Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit b51f9abf authored by Alex Klyubin's avatar Alex Klyubin
Browse files

Include correct type of SELinux policy 

This makes the build system include split SELinux policy (three CIL
files and the secilc compiler needed to compile them) if
PRODUCT_FULL_TREBLE is set to true. Otherwise, the monolitic SELinux
policy is included.

Split policy currently adds around 400 ms to boot time (measured on
marlin/sailfish and bullhead) because the policy needs to be compiled
during boot. This is the main reason why we include split policy only
on devices which require it.

Test: Device boots, no additional SELinux denials. This test is
      performed on a device with PRODUCT_FULL_TREBLE set to true, and
      on a device with PRODUCT_FULL_TREBLE set to false.
Test: Device with PRODUCT_FULL_TREBLE set to true contains secilc and
      the three *.cil files, but does not contain the sepolicy file.
      Device with PRODUCT_FULL_TREBLE set to false contains sepolicy
      file but does not contain the secilc file or any *.cil files.
Bug: 31363362

Change-Id: I419aa35bad6efbc7f936bddbdc776de5633846fc
parent 8c354911
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment