1// Copyright (C) 2018 The Android Open Source Project 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15cc_defaults { name: "selinux_policy_version", cflags: ["-DSEPOLICY_VERSION=30"], } 16 17se_filegroup { 18 name: "26.0.board.compat.map", 19 srcs: [ 20 "compat/26.0/26.0.cil", 21 ], 22} 23 24se_filegroup { 25 name: "27.0.board.compat.map", 26 srcs: [ 27 "compat/27.0/27.0.cil", 28 ], 29} 30 31se_filegroup { 32 name: "28.0.board.compat.map", 33 srcs: [ 34 "compat/28.0/28.0.cil", 35 ], 36} 37 38se_filegroup { 39 name: "29.0.board.compat.map", 40 srcs: [ 41 "compat/29.0/29.0.cil", 42 ], 43} 44 45se_filegroup { 46 name: "26.0.board.ignore.map", 47 srcs: [ 48 "compat/26.0/26.0.ignore.cil", 49 ], 50} 51 52se_filegroup { 53 name: "27.0.board.ignore.map", 54 srcs: [ 55 "compat/27.0/27.0.ignore.cil", 56 ], 57} 58 59se_filegroup { 60 name: "28.0.board.ignore.map", 61 srcs: [ 62 "compat/28.0/28.0.ignore.cil", 63 ], 64} 65 66se_filegroup { 67 name: "29.0.board.ignore.map", 68 srcs: [ 69 "compat/29.0/29.0.ignore.cil", 70 ], 71} 72 73se_cil_compat_map { 74 name: "plat_26.0.cil", 75 stem: "26.0.cil", 76 bottom_half: [":26.0.board.compat.map"], 77 top_half: "plat_27.0.cil", 78} 79 80se_cil_compat_map { 81 name: "plat_27.0.cil", 82 stem: "27.0.cil", 83 bottom_half: [":27.0.board.compat.map"], 84 top_half: "plat_28.0.cil", 85} 86 87se_cil_compat_map { 88 name: "plat_28.0.cil", 89 stem: "28.0.cil", 90 bottom_half: [":28.0.board.compat.map"], 91 top_half: "plat_29.0.cil", 92} 93 94se_cil_compat_map { 95 name: "plat_29.0.cil", 96 stem: "29.0.cil", 97 bottom_half: [":29.0.board.compat.map"], 98 // top_half: "plat_30.0.cil", 99} 100 101se_cil_compat_map { 102 name: "system_ext_26.0.cil", 103 stem: "26.0.cil", 104 bottom_half: [":26.0.board.compat.map"], 105 top_half: "system_ext_27.0.cil", 106 system_ext_specific: true, 107} 108 109se_cil_compat_map { 110 name: "system_ext_27.0.cil", 111 stem: "27.0.cil", 112 bottom_half: [":27.0.board.compat.map"], 113 top_half: "system_ext_28.0.cil", 114 system_ext_specific: true, 115} 116 117se_cil_compat_map { 118 name: "system_ext_28.0.cil", 119 stem: "28.0.cil", 120 bottom_half: [":28.0.board.compat.map"], 121 top_half: "system_ext_29.0.cil", 122 system_ext_specific: true, 123} 124 125se_cil_compat_map { 126 name: "system_ext_29.0.cil", 127 stem: "29.0.cil", 128 bottom_half: [":29.0.board.compat.map"], 129 // top_half: "system_ext_30.0.cil", 130 system_ext_specific: true, 131} 132 133se_cil_compat_map { 134 name: "product_26.0.cil", 135 stem: "26.0.cil", 136 bottom_half: [":26.0.board.compat.map"], 137 top_half: "product_27.0.cil", 138 product_specific: true, 139} 140 141se_cil_compat_map { 142 name: "product_27.0.cil", 143 stem: "27.0.cil", 144 bottom_half: [":27.0.board.compat.map"], 145 top_half: "product_28.0.cil", 146 product_specific: true, 147} 148 149se_cil_compat_map { 150 name: "product_28.0.cil", 151 stem: "28.0.cil", 152 bottom_half: [":28.0.board.compat.map"], 153 top_half: "product_29.0.cil", 154 product_specific: true, 155} 156 157se_cil_compat_map { 158 name: "product_29.0.cil", 159 stem: "29.0.cil", 160 bottom_half: [":29.0.board.compat.map"], 161 // top_half: "product_30.0.cil", 162 product_specific: true, 163} 164 165se_cil_compat_map { 166 name: "26.0.ignore.cil", 167 bottom_half: [":26.0.board.ignore.map"], 168 top_half: "27.0.ignore.cil", 169} 170 171se_cil_compat_map { 172 name: "27.0.ignore.cil", 173 bottom_half: [":27.0.board.ignore.map"], 174 top_half: "28.0.ignore.cil", 175} 176 177se_cil_compat_map { 178 name: "28.0.ignore.cil", 179 bottom_half: [":28.0.board.ignore.map"], 180 top_half: "29.0.ignore.cil", 181} 182 183se_cil_compat_map { 184 name: "29.0.ignore.cil", 185 bottom_half: [":29.0.board.ignore.map"], 186 // top_half: "30.0.ignore.cil", 187} 188 189prebuilt_etc { 190 name: "26.0.compat.cil", 191 src: "private/compat/26.0/26.0.compat.cil", 192 sub_dir: "selinux/mapping", 193} 194 195prebuilt_etc { 196 name: "27.0.compat.cil", 197 src: "private/compat/27.0/27.0.compat.cil", 198 sub_dir: "selinux/mapping", 199} 200 201prebuilt_etc { 202 name: "28.0.compat.cil", 