diff options
Diffstat (limited to 'android/neverallow.go')
| -rw-r--r-- | android/neverallow.go | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/android/neverallow.go b/android/neverallow.go index 7615ca805..94d1569b5 100644 --- a/android/neverallow.go +++ b/android/neverallow.go @@ -65,6 +65,7 @@ func init() { AddNeverAllowRules(createKotlinPluginRule()...) AddNeverAllowRules(createPrebuiltEtcBpDefineRule()) AddNeverAllowRules(createAutogenRroBpDefineRule()) + AddNeverAllowRules(createNoSha1HashRule()) } // Add a NeverAllow rule to the set of rules to apply. @@ -324,6 +325,14 @@ func createFilesystemIsAutoGeneratedRule() Rule { Because("is_auto_generated property is only allowed for filesystem modules in build/soong/fsgen directory") } +func createNoSha1HashRule() Rule { + return NeverAllow(). + ModuleType("filesystem", "android_filesystem"). + ModuleType("filesystem", "android_system_image"). + With("avb_hash_algorithm", "sha1"). + Because("sha1 is discouraged") +} + func createKotlinPluginRule() []Rule { kotlinPluginProjectsAllowedList := []string{ "external/kotlinc", |