Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 124720a6976a69357522299afbe5591854e40775 / . / Android.mk
blob: 0ebc49cc583e090fdd0cd96757de68bc5bd4c2ac [file] [log] [blame]
Stephen Smalley7e8cf242012-02-02 13:28:28 -0500[diff] [blame]1ifeq ($(HAVE_SELINUX),true)
2
Stephen Smalley2dd4e512012-01-04 12:33:27 -0500[diff] [blame]3LOCAL_PATH:= $(call my-dir)
4include $(CLEAR_VARS)
5
6# SELinux policy version.
7# Must be <= /selinux/policyvers reported by the Android kernel.
8# Must be within the compatibility range reported by checkpolicy -V.
9POLICYVERS := 24
10
11MLS_SENS=1
12MLS_CATS=1024
13
Stephen Smalley5b340be2012-03-06 11:12:41 -0500[diff] [blame]14LOCAL_POLICY_DIRS := $(SRC_TARGET_DIR)/board/$(TARGET_DEVICE)/ device/*/$(TARGET_DEVICE)/ vendor/*/$(TARGET_DEVICE)/
15
Stephen Smalley64935c72012-03-06 13:27:39 -0500[diff] [blame]16LOCAL_POLICY_FC := $(wildcard $(addsuffix sepolicy.fc, $(LOCAL_POLICY_DIRS)))
17LOCAL_POLICY_TE := $(wildcard $(addsuffix sepolicy.te, $(LOCAL_POLICY_DIRS)))
Stephen Smalley124720a2012-04-04 10:11:16 -0400[diff] [blame^]18LOCAL_POLICY_PC := $(wildcard $(addsuffix sepolicy.pc, $(LOCAL_POLICY_DIRS)))
Stephen Smalley5b340be2012-03-06 11:12:41 -0500[diff] [blame]19
Ying Wang02fb5f32012-01-17 17:51:09 -0800[diff] [blame]20##################################
21include $(CLEAR_VARS)
Stephen Smalley2dd4e512012-01-04 12:33:27 -0500[diff] [blame]22
Ying Wang02fb5f32012-01-17 17:51:09 -0800[diff] [blame]23LOCAL_MODULE := sepolicy
24LOCAL_MODULE_CLASS := ETC
25LOCAL_MODULE_TAGS := optional
26LOCAL_MODULE_SUFFIX := .$(POLICYVERS)
27LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
Stephen Smalley2dd4e512012-01-04 12:33:27 -0500[diff] [blame]28
Ying Wang02fb5f32012-01-17 17:51:09 -0800[diff] [blame]29include $(BUILD_SYSTEM)/base_rules.mk
Stephen Smalley2dd4e512012-01-04 12:33:27 -0500[diff] [blame]30
Ying Wang02fb5f32012-01-17 17:51:09 -0800[diff] [blame]31sepolicy_policy.conf := $(intermediates)/policy.conf
32$(sepolicy_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
33$(sepolicy_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
Stephen Smalley5b340be2012-03-06 11:12:41 -0500[diff] [blame]34$(sepolicy_policy.conf) : $(wildcard $(addprefix $(LOCAL_PATH)/,security_classes initial_sids access_vectors global_macros mls_macros mls policy_capabilities te_macros attributes *.te) $(LOCAL_POLICY_TE) $(addprefix $(LOCAL_PATH)/, roles users ocontexts))
Ying Wang02fb5f32012-01-17 17:51:09 -0800[diff] [blame]35 @mkdir -p $(dir $@)
36 $(hide) m4 -D mls_num_sens=$(PRIVATE_MLS_SENS) -D mls_num_cats=$(PRIVATE_MLS_CATS) -s $^ > $@
Stephen Smalley2dd4e512012-01-04 12:33:27 -0500[diff] [blame]37
Stephen Smalley2b826fc2012-01-24 08:46:13 -0500[diff] [blame]38$(LOCAL_BUILT_MODULE) : $(sepolicy_policy.conf) $(HOST_OUT_EXECUTABLES)/checkpolicy
Ying Wang02fb5f32012-01-17 17:51:09 -0800[diff] [blame]39 @mkdir -p $(dir $@)
40 $(hide) checkpolicy -M -c $(POLICYVERS) -o $@ $<
41
42sepolicy_policy.conf :=
43##################################
44include $(CLEAR_VARS)
45
46LOCAL_MODULE := file_contexts
Ying Wang02fb5f32012-01-17 17:51:09 -0800[diff] [blame]47LOCAL_MODULE_CLASS := ETC
48LOCAL_MODULE_TAGS := optional
49LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
50
Stephen Smalley5b340be2012-03-06 11:12:41 -0500[diff] [blame]51include $(BUILD_SYSTEM)/base_rules.mk
Ying Wang02fb5f32012-01-17 17:51:09 -0800[diff] [blame]52
Stephen Smalley5b340be2012-03-06 11:12:41 -0500[diff] [blame]53file_contexts := $(intermediates)/file_contexts
54$(file_contexts): $(LOCAL_PATH)/file_contexts $(LOCAL_POLICY_FC)
55 @mkdir -p $(dir $@)
56 $(hide) cat $^ > $@
57
58file_contexts :=
Ying Wang02fb5f32012-01-17 17:51:09 -0800[diff] [blame]59##################################
60include $(CLEAR_VARS)
61
62LOCAL_MODULE := seapp_contexts
63LOCAL_SRC_FILES := $(LOCAL_MODULE)
64LOCAL_MODULE_CLASS := ETC
65LOCAL_MODULE_TAGS := optional
66LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
67
68include $(BUILD_PREBUILT)
69
70##################################
Stephen Smalley124720a2012-04-04 10:11:16 -0400[diff] [blame^]71include $(CLEAR_VARS)
72
73LOCAL_MODULE := property_contexts
74LOCAL_MODULE_CLASS := ETC
75LOCAL_MODULE_TAGS := optional
76LOCAL_MODULE_PATH := $(TARGET_ROOT_OUT)
77
78include $(BUILD_SYSTEM)/base_rules.mk
79
80property_contexts := $(intermediates)/property_contexts
81$(property_contexts): $(LOCAL_PATH)/property_contexts $(LOCAL_POLICY_PC)
82 @mkdir -p $(dir $@)
83 $(hide) cat $^ > $@
84
85property_contexts :=
86##################################
Stephen Smalley7e8cf242012-02-02 13:28:28 -0500[diff] [blame]87
88endif #ifeq ($(HAVE_SELINUX),true)