From cc7b72e9555953d5642bf5fdf950be2f8aa77e89 Mon Sep 17 00:00:00 2001
From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Wed, 12 Mar 2014 09:40:43 -0400
Subject: [PATCH] Add inline documentation for mac_permissions.xml.

Copied from our tree, adjusted to note relationship to keys.conf
and to be consistent with the AOSP implementation.

Change-Id: I09ba86d4c9a1b11a8865890e11283456ea2ffbcf
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
---
 mac_permissions.xml | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/mac_permissions.xml b/mac_permissions.xml
index a1368332a..f9f631bac 100644
--- a/mac_permissions.xml
+++ b/mac_permissions.xml
@@ -1,6 +1,26 @@
 <?xml version="1.0" encoding="utf-8"?>
 <policy>
 
+<!--
+
+    * A signature is a hex encoded X.509 certificate or a tag defined in
+      keys.conf and is required for each signer tag.
+    * A signer tag may contain a seinfo tag and multiple package stanzas.
+    * A default tag is allowed that can contain policy for all apps not signed with a
+      previously listed cert. It may not contain any inner package stanzas.
+    * Each signer/default/package tag is allowed to contain one seinfo tag. This tag
+      represents additional info that each app can use in setting a SELinux security
+      context on the eventual process.
+    * When a package is installed the following logic is used to determine what seinfo
+      value, if any, is assigned.
+      - All signatures used to sign the app are checked first.
+      - If a signer stanza has inner package stanzas, those stanza will be checked
+        to try and match the package name of the app. If the package name matches
+        then that seinfo tag is used. If no inner package matches then the outer
+        seinfo tag is assigned.
+      - The default tag is consulted last if needed.
+-->
+
     <!-- Platform dev key in AOSP -->
     <signer signature="@PLATFORM" >
       <seinfo value="platform" />
-- 
GitLab