Commits

Jean-Baptiste Queru  committed eab2389 Merge

Merge "Revert "Include su.te only for userdebug/eng builds."" into jb-mr1-dev-plus-aosp

  • Participants
  • Parent commits 8c87a18, 9ceb47b

Comments (0)

Files changed (3)

 include $(BUILD_SYSTEM)/base_rules.mk
 
 sepolicy_policy.conf := $(intermediates)/policy.conf
-
-# Build up the list of policy files (the order matters, since they will all be
-# cat'd together)
-POLICY_DEPENDS := $(call build_policy, security_classes initial_sids access_vectors global_macros mls_macros mls policy_capabilities te_macros attributes *.te)
-
-# Add extra policy for "su", but only for eng and userdebug builds
-ifneq (,$(filter userdebug eng,$(TARGET_BUILD_VARIANT)))
-POLICY_DEPENDS += $(wildcard $(addprefix $(LOCAL_PATH)/conditional/, su.te))
-endif
-
-# Add in the rest of the policy
-POLICY_DEPENDS += $(call build_policy, roles users initial_sid_contexts fs_use genfs_contexts port_contexts)
-
 $(sepolicy_policy.conf): PRIVATE_MLS_SENS := $(MLS_SENS)
 $(sepolicy_policy.conf): PRIVATE_MLS_CATS := $(MLS_CATS)
-$(sepolicy_policy.conf) : $(POLICY_DEPENDS)
+$(sepolicy_policy.conf) : $(call build_policy, security_classes initial_sids access_vectors global_macros mls_macros mls policy_capabilities te_macros attributes *.te roles users initial_sid_contexts fs_use genfs_contexts port_contexts)
 	@mkdir -p $(dir $@)
-	$(hide) m4 -D mls_num_sens=$(PRIVATE_MLS_SENS) -D mls_num_cats=$(PRIVATE_MLS_CATS) -s $(POLICY_DEPENDS) > $@
+	$(hide) m4 -D mls_num_sens=$(PRIVATE_MLS_SENS) -D mls_num_cats=$(PRIVATE_MLS_CATS) -s $^ > $@
 
 $(LOCAL_BUILT_MODULE) : $(sepolicy_policy.conf) $(HOST_OUT_EXECUTABLES)/checkpolicy
 	@mkdir -p $(dir $@)

File conditional/su.te

-type su, domain;
-type su_exec, file_type;
-domain_auto_trans(shell, su_exec, su)
-
-# su is unconfined.
-unconfined_domain(su)
+type su, domain;
+type su_exec, file_type;
+domain_auto_trans(shell, su_exec, su)
+
+# su is unconfined.
+unconfined_domain(su)