| Dan Cashman | 36ee91d | 2017-07-07 14:59:51 -0700 | [diff] [blame] | 1 | # Command to turn collection of policy files into a policy.conf file to be |
| 2 | # processed by checkpolicy |
| 3 | define transform-policy-to-conf |
| 4 | @mkdir -p $(dir $@) |
| Dan Willemsen | 3c3e59b | 2019-06-19 10:52:50 -0700 | [diff] [blame] | 5 | $(hide) $(M4) --fatal-warnings $(PRIVATE_ADDITIONAL_M4DEFS) \ |
| Dan Cashman | 36ee91d | 2017-07-07 14:59:51 -0700 | [diff] [blame] | 6 | -D mls_num_sens=$(PRIVATE_MLS_SENS) -D mls_num_cats=$(PRIVATE_MLS_CATS) \ |
| Joel Galenson | 8c72eea | 2018-03-07 15:36:29 -0800 | [diff] [blame] | 7 | -D target_build_variant=$(PRIVATE_TARGET_BUILD_VARIANT) \ |
| Dan Cashman | 36ee91d | 2017-07-07 14:59:51 -0700 | [diff] [blame] | 8 | -D target_with_dexpreopt=$(WITH_DEXPREOPT) \ |
| 9 | -D target_arch=$(PRIVATE_TGT_ARCH) \ |
| 10 | -D target_with_asan=$(PRIVATE_TGT_WITH_ASAN) \ |
| Pirama Arumuga Nainar | ce9c0c5 | 2019-06-13 15:05:15 -0700 | [diff] [blame] | 11 | -D target_with_native_coverage=$(PRIVATE_TGT_WITH_NATIVE_COVERAGE) \ |
| Steven Moreland | 763697d | 2017-11-09 11:24:56 -0800 | [diff] [blame] | 12 | -D target_full_treble=$(PRIVATE_SEPOLICY_SPLIT) \ |
| Jaekyun Seok | e497145 | 2017-10-19 16:54:49 +0900 | [diff] [blame] | 13 | -D target_compatible_property=$(PRIVATE_COMPATIBLE_PROPERTY) \ |
| Inseob Kim | ed59c22 | 2019-09-26 15:14:55 +0900 | [diff] [blame] | 14 | -D target_treble_sysprop_neverallow=$(PRIVATE_TREBLE_SYSPROP_NEVERALLOW) \ |
| Inseob Kim | afc0993 | 2020-09-28 13:32:43 +0900 | [diff] [blame] | 15 | -D target_enforce_sysprop_owner=$(PRIVATE_ENFORCE_SYSPROP_OWNER) \ |
| Tri Vo | 77c44fc | 2018-06-05 14:11:08 -0700 | [diff] [blame] | 16 | -D target_exclude_build_test=$(PRIVATE_EXCLUDE_BUILD_TEST) \ |
| Peter Collingbourne | 330ee2c | 2019-10-15 18:10:38 -0700 | [diff] [blame] | 17 | -D target_requires_insecure_execmem_for_swiftshader=$(PRODUCT_REQUIRES_INSECURE_EXECMEM_FOR_SWIFTSHADER) \ |
| Hridya Valsaraju | a885dd8 | 2021-04-26 16:32:17 -0700 | [diff] [blame] | 18 | -D target_enforce_debugfs_restriction=$(PRIVATE_ENFORCE_DEBUGFS_RESTRICTION) \ |
| Dan Cashman | 36ee91d | 2017-07-07 14:59:51 -0700 | [diff] [blame] | 19 | $(PRIVATE_TGT_RECOVERY) \ |
| Dan Willemsen | 3c3e59b | 2019-06-19 10:52:50 -0700 | [diff] [blame] | 20 | -s $(PRIVATE_POLICY_FILES) > $@ |
| Dan Cashman | 36ee91d | 2017-07-07 14:59:51 -0700 | [diff] [blame] | 21 | endef |
| 22 | .KATI_READONLY := transform-policy-to-conf |
| Jooyung Han | 0606ce7 | 2020-09-23 19:16:10 +0900 | [diff] [blame] | 23 | |
| 24 | ########################################################### |
| 25 | ## Collect file_contexts files into a single tmp file with m4 |
| 26 | ## |
| 27 | ## $(1): list of file_contexts files |
| 28 | ## $(2): filename into which file_contexts files are merged |
| 29 | ########################################################### |
| 30 | |
| 31 | define _merge-fc-files |
| 32 | $(2): $(1) $(M4) |
| 33 | $(hide) mkdir -p $$(dir $$@) |
| 34 | $(hide) $(M4) --fatal-warnings -s $(1) > $$@ |
| 35 | endef |
| 36 | |
| 37 | define merge-fc-files |
| 38 | $(eval $(call _merge-fc-files,$(1),$(2))) |
| 39 | endef |