1# Copyright (c) 2021-2023 北京万里红科技有限公司 2# 3# Licensed under the Apache License, Version 2.0 (the "License"); 4# you may not use this file except in compliance with the License. 5# You may obtain a copy of the License at 6# 7# http://www.apache.org/licenses/LICENSE-2.0 8# 9# Unless required by applicable law or agreed to in writing, software 10# distributed under the License is distributed on an "AS IS" BASIS, 11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12# See the License for the specific language governing permissions and 13# limitations under the License. 14 15import("//base/startup/init/begetd.gni") 16import("//build/ohos.gni") 17import("selinux.gni") 18 19config("selinux_core_config") { 20 include_dirs = [ 21 "interfaces/policycoreutils/include", 22 "$THIRD_PARTY_DIR/selinux/libselinux/include", 23 ] 24} 25 26ohos_shared_library("libload_policy") { 27 output_name = "libload_policy" 28 sources = [ "interfaces/policycoreutils/src/load_policy.cpp" ] 29 include_dirs = [ "interfaces/policycoreutils/include" ] 30 deps = [ 31 ":libselinux_klog_static", 32 "$THIRD_PARTY_DIR/selinux:libselinux", 33 ] 34 cflags = [ 35 "-D_GNU_SOURCE", 36 "-Wall", 37 "-Werror", 38 ] 39 install_enable = true 40 install_images = [ 41 "system", 42 "ramdisk", 43 "updater", 44 ] 45 license_file = "LICENSE" 46 part_name = "selinux_adapter" 47 subsystem_name = "security" 48} 49 50ohos_shared_library("librestorecon") { 51 output_name = "librestorecon" 52 sources = [ "interfaces/policycoreutils/src/selinux_restorecon.c" ] 53 public_configs = [ ":selinux_core_config" ] 54 deps = [ "$THIRD_PARTY_DIR/selinux:libselinux" ] 55 cflags = [ 56 "-D_GNU_SOURCE", 57 "-Wall", 58 "-Werror", 59 ] 60 install_enable = true 61 install_images = [ 62 "system", 63 "ramdisk", 64 "updater", 65 ] 66 innerapi_tags = [ "platformsdk_indirect" ] 67 license_file = "LICENSE" 68 part_name = "selinux_adapter" 69 subsystem_name = "security" 70} 71 72ohos_shared_library("libhap_restorecon") { 73 output_name = "libhap_restorecon" 74 sources = [ 75 "interfaces/policycoreutils/src/hap_restorecon.cpp", 76 "interfaces/policycoreutils/src/sehap_contexts_trie.cpp", 77 ] 78 public_configs = [ ":selinux_core_config" ] 79 deps = [ 80 ":libselinux_error_static", 81 ":libselinux_hilog_static", 82 "$THIRD_PARTY_DIR/selinux:libselinux", 83 ] 84 85 cflags = [ 86 "-D_GNU_SOURCE", 87 "-Wall", 88 "-Werror", 89 ] 90 install_enable = true 91 license_file = "LICENSE" 92 part_name = "selinux_adapter" 93 subsystem_name = "security" 94} 95 96ohos_static_library("libselinux_error_static") { 97 output_name = "libselinux_error_static" 98 sources = [ "interfaces/policycoreutils/src/selinux_error.cpp" ] 99 include_dirs = [ "interfaces/policycoreutils/include" ] 100 cflags = [ 101 "-D_GNU_SOURCE", 102 "-w", 103 ] 104 part_name = "selinux_adapter" 105 subsystem_name = "security" 106} 107 108ohos_static_library("libselinux_klog_static") { 109 output_name = "libselinux_klog_static" 110 sources = [ "interfaces/policycoreutils/src/selinux_klog.c" ] 111 include_dirs = [ "interfaces/policycoreutils/include" ] 112 deps = [ "$THIRD_PARTY_DIR/bounds_checking_function:libsec_shared" ] 113 cflags = [ 114 "-D_GNU_SOURCE", 115 "-Wall", 116 "-Werror", 117 ] 118 part_name = "selinux_adapter" 119 subsystem_name = "security" 120} 121 122ohos_static_library("libselinux_hilog_static") { 123 output_name = "libselinux_hilog_static" 124 sources = [ "interfaces/policycoreutils/src/selinux_log.c" ] 125 include_dirs = [ "interfaces/policycoreutils/include" ] 126 deps = [ "$THIRD_PARTY_DIR/bounds_checking_function:libsec_shared" ] 127 external_deps = [ "hilog:libhilog" ] 128 cflags = [ 129 "-D_GNU_SOURCE", 130 "-Wall", 131 "-Werror", 132 ] 133 part_name = "selinux_adapter" 134 subsystem_name = "security" 135} 136 137if (!startup_init_with_param_base) { 138 inherited_configs = [ 139 "$BUILD_CONFIG_DIR/compiler:afdo", 140 "$BUILD_CONFIG_DIR/compiler:afdo_optimize_size", 141 "$BUILD_CONFIG_DIR/compiler:compiler", 142 "$BUILD_CONFIG_DIR/compiler:compiler_arm_fpu", 143 "$BUILD_CONFIG_DIR/compiler:compiler_arm_thumb", 144 "$BUILD_CONFIG_DIR/compiler:chromium_code", 145 "$BUILD_CONFIG_DIR/compiler:default_include_dirs", 146 "$BUILD_CONFIG_DIR/compiler:default_optimization", 147 "$BUILD_CONFIG_DIR/compiler:default_stack_frames", 148 "$BUILD_CONFIG_DIR/compiler:default_symbols", 149 "$BUILD_CONFIG_DIR/compiler:export_dynamic", 150 "$BUILD_CONFIG_DIR/compiler:no_exceptions", 151 "$BUILD_CONFIG_DIR/compiler:no_rtti", 152 "$BUILD_CONFIG_DIR/compiler:runtime_library", 153 "$BUILD_CONFIG_DIR/compiler:thin_archive", 154 "$BUILD_CONFIG_DIR/sanitizers:default_sanitizer_flags", 155 ] 156} 157 158source_set("libselinux_parameter_static") { 159 output_name = "libselinux_parameter_static" 160 sources = [ 161 "interfaces/policycoreutils/src/contexts_trie.c", 162 "interfaces/policycoreutils/src/selinux_map.c", 163 "interfaces/policycoreutils/src/selinux_parameter.c", 164 "interfaces/policycoreutils/src/selinux_share_mem.c", 165 ] 166 include_dirs = [ "interfaces/policycoreutils/include" ] 167 cflags = [ 168 "-D_GNU_SOURCE", 169 "-Wall", 170 "-Werror", 171 ] 172 if (!startup_init_with_param_base) { 173 ldflags = [ "-nostdlib" ] 174 configs -= inherited_configs 175 configs += [ "$BUILD_CONFIG_DIR/compiler:compiler" ] 176 } 177} 178 179ohos_shared_library("libparaperm_checker") { 180 output_name = "libparaperm_checker" 181 sources = [ "interfaces/policycoreutils/src/param_checker.c" ] 182 public_configs = [ ":selinux_core_config" ] 183 deps = [ 184 ":libselinux_klog_static", 185 "$THIRD_PARTY_DIR/bounds_checking_function:libsec_shared", 186 "$THIRD_PARTY_DIR/selinux:libselinux", 187 ] 188 if (startup_init_with_param_base) { 189 deps += [ ":libselinux_parameter_static" ] 190 } 191 cflags = [ 192 "-D_GNU_SOURCE", 193 "-Wall", 194 "-Werror", 195 ] 196 install_images = [ 197 "system", 198 "updater", 199 ] 200 part_name = "selinux_adapter" 201 subsystem_name = "security" 202} 203 204ohos_shared_library("libservice_checker") { 205 output_name = "libservice_checker" 206 sources = [ "interfaces/policycoreutils/src/service_checker.cpp" ] 207 public_configs = [ ":selinux_core_config" ] 208 deps = [ 209 ":libselinux_error_static", 210 ":libselinux_hilog_static", 211 "$THIRD_PARTY_DIR/bounds_checking_function:libsec_shared", 212 "$THIRD_PARTY_DIR/selinux:libselinux", 213 ] 214 cflags = [ 215 "-D_GNU_SOURCE", 216 "-Wall", 217 "-Werror", 218 ] 219 innerapi_tags = [ "chipsetsdk" ] 220 part_name = "selinux_adapter" 221 subsystem_name = "security" 222} 223 224ohos_executable("load_policy") { 225 install_enable = true 226 sources = [ "interfaces/tools/load_policy/load_policy.c" ] 227 include_dirs = [ "interfaces/policycoreutils/include" ] 228 deps = [ ":libload_policy" ] 229 cflags = [ 230 "-D_GNU_SOURCE", 231 "-Wall", 232 "-Werror", 233 ] 234 license_file = "LICENSE" 235 part_name = "selinux_adapter" 236 subsystem_name = "security" 237 install_images = [ 238 "system", 239 "updater", 240 ] 241} 242 243ohos_executable("restorecon") { 244 install_enable = true 245 sources = [ "interfaces/tools/restorecon/restorecon.c" ] 246 include_dirs = [ "interfaces/policycoreutils/include" ] 247 deps = [ 248 ":librestorecon", 249 "$THIRD_PARTY_DIR/bounds_checking_function:libsec_shared", 250 ] 251 cflags = [ 252 "-D_GNU_SOURCE", 253 "-Wall", 254 "-Werror", 255 ] 256 license_file = "LICENSE" 257 part_name = "selinux_adapter" 258 subsystem_name = "security" 259 install_images = [ 260 "system", 261 "updater", 262 ] 263} 264 265ohos_executable("hap_restorecon") { 266 install_enable = false 267 sources = [ "interfaces/tools/hap_restorecon/test.cpp" ] 268 include_dirs = [ "interfaces/policycoreutils/include" ] 269 deps = [ 270 ":libhap_restorecon", 271 ":libselinux_error_static", 272 ] 273 cflags = [ 274 "-D_GNU_SOURCE", 275 "-Wall", 276 "-Werror", 277 ] 278 license_file = "LICENSE" 279 part_name = "selinux_adapter" 280 subsystem_name = "security" 281} 282 283ohos_executable("param_check") { 284 install_enable = false 285 sources = [ "interfaces/tools/param_check/test.cpp" ] 286 include_dirs = [ "interfaces/policycoreutils/include" ] 287 deps = [ 288 ":libparaperm_checker", 289 ":libselinux_error_static", 290 ":libselinux_parameter_static", 291 "$THIRD_PARTY_DIR/pcre2:libpcre2", 292 "$THIRD_PARTY_DIR/selinux:libselinux", 293 ] 294 if (startup_init_with_param_base) { 295 deps += [ ":libselinux_parameter_static" ] 296 } 297 cflags = [ 298 "-D_GNU_SOURCE", 299 "-DTIME_DISPLAY", 300 "-Wall", 301 "-Werror", 302 ] 303 license_file = "LICENSE" 304 part_name = "selinux_adapter" 305 subsystem_name = "security" 306} 307 308ohos_executable("service_check") { 309 install_enable = false 310 sources = [ "interfaces/tools/service_check/test.cpp" ] 311 include_dirs = [ "interfaces/policycoreutils/include" ] 312 deps = [ 313 ":libselinux_error_static", 314 ":libservice_checker", 315 ] 316 cflags = [ 317 "-D_GNU_SOURCE", 318 "-Wall", 319 "-Werror", 320 ] 321 license_file = "LICENSE" 322 part_name = "selinux_adapter" 323 subsystem_name = "security" 324} 325 326debug_version = "disable" 327updater_version = "disable" 328 329action("build_policy") { 330 if (build_variant == "user") { 331 debug_version = "disable" 332 } else if (build_variant == "root") { 333 debug_version = "enable" 334 } else { 335 debug_version = "enable" 336 } 337 338 updater_version = "disable" 339 340 inputs = exec_script("//build/scripts/find.py", 341 [ rebase_path("sepolicy") ], 342 "list lines") 343 if (selinux_build_path != "default") { 344 foreach(src, string_split(selinux_build_path, ":")) { 345 src = "//" + src 346 inputs += exec_script("//build/scripts/find.py", 347 [ rebase_path(src) ], 348 "list lines") 349 } 350 } 351 352 if (special_build_policy_script != "default") { 353 script = special_build_policy_script 354 } else { 355 script = "scripts/build_policy.py" 356 } 357 358 args = [ 359 "--dst-file", 360 rebase_path(target_out_dir + "/policy.31"), 361 "--tool-path", 362 rebase_path(root_build_dir + "/clang_x64/thirdparty/selinux/"), 363 "--source-root-dir", 364 rebase_path("//"), 365 "--policy_dir_list", 366 selinux_build_path, 367 "--debug-version", 368 debug_version, 369 "--updater-version", 370 updater_version, 371 "--components", 372 components, 373 ] 374 375 if (components != "default") { 376 args += [ 377 "--vendor-policy-version", 378 "$vendor_policy_version", 379 ] 380 } 381 382 if (extra_args != "default") { 383 foreach(arg, string_split(extra_args, " ")) { 384 args += [ arg ] 385 } 386 } 387 388 deps = [ 389 "$THIRD_PARTY_DIR/selinux:checkpolicy($host_toolchain)", 390 "$THIRD_PARTY_DIR/selinux:secilc($host_toolchain)", 391 ] 392 outputs = [ 393 target_out_dir + "/policy.31", 394 target_out_dir + "/vendor.cil", 395 target_out_dir + "/prebuild_sepolicy.system.cil.sha256", 396 target_out_dir + "/system.cil", 397 target_out_dir + "/system.cil.sha256", 398 target_out_dir + "/$vendor_policy_version.cil", 399 target_out_dir + "/version", 400 target_out_dir + "/public.cil", 401 ] 402} 403 404action("build_update_policy") { 405 if (build_variant == "user") { 406 debug_version = "disable" 407 } else if (build_variant == "root") { 408 debug_version = "enable" 409 } else { 410 debug_version = "enable" 411 } 412 413 updater_version = "enable" 414 components = "default" 415 inputs = exec_script("//build/scripts/find.py", 416 [ rebase_path("sepolicy") ], 417 "list lines") 418 if (selinux_build_path != "default") { 419 foreach(src, string_split(selinux_build_path, ":")) { 420 src = "//" + src 421 inputs += exec_script("//build/scripts/find.py", 422 [ rebase_path(src) ], 423 "list lines") 424 } 425 } 426 427 if (special_build_policy_script != "default") { 428 script = special_build_policy_script 429 } else { 430 script = "scripts/build_policy.py" 431 } 432 433 args = [ 434 "--dst-file", 435 rebase_path(target_out_dir + "/updater/policy.31"), 436 "--tool-path", 437 rebase_path(root_build_dir + "/clang_x64/thirdparty/selinux/"), 438 "--source-root-dir", 439 rebase_path("//"), 440 "--policy_dir_list", 441 selinux_build_path, 442 "--debug-version", 443 debug_version, 444 "--updater-version", 445 updater_version, 446 "--components", 447 components, 448 ] 449 450 if (extra_args != "default") { 451 foreach(arg, string_split(extra_args, " ")) { 452 args += [ arg ] 453 } 454 } 455 456 deps = [ 457 "$THIRD_PARTY_DIR/selinux:checkpolicy($host_toolchain)", 458 "$THIRD_PARTY_DIR/selinux:secilc($host_toolchain)", 459 ] 460 outputs = [ target_out_dir + "/updater/policy.31" ] 461} 462 463action("build_contexts") { 464 inputs = exec_script("//build/scripts/find.py", 465 [ rebase_path("sepolicy") ], 466 "list lines") 467 if (selinux_build_path != "default") { 468 foreach(src, string_split(selinux_build_path, ":")) { 469 src = "//" + src 470 inputs += exec_script("//build/scripts/find.py", 471 [ rebase_path(src) ], 472 "list lines") 473 } 474 } 475 476 if (special_build_contexts_script != "default") { 477 script = special_build_contexts_script 478 } else { 479 script = "scripts/build_contexts.py" 480 } 481 args = [ 482 "--dst-dir", 483 rebase_path(target_out_dir + "/"), 484 "--tool-path", 485 rebase_path(root_build_dir + "/clang_x64/thirdparty/selinux/"), 486 "--policy-file", 487 rebase_path(target_out_dir + "/policy.31"), 488 "--source-root-dir", 489 rebase_path("//"), 490 "--policy_dir_list", 491 selinux_build_path, 492 "--components", 493 components, 494 ] 495 if (contexts_extra_args != "default") { 496 foreach(arg, string_split(contexts_extra_args, " ")) { 497 args += [ arg ] 498 } 499 } 500 deps = [ 501 ":build_policy", 502 "$THIRD_PARTY_DIR/selinux:sefcontext_compile($host_toolchain)", 503 ] 504 outputs = [ 505 target_out_dir + "/file_contexts.bin", 506 target_out_dir + "/file_contexts", 507 target_out_dir + "/sehap_contexts", 508 target_out_dir + "/service_contexts", 509 target_out_dir + "/hdf_service_contexts", 510 target_out_dir + "/parameter_contexts", 511 ] 512} 513 514copy("selinux_config") { 515 if (selinux_enforce) { 516 sources = [ "config/config.enforce" ] 517 } else { 518 sources = [ "config/config.permissive" ] 519 } 520 outputs = [ "$target_out_dir/config" ] 521} 522 523copy("updater_selinux_config") { 524 sources = [ "config/config.enforce" ] 525 outputs = [ "$target_out_dir/updater/config" ] 526} 527 528ohos_prebuilt_etc("build_sepolicy") { 529 deps = [ ":build_policy" ] 530 source = target_out_dir + "/policy.31" 531 license_file = "LICENSE" 532 part_name = "selinux_adapter" 533 subsystem_name = "security" 534 if (components == "vendor") { 535 relative_install_dir = "selinux/prebuild_sepolicy/" 536 install_images = [ "vendor" ] 537 } else if (components == "default") { 538 relative_install_dir = "selinux/targeted/policy/" 539 install_images = [ "system" ] 540 } 541} 542 543ohos_prebuilt_etc("build_updater_sepolicy") { 544 deps = [ ":build_update_policy" ] 545 source = target_out_dir + "/updater/policy.31" 546 license_file = "LICENSE" 547 part_name = "selinux_adapter" 548 subsystem_name = "security" 549 relative_install_dir = "selinux/targeted/policy/" 550 install_images = [ "updater" ] 551} 552 553ohos_prebuilt_etc("selinux_version") { 554 deps = [ ":build_policy" ] 555 source = target_out_dir + "/version" 556 license_file = "LICENSE" 557 part_name = "selinux_adapter" 558 subsystem_name = "security" 559 relative_install_dir = "selinux/" 560 install_images = [ "vendor" ] 561} 562 563ohos_prebuilt_etc("config") { 564 deps = [ ":selinux_config" ] 565 source = target_out_dir + "/config" 566 license_file = "LICENSE" 567 part_name = "selinux_adapter" 568 subsystem_name = "security" 569 relative_install_dir = "selinux/" 570 install_images = [ "system" ] 571} 572 573ohos_prebuilt_etc("updater_config") { 574 deps = [ ":updater_selinux_config" ] 575 source = target_out_dir + "/updater/config" 576 license_file = "LICENSE" 577 part_name = "selinux_adapter" 578 subsystem_name = "security" 579 relative_install_dir = "selinux/" 580 install_images = [ "updater" ] 581} 582 583ohos_prebuilt_etc("sehap_contexts") { 584 deps = [ ":build_contexts" ] 585 source = target_out_dir + "/sehap_contexts" 586 license_file = "LICENSE" 587 part_name = "selinux_adapter" 588 subsystem_name = "security" 589 relative_install_dir = "selinux/targeted/contexts/" 590} 591 592ohos_prebuilt_etc("parameter_contexts") { 593 deps = [ ":build_contexts" ] 594 source = target_out_dir + "/parameter_contexts" 595 license_file = "LICENSE" 596 part_name = "selinux_adapter" 597 subsystem_name = "security" 598 relative_install_dir = "selinux/targeted/contexts/" 599 if (components == "vendor") { 600 install_images = [ "vendor" ] 601 } else { 602 install_images = [ 603 "system", 604 "updater", 605 ] 606 } 607} 608 609ohos_prebuilt_etc("service_contexts") { 610 deps = [ ":build_contexts" ] 611 source = target_out_dir + "/service_contexts" 612 license_file = "LICENSE" 613 part_name = "selinux_adapter" 614 subsystem_name = "security" 615 relative_install_dir = "selinux/targeted/contexts/" 616 if (components == "vendor") { 617 install_images = [ "vendor" ] 618 } else { 619 install_images = [ "system" ] 620 } 621} 622 623ohos_prebuilt_etc("hdf_service_contexts") { 624 deps = [ ":build_contexts" ] 625 source = target_out_dir + "/hdf_service_contexts" 626 license_file = "LICENSE" 627 part_name = "selinux_adapter" 628 subsystem_name = "security" 629 relative_install_dir = "selinux/targeted/contexts/" 630 if (components == "vendor") { 631 install_images = [ "vendor" ] 632 } else { 633 install_images = [ "system" ] 634 } 635} 636 637ohos_prebuilt_etc("file_contexts") { 638 deps = [ ":build_contexts" ] 639 source = target_out_dir + "/file_contexts" 640 license_file = "LICENSE" 641 part_name = "selinux_adapter" 642 subsystem_name = "security" 643 relative_install_dir = "selinux/targeted/contexts/" 644 if (components == "vendor") { 645 install_images = [ "vendor" ] 646 } else { 647 install_images = [ 648 "system", 649 "updater", 650 ] 651 } 652} 653 654ohos_prebuilt_etc("vendor_cil") { 655 deps = [ ":build_policy" ] 656 source = target_out_dir + "/vendor.cil" 657 license_file = "LICENSE" 658 part_name = "selinux_adapter" 659 subsystem_name = "security" 660 relative_install_dir = "selinux/" 661 install_images = [ "vendor" ] 662} 663 664ohos_prebuilt_etc("public_cil") { 665 deps = [ ":build_policy" ] 666 source = target_out_dir + "/public.cil" 667 license_file = "LICENSE" 668 part_name = "selinux_adapter" 669 subsystem_name = "security" 670 relative_install_dir = "selinux/" 671 install_images = [ "vendor" ] 672} 673 674ohos_prebuilt_etc("version_cil") { 675 deps = [ ":build_policy" ] 676 source = target_out_dir + "/$vendor_policy_version.cil" 677 license_file = "LICENSE" 678 part_name = "selinux_adapter" 679 subsystem_name = "security" 680 relative_install_dir = "selinux/compatible/" 681 install_images = [ "system" ] 682} 683 684ohos_prebuilt_etc("prebuild_sepolicy_system_cil_sha256") { 685 deps = [ ":build_policy" ] 686 source = target_out_dir + "/prebuild_sepolicy.system.cil.sha256" 687 license_file = "LICENSE" 688 part_name = "selinux_adapter" 689 subsystem_name = "security" 690 relative_install_dir = "selinux/" 691 install_images = [ "vendor" ] 692} 693 694ohos_prebuilt_etc("system_cil") { 695 deps = [ ":build_policy" ] 696 source = target_out_dir + "/system.cil" 697 license_file = "LICENSE" 698 part_name = "selinux_adapter" 699 subsystem_name = "security" 700 relative_install_dir = "selinux/" 701 install_images = [ "system" ] 702} 703 704ohos_prebuilt_etc("system_cil_sha256") { 705 deps = [ ":build_policy" ] 706 source = target_out_dir + "/system.cil.sha256" 707 license_file = "LICENSE" 708 part_name = "selinux_adapter" 709 subsystem_name = "security" 710 relative_install_dir = "selinux/" 711 install_images = [ "system" ] 712} 713 714ohos_copy("libselinux_toolchain") { 715 deps = [ "$THIRD_PARTY_DIR/selinux:libselinux($host_toolchain)" ] 716 sources = [ "$root_build_dir/clang_x64/thirdparty/selinux/libselinux.so" ] 717 outputs = [ "$root_build_dir/clang_x64/security/selinux/libselinux.so" ] 718 part_name = "selinux_adapter" 719 subsystem_name = "security" 720} 721 722ohos_copy("libpcre2_toolchain") { 723 deps = [ "$THIRD_PARTY_DIR/pcre2:libpcre2($host_toolchain)" ] 724 sources = [ "$root_build_dir/clang_x64/thirdparty/pcre2/libpcre2.so" ] 725 outputs = [ "$root_build_dir/clang_x64/security/selinux/libpcre2.so" ] 726 part_name = "selinux_adapter" 727 subsystem_name = "security" 728} 729 730ohos_copy("filecontexts_toolchain") { 731 deps = [ ":build_contexts" ] 732 sources = [ "$target_out_dir/file_contexts.bin" ] 733 outputs = [ "$target_out_dir/../security/selinux/file_contexts.bin" ] 734 part_name = "selinux_adapter" 735 subsystem_name = "security" 736} 737 738group("selinux_group") { 739 if (build_selinux) { 740 deps = [ 741 ":build_updater_sepolicy", 742 ":config", 743 ":file_contexts", 744 ":filecontexts_toolchain", 745 ":hap_restorecon", 746 ":hdf_service_contexts", 747 ":libpcre2_toolchain", 748 ":libselinux_toolchain", 749 ":load_policy", 750 ":param_check", 751 ":parameter_contexts", 752 ":restorecon", 753 ":sehap_contexts", 754 ":service_check", 755 ":service_contexts", 756 ":updater_config", 757 "$THIRD_PARTY_DIR/selinux:checkpolicy($host_toolchain)", 758 "$THIRD_PARTY_DIR/selinux:chkcon", 759 "$THIRD_PARTY_DIR/selinux:getenforce", 760 "$THIRD_PARTY_DIR/selinux:getfilecon", 761 "$THIRD_PARTY_DIR/selinux:getpidcon", 762 "$THIRD_PARTY_DIR/selinux:secilc", 763 "$THIRD_PARTY_DIR/selinux:secilc($host_toolchain)", 764 "$THIRD_PARTY_DIR/selinux:sefcontext_compile($host_toolchain)", 765 "$THIRD_PARTY_DIR/selinux:selinux_check_access", 766 "$THIRD_PARTY_DIR/selinux:selinuxexeccon", 767 "$THIRD_PARTY_DIR/selinux:setenforce", 768 "$THIRD_PARTY_DIR/selinux:setfilecon", 769 ] 770 if (components == "system") { 771 deps += [ 772 ":system_cil", 773 ":system_cil_sha256", 774 ":version_cil", 775 ] 776 } else if (components == "vendor") { 777 deps += [ 778 ":build_sepolicy", 779 ":prebuild_sepolicy_system_cil_sha256", 780 ":public_cil", 781 ":selinux_version", 782 ":vendor_cil", 783 ] 784 } else { 785 deps += [ ":build_sepolicy" ] 786 } 787 } 788} 789