Separate product_sepolicy.cil out of system sepolicy (75887dd5) · Commits · CodeLinaro / public-release-test / platform / system / sepolicy

Commit 75887dd5 authored 6 years ago by Tri Vo

Separate product_sepolicy.cil out of system sepolicy

Product-specific sepolicy will be installed into /product/etc/selinux/*.
This change separates out /product/etc/selinux/product_sepolicy.cil out
of system sepolicy.

This file is merged into precompiled_sepolicy at build-time. In case
precompiled_sepolicy can't be used (e.g. system-only-ota), init wll
merge this file with the rest of the sepolicy at runtime.

I left TODOs to separate other product-specific SELinux artifacts out of
system.

Bug: 119305624
Test: boot aosp_taimen with product_sepolicy.cil
Test: build selinux_policy for aosp_arm64; no product_sepolicy.cil
produced
Change-Id: Idb84a1c8ceb2de78f1460d954497c53fed08935f

parent d57789fd

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 109 additions and 23 deletions

Please register or to comment