Skip to content
Snippets Groups Projects
Commit 8b562206 authored by kaichieh's avatar kaichieh Committed by Bowgo Tsai
Browse files

Renames nonplat_* to vendor_* 

This change renames the non-platform sepolicy files on a DUT from
nonplat_* to vendor_*.

It also splits the versioned platform sepolicy from vendor_sepolicy.cil
to a new file /vendor/etc/selinux/plat_pub_versioned.cil. And only keeps
vendor customizations in vendor_sepolicy.cil.

Build variable BOARD_SEPOLICY_DIRS is also renamed to
BOARD_VENDOR_SEPOLICY_DIRS.

Bug: 64240127
Test: boot an existing device
Change-Id: I53a9715b2f9ddccd214f4cf9ef081ac426721612
parent 07131ec8
No related branches found
No related tags found
No related merge requests found
Expand all Hide whitespace changes
Inline Side-by-side
Android.mk
+ 166
122
View file @ 8b562206
This diff is collapsed.
CleanSpec.mk
+ 9
0
View file @ 8b562206
...@@ -74,3 +74,12 @@ $(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/selinux/mapping_sepolicy ...@@ -74,3 +74,12 @@ $(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/selinux/mapping_sepolicy
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/vendor/etc/selinux/nonplat_service_contexts) $(call add-clean-step, rm -rf $(PRODUCT_OUT)/vendor/etc/selinux/nonplat_service_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/ETC/nonplat_service_contexts_intermediates) $(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/ETC/nonplat_service_contexts_intermediates)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/NOTICE_FILES/src/vendor/etc/selinux/nonplat_service_contexts.txt) $(call add-clean-step, rm -rf $(PRODUCT_OUT)/obj/NOTICE_FILES/src/vendor/etc/selinux/nonplat_service_contexts.txt)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_sepolicy.cil)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_file_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_hwservice_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_mac_permissions.xml)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_property_contexts)
$(call add-clean-step, rm -rf $(TARGET_OUT_VENDOR)/etc/selinux/nonplat_seapp_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/nonplat_file_contexts)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/nonplat_property_contexts)
private/file_contexts
+ 13
0
View file @ 8b562206
...@@ -38,20 +38,25 @@ ...@@ -38,20 +38,25 @@
# SELinux policy files # SELinux policy files
/nonplat_file_contexts u:object_r:file_contexts_file:s0 /nonplat_file_contexts u:object_r:file_contexts_file:s0
/vendor_file_contexts u:object_r:file_contexts_file:s0
/plat_file_contexts u:object_r:file_contexts_file:s0 /plat_file_contexts u:object_r:file_contexts_file:s0
/mapping_sepolicy\.cil u:object_r:sepolicy_file:s0 /mapping_sepolicy\.cil u:object_r:sepolicy_file:s0
/nonplat_sepolicy\.cil u:object_r:sepolicy_file:s0 /nonplat_sepolicy\.cil u:object_r:sepolicy_file:s0
/plat_sepolicy\.cil u:object_r:sepolicy_file:s0 /plat_sepolicy\.cil u:object_r:sepolicy_file:s0
/plat_property_contexts u:object_r:property_contexts_file:s0 /plat_property_contexts u:object_r:property_contexts_file:s0
/nonplat_property_contexts u:object_r:property_contexts_file:s0 /nonplat_property_contexts u:object_r:property_contexts_file:s0
/vendor_property_contexts u:object_r:property_contexts_file:s0
/seapp_contexts u:object_r:seapp_contexts_file:s0 /seapp_contexts u:object_r:seapp_contexts_file:s0
/nonplat_seapp_contexts u:object_r:seapp_contexts_file:s0 /nonplat_seapp_contexts u:object_r:seapp_contexts_file:s0
/vendor_seapp_contexts u:object_r:seapp_contexts_file:s0
/plat_seapp_contexts u:object_r:seapp_contexts_file:s0 /plat_seapp_contexts u:object_r:seapp_contexts_file:s0
/sepolicy u:object_r:sepolicy_file:s0 /sepolicy u:object_r:sepolicy_file:s0
/plat_service_contexts u:object_r:service_contexts_file:s0 /plat_service_contexts u:object_r:service_contexts_file:s0
/plat_hwservice_contexts u:object_r:hwservice_contexts_file:s0 /plat_hwservice_contexts u:object_r:hwservice_contexts_file:s0
/nonplat_service_contexts u:object_r:nonplat_service_contexts_file:s0 /nonplat_service_contexts u:object_r:nonplat_service_contexts_file:s0
/vendor_service_contexts u:object_r:service_contexts_file:s0
/nonplat_hwservice_contexts u:object_r:hwservice_contexts_file:s0 /nonplat_hwservice_contexts u:object_r:hwservice_contexts_file:s0
/vendor_hwservice_contexts u:object_r:hwservice_contexts_file:s0
/vndservice_contexts u:object_r:vndservice_contexts_file:s0 /vndservice_contexts u:object_r:vndservice_contexts_file:s0
########################## ##########################
...@@ -305,9 +310,17 @@ ...@@ -305,9 +310,17 @@
/vendor/etc/selinux/nonplat_file_contexts u:object_r:file_contexts_file:s0 /vendor/etc/selinux/nonplat_file_contexts u:object_r:file_contexts_file:s0
/vendor/etc/selinux/nonplat_seapp_contexts u:object_r:seapp_contexts_file:s0 /vendor/etc/selinux/nonplat_seapp_contexts u:object_r:seapp_contexts_file:s0
/vendor/etc/selinux/nonplat_sepolicy.cil u:object_r:sepolicy_file:s0 /vendor/etc/selinux/nonplat_sepolicy.cil u:object_r:sepolicy_file:s0
/vendor/etc/selinux/vendor_mac_permissions.xml u:object_r:mac_perms_file:s0
/vendor/etc/selinux/vendor_property_contexts u:object_r:property_contexts_file:s0
/vendor/etc/selinux/vendor_service_contexts u:object_r:service_contexts_file:s0
/vendor/etc/selinux/vendor_hwservice_contexts u:object_r:hwservice_contexts_file:s0
/vendor/etc/selinux/vendor_file_contexts u:object_r:file_contexts_file:s0
/vendor/etc/selinux/vendor_seapp_contexts u:object_r:seapp_contexts_file:s0
/vendor/etc/selinux/vendor_sepolicy.cil u:object_r:sepolicy_file:s0
/vendor/etc/selinux/precompiled_sepolicy u:object_r:sepolicy_file:s0 /vendor/etc/selinux/precompiled_sepolicy u:object_r:sepolicy_file:s0
/vendor/etc/selinux/precompiled_sepolicy\.plat_and_mapping\.sha256 u:object_r:sepolicy_file:s0 /vendor/etc/selinux/precompiled_sepolicy\.plat_and_mapping\.sha256 u:object_r:sepolicy_file:s0
/vendor/etc/selinux/vndservice_contexts u:object_r:vndservice_contexts_file:s0 /vendor/etc/selinux/vndservice_contexts u:object_r:vndservice_contexts_file:s0
/vendor/etc/selinux/plat_pub_versioned.cil u:object_r:sepolicy_file:s0
############################# #############################
# OEM and ODM files # OEM and ODM files
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment