Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_build_soong / a4b7eed0bd9fafd3290d65b3c98c539cf6ec62fa^! / .
commita4b7eed0bd9fafd3290d65b3c98c539cf6ec62fa[log] [tgz]
authorJingwen Chen <jingwen@google.com>Fri Oct 07 09:54:16 2022 +0000
committerJingwen Chen <jingwen@google.com>Fri Oct 07 09:54:16 2022 +0000
treeefa18abaa2515feecb2987f24f611b8df986dec7
parent538911b686b584e833a0f0d27e2419cdb0f33ddc [diff]
bp2build: disallow bp2build_available definition with neverallow.

..other than the specified directories.

Test: CI

Bug: 251197532
Fixes: 251197532
Change-Id: Iec6407c915d2554bbfb62aea4591783208c4f633

diff --git a/android/neverallow.go b/android/neverallow.go
index 00078a0..2745238 100644
--- a/android/neverallow.go
+++ b/android/neverallow.go

@@ -58,6 +58,7 @@
 	AddNeverAllowRules(createMakefileGoalRules()...)
 	AddNeverAllowRules(createInitFirstStageRules()...)
 	AddNeverAllowRules(createProhibitFrameworkAccessRules()...)
+	AddNeverAllowRules(createBp2BuildRules()...)
 }
 
 // Add a NeverAllow rule to the set of rules to apply.
@@ -65,6 +66,24 @@
 	neverallows = append(neverallows, rules...)
 }
 
+func createBp2BuildRules() []Rule {
+	rules := []Rule{}
+	bp2buildAvailableAllowedDirs := []string{
+		// Can we just allowlist these modules in allowlists.go?
+		"bionic/libc",
+	}
+
+	for _, dir := range bp2buildAvailableAllowedDirs {
+		rule := NeverAllow().
+			With("bazel_module.bp2build_available", "true").
+			NotIn(dir).
+			Because("disallowed usages of bp2build_available for custom conversion")
+		rules = append(rules, rule)
+	}
+
+	return rules
+}
+
 func createIncludeDirsRules() []Rule {
 	notInIncludeDir := []string{
 		"art",