From 83f8cde49c225c59d648f72acf6f678a7ae12740 Mon Sep 17 00:00:00 2001
From: Sandeep Patil <sspatil@google.com>
Date: Thu, 20 Apr 2017 11:40:24 -0700
Subject: [PATCH] Make sure all public types are defined regardless of build
 variants

The types need to be exported so userdebug system.img
can still build the policy with a user vendor.img at boot time.
All permissions and attributes for these types are still kept under
conditional userdebug_or_eng macro

Bug: 37433251
Test: Boot sailfish-user build with generic_arm64_ab system.img on
      sailfish and make sure sepolicy compilation succeeds

Change-Id: I98e8428c414546dfc74641700d4846edcf9355b1
Signed-off-by: Sandeep Patil <sspatil@google.com>
(cherry picked from commit 35e308cf712894eddd521edb33ffbdf748a91952)
---
 public/perfprofd.te | 5 ++++-
 public/su.te        | 6 +++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/public/perfprofd.te b/public/perfprofd.te
index eed7e5848..f0df6a0aa 100644
--- a/public/perfprofd.te
+++ b/public/perfprofd.te
@@ -1,9 +1,12 @@
 # perfprofd - perf profile collection daemon
+type perfprofd, domain;
 type perfprofd_exec, exec_type, file_type;
 
 userdebug_or_eng(`
 
-  type perfprofd, domain, domain_deprecated, mlstrustedsubject;
+  typeattribute perfprofd domain_deprecated;
+  typeattribute perfprofd coredomain;
+  typeattribute perfprofd mlstrustedsubject;
 
   # perfprofd needs to control CPU hot-plug in order to avoid kernel
   # perfevents problems in cases where CPU goes on/off during measurement;
diff --git a/public/su.te b/public/su.te
index 8cb386d4b..ec14dee29 100644
--- a/public/su.te
+++ b/public/su.te
@@ -1,3 +1,7 @@
+# All types must be defined regardless of build variant to ensure
+# policy compilation succeeds with userdebug/user combination at boot
+type su, domain;
+
 # File types must be defined for file_contexts.
 type su_exec, exec_type, file_type;
 
@@ -5,7 +9,7 @@ userdebug_or_eng(`
   # Domain used for su processes, as well as for adbd and adb shell
   # after performing an adb root command.  The domain definition is
   # wrapped to ensure that it does not exist at all on -user builds.
-  type su, domain, mlstrustedsubject;
+  typeattribute su mlstrustedsubject;
 
   # Add su to various domains
   net_domain(su)
-- 
GitLab