From 9d281d927144fa2a39f2452adaf7085cf412e5ed Mon Sep 17 00:00:00 2001
From: Inseob Kim <inseob@google.com>
Date: Mon, 19 Oct 2020 13:31:58 +0900
Subject: [PATCH] Add BUILD_BROKEN_ENFORCE_SYSPROP_OWNER

In terms of sepolicy rules, every property should have an apporpriate
owner attribute, which can be one of: system_property_type,
product_property_type, or vendor_property_type. This will be enforced
for devices launching with S or later. Devices launching with R or
eariler can relax this by setting following under BoardConfig.mk:

BUILD_BROKEN_ENFORCE_SYSPROP_OWNER := true

See system/sepolicy/public/te_macros for more details.

Bug: 131162102
Test: system/sepolicy/tools/build_policies.sh
Change-Id: Iee05fc15beac1ccf61da4ea901a85b9d4068e0ca
---
 core/board_config.mk | 1 +
 1 file changed, 1 insertion(+)

diff --git a/core/board_config.mk b/core/board_config.mk
index 03d2b3e78c..bb3929ebd9 100644
--- a/core/board_config.mk
+++ b/core/board_config.mk
@@ -114,6 +114,7 @@ _build_broken_var_list := \
   BUILD_BROKEN_DUP_RULES \
   BUILD_BROKEN_DUP_SYSPROP \
   BUILD_BROKEN_ELF_PREBUILT_PRODUCT_COPY_FILES \
+  BUILD_BROKEN_ENFORCE_SYSPROP_OWNER \
   BUILD_BROKEN_MISSING_REQUIRED_MODULES \
   BUILD_BROKEN_OUTSIDE_INCLUDE_DIRS \
   BUILD_BROKEN_PREBUILT_ELF_FILES \