From 67e5add194ef229449ba410cbd7acbe9fc6caf51 Mon Sep 17 00:00:00 2001
From: Inseob Kim <inseob@google.com>
Date: Wed, 17 Mar 2021 18:05:33 +0900
Subject: [PATCH] Add sepolicy related variables

Bug: 33691272
Test: try building with SELINUX_IGNORE_NEVERALLOWS := true
Change-Id: Id2aa450740d412af7ac66f096fa2121957964cac
---
 android/config.go   | 20 ++++++++++++++++++++
 android/variable.go |  8 ++++++++
 2 files changed, 28 insertions(+)

diff --git a/android/config.go b/android/config.go
index cae419b8f..c6f6503dd 100644
--- a/android/config.go
+++ b/android/config.go
@@ -1483,10 +1483,30 @@ func (c *deviceConfig) ShippingApiLevel() ApiLevel {
 	return uncheckedFinalApiLevel(apiLevel)
 }
 
+func (c *deviceConfig) BuildBrokenEnforceSyspropOwner() bool {
+	return c.config.productVariables.BuildBrokenEnforceSyspropOwner
+}
+
+func (c *deviceConfig) BuildBrokenTrebleSyspropNeverallow() bool {
+	return c.config.productVariables.BuildBrokenTrebleSyspropNeverallow
+}
+
 func (c *deviceConfig) BuildBrokenVendorPropertyNamespace() bool {
 	return c.config.productVariables.BuildBrokenVendorPropertyNamespace
 }
 
+func (c *deviceConfig) RequiresInsecureExecmemForSwiftshader() bool {
+	return c.config.productVariables.RequiresInsecureExecmemForSwiftshader
+}
+
+func (c *config) SelinuxIgnoreNeverallows() bool {
+	return c.productVariables.SelinuxIgnoreNeverallows
+}
+
+func (c *deviceConfig) SepolicySplit() bool {
+	return c.config.productVariables.SepolicySplit
+}
+
 // The ConfiguredJarList struct provides methods for handling a list of (apex, jar) pairs.
 // Such lists are used in the build system for things like bootclasspath jars or system server jars.
 // The apex part is either an apex name, or a special names "platform" or "system_ext". Jar is a
diff --git a/android/variable.go b/android/variable.go
index a5e9ab4dd..b06711df9 100644
--- a/android/variable.go
+++ b/android/variable.go
@@ -379,7 +379,15 @@ type productVariables struct {
 
 	ShippingApiLevel *string `json:",omitempty"`
 
+	BuildBrokenEnforceSyspropOwner     bool `json:",omitempty"`
+	BuildBrokenTrebleSyspropNeverallow bool `json:",omitempty"`
 	BuildBrokenVendorPropertyNamespace bool `json:",omitempty"`
+
+	RequiresInsecureExecmemForSwiftshader bool `json:",omitempty"`
+
+	SelinuxIgnoreNeverallows bool `json:",omitempty"`
+
+	SepolicySplit bool `json:",omitempty"`
 }
 
 func boolPtr(v bool) *bool {