From 6c99a6781cee1bad995919d3156d7c799f59317c Mon Sep 17 00:00:00 2001
From: Felix Elsner <google@ix5.org>
Date: Tue, 14 Jul 2020 21:38:46 +0200
Subject: [PATCH] Android.mk: Enforce SYSTEM_EXT_* vars on API >= 31

Devices launched with S must use the new variable naming
scheme introduced in If8188feb365eb9e500f2270241fa190a20e9de01
"Android.mk: Support SYSTEM_EXT* sepolicy".

The old variable name
`BOARD_PLAT_{PUBLIC,PRIVATE}_SEPOLICY_DIR` does no longer
accurately reflect its usage and as such is deprecated.

Test: `make selinux_policy` with PRODUCT_SHIPPING_API_LEVEL=26
      `BOARD_PLAT_{PUBLIC,PRIVATE}_SEPOLICY_DIR}` set,
      observe additions in `$(TARGET_COPY_OUT_SYSTEM_EXT)/etc/selinux`
Test: `make selinux_policy` with PRODUCT_SHIPPING_API_LEVEL=31
      `BOARD_PLAT_{PUBLIC,PRIVATE}_SEPOLICY_DIR}` set,
      observe error

Signed-off-by: Felix Elsner <google@ix5.org>
Change-Id: Ic4d1164be611836f6aa697fbf1cb1f1c73a3cd39
---
 Android.mk | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/Android.mk b/Android.mk
index 111ddd9fa..960b8f823 100644
--- a/Android.mk
+++ b/Android.mk
@@ -55,12 +55,21 @@ REQD_MASK_POLICY := $(LOCAL_PATH)/reqd_mask
 
 SYSTEM_EXT_PUBLIC_POLICY := $(SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS)
 ifneq (,$(BOARD_PLAT_PUBLIC_SEPOLICY_DIR))
-  # TODO: Disallow BOARD_PLAT_*
+  # Must use new variable name for devices launched on S
+  ifdef PRODUCT_SHIPPING_API_LEVEL
+    ifneq ($(call math_gt_or_eq,$(PRODUCT_SHIPPING_API_LEVEL),31),)
+      $(error Please use SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS instead of the old variable BOARD_PLAT_PUBLIC_SEPOLICY_DIR)
+    endif
+  endif
   SYSTEM_EXT_PUBLIC_POLICY += $(BOARD_PLAT_PUBLIC_SEPOLICY_DIR)
 endif
 SYSTEM_EXT_PRIVATE_POLICY := $(SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS)
 ifneq (,$(BOARD_PLAT_PRIVATE_SEPOLICY_DIR))
-  # TODO: Disallow BOARD_PLAT_*
+  ifdef PRODUCT_SHIPPING_API_LEVEL
+    ifneq ($(call math_gt_or_eq,$(PRODUCT_SHIPPING_API_LEVEL),31),)
+      $(error Please use SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS instead of the old variable BOARD_PLAT_PRIVATE_SEPOLICY_DIR)
+    endif
+  endif
   SYSTEM_EXT_PRIVATE_POLICY += $(BOARD_PLAT_PRIVATE_SEPOLICY_DIR)
 endif