RM6785: Set PRODUCT_SET_DEBUGFS_RESTRICTIONS
Starting with Android R launched devices, debugfs cannot be mounted in
production builds. In order to avoid accidental debugfs dependencies
from creeping in during development with userdebug/eng builds, the
build flag PRODUCT_SET_DEBUGFS_RESTRICTIONS can be set by vendors to
enforce additional debugfs restrictions for userdebug/eng builds. The
same flag will be used to enable sepolicy neveallow statements to
prevent new permissions added for debugfs access.
Test: build, boot
Bug: 184381659
Change-Id: I45e6f20c886d467a215c9466f3a09965ff897d7e
diff --git a/device.mk b/device.mk
index c5c4618..6cec683 100644
--- a/device.mk
+++ b/device.mk
@@ -138,6 +138,9 @@
ueventd.mtk.rc \
ueventd.oplus.rc
+# Kernel
+PRODUCT_SET_DEBUGFS_RESTRICTIONS := true
+
# Keymaster
PRODUCT_PACKAGES += \
libkeymaster4.vendor:64 \