M4)
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]165 @mkdir -p $(dir $@)
Dan Willemsen3c3e59b2019-06-19 10:52:50 -0700[diff] [blame]166 $(hide) $(M4) --fatal-warnings -s $(PRIVATE_ADDITIONAL_M4DEFS) $(PRIVATE_KEYS) > $@
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]167
168$(LOCAL_BUILT_MODULE): PRIVATE_MAC_PERMS_FILES := $(all_odm_mac_perms_files)
Thiébaud Weksteen98707252021-12-03 13:38:04 +1100[diff] [blame]169$(LOCAL_BUILT_MODULE): $(odm_mac_perms_keys.tmp) $(HOST_OUT_EXECUTABLES)/insertkeys \
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]170$(all_odm_mac_perms_files)
171 @mkdir -p $(dir $@)
Thiébaud Weksteen98707252021-12-03 13:38:04 +1100[diff] [blame]172 $(hide) $(HOST_OUT_EXECUTABLES)/insertkeys -t $(TARGET_BUILD_VARIANT) -c $(TOP) $< -o $@ $(PRIVATE_MAC_PERMS_FILES)
Tri Vo8b3016b2019-01-07 16:43:31 -0800[diff] [blame]173
174odm_mac_perms_keys.tmp :=
175all_odm_mac_perms_files :=