Part of an effort to remove Treble-specifics in the way be build
sepolicy.

Fixes: 64541653
Test: m selinux_policy for aosp_arm64
Change-Id: I9e42c720018674e7d3a6c47e01995401c4e748a7

Private types are not visible to vendor/odm policy, so we don't need mapping
entries for them.

We build platform-only public policy .cil file and give it as input to
treble_sepolicy_tests. Using this public policy the test can now figure out if
the newly added type in public or private.

Bug: 116344577
Test: adding public type triggers mapping test failure, adding private type does
not.
Change-Id: I421f335e37274b24aa73109e260653d7b73788b5

All the *.conf.dontaudit files are generated from *.conf
with the command of 'sed '/dontaudit/d' $@ > $@.dontaudit',
but this command can not be applied to multi-line dontaudit statement.

Test: Set plat_policy.conf.dontaudit as the input_file parameter of
checkpolicy tool, then selinux syntax error will occur during building.

Change-Id: I281de923d8a5f0b46256ec7de4df12a1c1d7e061

Do not attempt to build odm_sepolicy.cil if BOARD_ODM_SEPOLICY_DIRS is
not defined. Attempting to do so will create an empty file, which causes
build problems when
https://github.com/SELinuxProject/selinux/pull/100/commits/0c6ea1e812fbe75aef03ced077d4f4cd26d982fc
is applied.

Test: "cd system/sepolicy && mma -j55" succeeds
Test: "make checkbuild" succeeds
Change-Id: Iefc458bddff3d08e5fcb86f8be3cad16d7e36e73

Error out if m4 generates a warning. This will help detect and prevent
malformed macros.

See 85508496 for motivation.

Test: policy compiles
Test: Policy doesn't compile if 85508496
      is reverted.

Change-Id: Iee6b6273bc2a24b1220861fd662573e76001defc

/cache/overlay directory in support of overlayfs mounts on userdebug
and eng devices.  Overlayfs in turn can be capable of supporting
adb remount for read-only or restricted-storage filesystems like
squashfs or right-sized (zero free space) system partitions
respectively.

Test: compile
Bug: 109821005
Bug: 110985612
Change-Id: I3ece03886db7cc97f864497cf93ec6c6c39bccd1

Steps taken to produce the mapping files:

1. Add prebuilts/api/28.0/[plat_pub_versioned.cil|vendor_sepolicy.cil]
from the /vendor/etc/selinux/[plat_pub_versioned.cil|vendor_sepolicy.cil]
files built on pi-dev with lunch target aosp_arm64-eng

2. Add new file private/compat/28.0/28.0.cil by doing the following:
- copy /system/etc/selinux/mapping/28.0.cil from pi-dev aosp_arm64-eng
device to private/compat/28.0/28.0.cil
- remove all attribute declaration statement (typeattribute ...) and
sort lines alphabetically
- some selinux types were added/renamed/deleted w.r.t 28 sepolicy.
Find all such types using treble_sepolicy_tests_28.0 test.
- for all these types figure out where to map them by looking at
27.0.[ignore.]cil files and add approprite entries to 28.0.[ignore.]cil.

This change also enables treble_sepolicy_tests_28.0 and install 28.0.cil
mapping onto the device.

Bug: 72458734
Test: m selinux_policy
Change-Id: I90e17c0b43af436da4b62c16179c198b5c74002c

Create one _system and one _nonsystem target, which together contains
the same artifacts as before, just split by whether they go on the
system partition or not.

The product build hierarchy is being refactored to be split by
partition, so these targets facilitate inclusion of just the
system parts where necessary. Also keep the selinux_policy target
around for products that don't need the split.

Bug: 80410283
Test: for t in eng userdebug user; do lunch mainline_arm64-${t}; m nothing; done
Test: verified walleye /system and /vendor identical before and after, via:
Test: /google/data/rw/users/cc/ccross/bin/compare-target-files.sh P6259983 walleye-userdebug "SYSTEM/*" "VENDOR/*"
Test: only diffs are in build.prop files (timestamps and the like)

Change-Id: I0f5d8a1558a164ce5cfb7d521f34b431855ac260

build_test_only is used to denote rules that should not verified
as part of compliance testing.

Use this macro to exclude neverallow rules which we want to check as
part of build, but not CTS.

Bug: 80499271
Test: SELinuxNeverallowRulesTest on walleye has no more failure of type
"Type or attribute * used in neverallow undefined in policy being checked."
Number of failing test cases is reduced by 142.
Test: policy.conf used to check neverallows at build-time still retains
all neverallow rules.
Change-Id: I5f1b383d9096bb5a7b8c0f1bc008b5dd07419580

The bug_map file is only used whitelisting known test failures.  It
needs to change fairly often to fix new failures and it doesn't affect
users, so it shouldn't matter if it diverges from prebuilts.

Test: Enable this test and build with and without different bug_maps.
Change-Id: I9176a6c7e9f7852a0cd7802fd121b1e86b216b22

For automotive (and I assume for other verticals) it make sense to keep
vertical-specific policies outside of /system/sepolicy as those not used
by the phones. However, there's no way to do it rather than using
BOARD_PLAT_{PUBLIC|PRIVATE}_SEPOLICY_DIR build variables.

Bug: 70637118
Test: lunch device && m
Test: verify it builds, boots and logs seems to be reasonable
Test: enable full treble for aosp_car_x86 - verify it builds, boots and
no denials in the logs

Change-Id: Ia5fd847f7a6152ff6cf99bbbc12e1e322f7946ab
(cherry picked from commit 34f23364)

For automotive (and I assume for other verticals) it make sense to keep
vertical-specific policies outside of /system/sepolicy as those not used
by the phones. However, there's no way to do it rather than using
BOARD_PLAT_{PUBLIC|PRIVATE}_SEPOLICY_DIR build variables.

Bug: 70637118
Test: lunch bat_land-userdebug && m
Test: verify it builds, boots and logs seems to be reasonable
Test: enable full treble for aosp_car_x86 - verify it builds, boots and
no denials in the logs

Change-Id: Ia5fd847f7a6152ff6cf99bbbc12e1e322f7946ab

Part of an effort to remove Treble-specifics from the way be build
sepolicy.

Bug: 70851112
Test: build and boot bullhead.
Change-Id: I236f031e1b017875fb1afcc4f1b201699139516a

And migrate 26.0.cil and 27.0.cil build targets from Android.mk to
Android.bp

Bug: 33691272
Test: 26.0.cil and 27.0.cil mapping files on the device are unchanged.
Change-Id: Id0ea45c149e096996bc0657615ea98915df3c9e1

This will test that system/sepolicy/{public/, private/} are identical to
prebuilts if PLATFORM_SEPOLICY_VERSION is not 10000.0.

Bug: 74622750
Test: build policy
Test: correctly catches divergence from prebuilts for frozen policies

Change-Id: I2fa14b672544a021c2d42ad5968dfbac21b72f6a
(cherry picked from commit 81198bb8)

This will test that system/sepolicy/{public/, private/} are identical to
prebuilts if PLATFORM_SEPOLICY_VERSION is not 10000.0.

Bug: 74622750
Test: build policy
Test: correctly catches divergence from prebuilts for frozen policies

Change-Id: I2fa14b672544a021c2d42ad5968dfbac21b72f6a

Use the user policy when running the compatibility tests.

Bug: 74344625
Test: Built policy for many devices.  Booted one device.
Test: Delete some compat rules, verify error on userdebug.
Change-Id: Ib2df2dfc06cdf55a839011e9a528e76160a9e436
(cherry picked from commit c1486218)

Use the user policy when running the compatibility tests.

Bug: 74344625
Test: Built policy for many devices.  Booted one device.
Test: Delete some compat rules, verify error on userdebug.
Change-Id: Ib2df2dfc06cdf55a839011e9a528e76160a9e436

Verify that the SELabels used in property_contexts correspond to a
real type in the SEPolicy and that this type has the property_type attribute.

Additionally add a check that vendor property_context files do not
duplicate entries in plat property_contexts, and a similar check that
odm property_contexts doesn't duplicate either plat or vendor
property_contexts.

Bug: 74078792
Test: Build property_contexts on bullhead successfully
Test: See failure when using a faulty SELabel in property_contexts
Test: See failure when duplicating label in vendor and plat property_contexts
Change-Id: I4d2338dab68f1c5a8ed110aa7821f0677f61bafb
(cherry picked from commit a15df75d)

Verify that the SELabels used in property_contexts correspond to a
real type in the SEPolicy and that this type has the property_type attribute.

Additionally add a check that vendor property_context files do not
duplicate entries in plat property_contexts, and a similar check that
odm property_contexts doesn't duplicate either plat or vendor
property_contexts.

Bug: 74078792
Test: Build property_contexts on bullhead successfully
Test: See failure when using a faulty SELabel in property_contexts
Test: See failure when duplicating label in vendor and plat property_contexts
Change-Id: I4d2338dab68f1c5a8ed110aa7821f0677f61bafb

Location of mapping files has changed from private/mapping/V.v.cil to
private/compat/V.v/V.v.cil
Change the build rule for current_mapping.cil to reflect that.

Test: Build current mapping file with  BOARD_SEPOLICY_VERS := 27.0 and
make sure that $OUT/obj/ETC/27.0.cil_intermediates/27.0.cil is not empty
Change-Id: I996a717e1c659265cb067da5d621d71ff3b3b63b

Bug: 64240127
Test: normal boot a device
Change-Id: I276ba6bc88eabb0d5562e4e96d3860eedb76aed5
Merged-In: I276ba6bc88eabb0d5562e4e96d3860eedb76aed5
(cherry picked from commit af7d85f8)

Bug: 64240127
Test: normal boot and recovery boot a device
Change-Id: I22d29e8476380d19aca1be359e0228ab6bbc3b0f
Merged-In: I22d29e8476380d19aca1be359e0228ab6bbc3b0f
(cherry picked from commit ad6231f5)