203 src: "private/compat/28.0/28.0.compat.cil", 204 sub_dir: "selinux/mapping", 205} 206 207prebuilt_etc { 208 name: "29.0.compat.cil", 209 src: "private/compat/29.0/29.0.compat.cil", 210 sub_dir: "selinux/mapping", 211} 212 213se_filegroup { 214 name: "file_contexts_files", 215 srcs: ["file_contexts"], 216} 217 218se_filegroup { 219 name: "file_contexts_asan_files", 220 srcs: ["file_contexts_asan"], 221} 222 223se_filegroup { 224 name: "file_contexts_overlayfs_files", 225 srcs: ["file_contexts_overlayfs"], 226} 227 228se_filegroup { 229 name: "hwservice_contexts_files", 230 srcs: ["hwservice_contexts"], 231} 232 233se_filegroup { 234 name: "property_contexts_files", 235 srcs: ["property_contexts"], 236} 237 238se_filegroup { 239 name: "service_contexts_files", 240 srcs: ["service_contexts"], 241} 242 243file_contexts { 244 name: "plat_file_contexts", 245 srcs: [":file_contexts_files"], 246 product_variables: { 247 address_sanitize: { 248 srcs: [":file_contexts_asan_files"], 249 }, 250 debuggable: { 251 srcs: [":file_contexts_overlayfs_files"], 252 }, 253 }, 254 255 flatten_apex: { 256 srcs: ["apex/*-file_contexts"], 257 }, 258 259 recovery_available: true, 260} 261 262file_contexts { 263 name: "vendor_file_contexts", 264 srcs: [":file_contexts_files"], 265 soc_specific: true, 266 recovery_available: true, 267} 268 269file_contexts { 270 name: "system_ext_file_contexts", 271 srcs: [":file_contexts_files"], 272 system_ext_specific: true, 273 recovery_available: true, 274} 275 276file_contexts { 277 name: "product_file_contexts", 278 srcs: [":file_contexts_files"], 279 product_specific: true, 280 recovery_available: true, 281} 282 283file_contexts { 284 name: "odm_file_contexts", 285 srcs: [":file_contexts_files"], 286 device_specific: true, 287 recovery_available: true, 288} 289 290hwservice_contexts { 291 name: "plat_hwservice_contexts", 292 srcs: [":hwservice_contexts_files"], 293} 294 295hwservice_contexts { 296 name: "system_ext_hwservice_contexts", 297 srcs: [":hwservice_contexts_files"], 298 system_ext_specific: true, 299} 300 301hwservice_contexts { 302 name: "product_hwservice_contexts", 303 srcs: [":hwservice_contexts_files"], 304 product_specific: true, 305} 306 307hwservice_contexts { 308 name: "vendor_hwservice_contexts", 309 srcs: [":hwservice_contexts_files"], 310 reqd_mask: true, 311 soc_specific: true, 312} 313 314hwservice_contexts { 315 name: "odm_hwservice_contexts", 316 srcs: [":hwservice_contexts_files"], 317 device_specific: true, 318} 319 320property_contexts { 321 name: "plat_property_contexts", 322 srcs: [":property_contexts_files"], 323 recovery_available: true, 324} 325 326property_contexts { 327 name: "system_ext_property_contexts", 328 srcs: [":property_contexts_files"], 329 system_ext_specific: true, 330 recovery_available: true, 331} 332 333property_contexts { 334 name: "product_property_contexts", 335 srcs: [":property_contexts_files"], 336 product_specific: true, 337 recovery_available: true, 338} 339 340property_contexts { 341 name: "vendor_property_contexts", 342 srcs: [":property_contexts_files"], 343 reqd_mask: true, 344 soc_specific: true, 345 recovery_available: true, 346} 347 348property_contexts { 349 name: "odm_property_contexts", 350 srcs: [":property_contexts_files"], 351 device_specific: true, 352 recovery_available: true, 353} 354 355service_contexts { 356 name: "plat_service_contexts", 357 srcs: [":service_contexts_files"], 358} 359 360service_contexts { 361 name: "system_ext_service_contexts", 362 srcs: [":service_contexts_files"], 363 system_ext_specific: true, 364} 365 366service_contexts { 367 name: "product_service_contexts", 368 srcs: [":service_contexts_files"], 369 product_specific: true, 370} 371 372service_contexts { 373 name: "vendor_service_contexts", 374 srcs: [":service_contexts_files"], 375 reqd_mask: true, 376 soc_specific: true, 377} 378 379// For vts_treble_sys_prop_test 380filegroup { 381 name: "public_property_contexts", 382 srcs: ["public/property_contexts"], 383 visibility: [ 384 "//test/vts-testcase/security/system_property", 385 ], 386} 387