From 03ccac0e75e4793a419e488d2047bded6eaf593a Mon Sep 17 00:00:00 2001
From: Jiyong Park <jiyong@google.com>
Date: Sat, 10 Nov 2018 06:51:49 +0900
Subject: [PATCH] Move file_contexts for APEXes to under /system/sepolicy

For centralized development of sepolices, file_contexts files for APEXes
are all moved to under /system/seplicy.

Bug: 119034475
Bug: 113373927
Test: m apex.test com.android.tzdata com.android.runtime com.android.media
Change-Id: I9bf4874793db4dbdb75cbd759ae95f72d7281007
---
 apex/apex.test_file_contexts           |  2 ++
 apex/com.android.media_file_contexts   |  3 +++
 apex/com.android.runtime_file_contexts | 13 +++++++++++++
 apex/com.android.tzdata_file_contexts  |  5 +++++
 4 files changed, 23 insertions(+)
 create mode 100644 apex/apex.test_file_contexts
 create mode 100644 apex/com.android.media_file_contexts
 create mode 100644 apex/com.android.runtime_file_contexts
 create mode 100644 apex/com.android.tzdata_file_contexts

diff --git a/apex/apex.test_file_contexts b/apex/apex.test_file_contexts
new file mode 100644
index 000000000..bd71a2ac8
--- /dev/null
+++ b/apex/apex.test_file_contexts
@@ -0,0 +1,2 @@
+/manifest\.json   u:object_r:system_file:s0
+(/.*)?            u:object_r:system_file:s0
diff --git a/apex/com.android.media_file_contexts b/apex/com.android.media_file_contexts
new file mode 100644
index 000000000..7dd840b3b
--- /dev/null
+++ b/apex/com.android.media_file_contexts
@@ -0,0 +1,3 @@
+(/.*)?                u:object_r:system_file:s0
+/manifest\.json   u:object_r:system_file:s0
+/lib(64)?(/.*)  u:object_r:system_lib_file:s0
diff --git a/apex/com.android.runtime_file_contexts b/apex/com.android.runtime_file_contexts
new file mode 100644
index 000000000..4d0df809e
--- /dev/null
+++ b/apex/com.android.runtime_file_contexts
@@ -0,0 +1,13 @@
+#############################
+# APEX module manifest.
+#
+/manifest\.json          u:object_r:system_file:s0
+
+#############################
+# System files
+#
+(/.*)?                   u:object_r:system_file:s0
+/bin/dex2oat(d)?         u:object_r:dex2oat_exec:s0
+/bin/dexoptanalyzer(d)?  u:object_r:dexoptanalyzer_exec:s0
+/bin/profman(d)?         u:object_r:profman_exec:s0
+/lib(64)?(/.*)?          u:object_r:system_lib_file:s0
diff --git a/apex/com.android.tzdata_file_contexts b/apex/com.android.tzdata_file_contexts
new file mode 100644
index 000000000..6ec4a0adb
--- /dev/null
+++ b/apex/com.android.tzdata_file_contexts
@@ -0,0 +1,5 @@
+/manifest\.json          u:object_r:system_file:s0
+
+(/.*)?                   u:object_r:system_file:s0
+/etc(/.*)?               u:object_r:system_zoneinfo_file:s0
+
-- 
GitLab