package/refpolicy: allow packages to provide their own SELinux modules

Allow packages to have an 'selinux' subfolder containing SELinux modules
(sources) to be synced and compiled within the refpolicy, if the package
is selected.

Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-generic.mk

@@ -1092,6 +1092,8 @@ KEEP_PYTHON_PY_FILES += $$($(2)_KEEP_PY_FILES)
 ifneq ($$($(2)_SELINUX_MODULES),)
 PACKAGES_SELINUX_MODULES += $$($(2)_SELINUX_MODULES)
 endif
+PACKAGES_SELINUX_EXTRA_MODULES_DIRS += \
+	$$(if $$(wildcard $$($(2)_PKGDIR)/selinux),$$($(2)_PKGDIR)/selinux)
 
 ifeq ($$($(2)_SITE_METHOD),svn)
 DL_TOOLS_DEPENDENCIES += svn

package/refpolicy/refpolicy.mk

@@ -41,7 +41,9 @@ ifeq ($(BR2_PACKAGE_REFPOLICY_UPSTREAM_VERSION),y)
 
 # Allow to provide out-of-tree SELinux modules in addition to the ones
 # in the refpolicy.
-REFPOLICY_EXTRA_MODULES_DIRS = $(call qstrip,$(BR2_REFPOLICY_EXTRA_MODULES_DIRS))
+REFPOLICY_EXTRA_MODULES_DIRS = \
+	$(call qstrip,$(BR2_REFPOLICY_EXTRA_MODULES_DIRS)) \
+	$(PACKAGES_SELINUX_EXTRA_MODULES_DIRS)
 $(foreach dir,$(REFPOLICY_EXTRA_MODULES_DIRS),\
 	$(if $(wildcard $(dir)),,\
 		$(error BR2_REFPOLICY_EXTRA_MODULES_DIRS contains nonexistent directory $(dir))))