flagging/Android.bp

// Copyright (C) 2023 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

// This module contains a list of build time flags (defined on AOSP) for sepolicy.
// Additional se_flags modules can be added anywhere for additional flags.
se_flags {
    name: "aosp_selinux_flags",
    flags: [
        "RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES",
        "RELEASE_AVF_ENABLE_EARLY_VM",
        "RELEASE_AVF_ENABLE_DEVICE_ASSIGNMENT",
        "RELEASE_AVF_ENABLE_LLPVM_CHANGES",
        "RELEASE_AVF_ENABLE_NETWORK",
        "RELEASE_AVF_ENABLE_MICROFUCHSIA",
        "RELEASE_AVF_ENABLE_WIDEVINE_PVM",
        "RELEASE_RANGING_STACK",
        "RELEASE_READ_FROM_NEW_STORAGE",
        "RELEASE_SUPERVISION_SERVICE",
        "RELEASE_HARDWARE_BLUETOOTH_RANGING_SERVICE",
        "RELEASE_UNLOCKED_STORAGE_API",
    ],
    export_to: ["all_selinux_flags"],
}

// se_flags_collector collects flags from exported se_flags modules and converts it to build flags.
se_flags_collector {
    name: "all_selinux_flags",
}

se_policy_conf_defaults {
    name: "se_policy_conf_flags_defaults",
    srcs: [":sepolicy_flagging_macros"],
    build_flags: ["all_selinux_flags"],
}

contexts_defaults {
    name: "contexts_flags_defaults",
    srcs: [":sepolicy_flagging_macros"],
    neverallow_files: [":sepolicy_flagging_macros"], // for seapp_contexts
    build_flags: ["all_selinux_flags"],
}

filegroup {
    name: "sepolicy_flagging_macros",
    srcs: ["flagging_macros"],
}