Bug: 64240127
Test: normal boot and recovery boot a device
Change-Id: Ibd71219f60644e57370c0293decf11d82f1cb35c
Merged-In: Ibd71219f60644e57370c0293decf11d82f1cb35c
(cherry picked from commit 1f717b10)

Bug: 64240127
Test: normal boot a device
Change-Id: I3626357237cc18a99511f1ebd9dd3ff5a7655963
Merged-In: I3626357237cc18a99511f1ebd9dd3ff5a7655963
(cherry picked from commit ecf656b0)

Bug: 64240127
Test: normal boot and recovery boot a device
Change-Id: I087292fb23d05fc17272778d668ac78a721b2593
Merged-In: I087292fb23d05fc17272778d668ac78a721b2593
(cherry picked from commit bae1517a)

This change adds the support of odm sepolicy customization, which can
be configured through the newly added build varaible:
    - BOARD_ODM_SEPOLICY_DIRS += device/${ODM_NAME}/${BOM_NAME}/sepolicy

Also moving precompiled sepolicy to /odm when BOARD_ODM_SEPOLICY_DIRS
is set. On a DUT, precompiled sepolicy on /odm will override the one in
/vendor. This is intentional because /odm is the hardware customization
for /vendor and both should be updated together if desired.

Bug: 64240127
Test: boot a device with /odm partition
Change-Id: Ia8f81a78c88cbfefb3ff19e2ccd2648da6284d09
Merged-In: Ia8f81a78c88cbfefb3ff19e2ccd2648da6284d09
(cherry picked from commit 45457e3a)

Bug: 64240127
Test: normal boot a device
Change-Id: I276ba6bc88eabb0d5562e4e96d3860eedb76aed5

Bug: 64240127
Test: normal boot and recovery boot a device
Change-Id: I22d29e8476380d19aca1be359e0228ab6bbc3b0f

Bug: 64240127
Test: normal boot and recovery boot a device
Change-Id: Ibd71219f60644e57370c0293decf11d82f1cb35c

Bug: 64240127
Test: normal boot a device
Change-Id: I3626357237cc18a99511f1ebd9dd3ff5a7655963

Bug: 64240127
Test: normal boot and recovery boot a device
Change-Id: I087292fb23d05fc17272778d668ac78a721b2593

This change adds the support of odm sepolicy customization, which can
be configured through the newly added build varaible:
    - BOARD_ODM_SEPOLICY_DIRS += device/${ODM_NAME}/${BOM_NAME}/sepolicy

Also moving precompiled sepolicy to /odm when BOARD_ODM_SEPOLICY_DIRS
is set. On a DUT, precompiled sepolicy on /odm will override the one in
/vendor. This is intentional because /odm is the hardware customization
for /vendor and both should be updated together if desired.

Bug: 64240127
Test: boot a device with /odm partition
Change-Id: Ia8f81a78c88cbfefb3ff19e2ccd2648da6284d09

When building userdebug or eng builds, we still want to build the user
policy when checking neverallow rules so that we can catch compile
errors.

Commit c0713e86 split out a helper function but lost one instance of
using user instead of the real variant.  This restores that one and
adds it to the neverallow check.

Bug: 74344625
Test: Added a rule that referred to a type defined only
in userdebug and eng and ensure we throw a compile error when building
userdebug mode.

Change-Id: I1a6ffbb36dbeeb880852f9cbac880f923370c2ae
(cherry picked from commit 053cb341)

When building userdebug or eng builds, we still want to build the user
policy when checking neverallow rules so that we can catch compile
errors.

Commit c0713e86 split out a helper function but lost one instance of
using user instead of the real variant.  This restores that one and
adds it to the neverallow check.

Bug: 74344625
Test: Added a rule that referred to a type defined only
in userdebug and eng and ensure we throw a compile error when building
userdebug mode.

Change-Id: I1a6ffbb36dbeeb880852f9cbac880f923370c2ae

Bug: 69390067
Test: build sepolicy
Change-Id: I4fc7438e4f825281d93a2849be9d2db819bea4ca

Bug: 69390067
Test: policy builds
Change-Id: I9b29a88ec071a17fc429892b5a8720b15fcbcf32

The intent of this flag is to disable tests during early device
bringup so that vendor drops can occur without build breakages.
When SELINUX_IGNORE_NEVERALLOWS=true also disable labeling tests
sepolicy_tests, and treble_sepolicy_tests.

Bug: 73322735
Test: build, verify known tests failures do not cause build breakage.
Change-Id: I3e7165938d4e34c066bfa0a20e68b7e02dae4a24

Test: m framework_compatibility_matrix.xml -j
Test: device boots

Bug: 67920434
Bug: 69390067

Change-Id: I3461873c22f704b9bbaa3a4e6f7e1df34d6b61a3

This is a list of sepolicy versions that the framework supports.

Test: builds and boots

Bug: 67920434
Change-Id: I0f408fa3967214b47a64101760dbbb2542023dcf