From db5962cef514ad2cc49a56a3523659784f08fce2 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Wed, 26 Apr 2017 16:14:40 -0700
Subject: [PATCH] Add untrusted_v2_app to all_untrusted_apps

This was accidentally omitted from all_untrusted_app

While I'm here, split across mutiple lines and alphabetize.

Test: policy compiles.
Change-Id: I7fe1d1d0a4ef2ed3ab010931ee2ba15637c2be51
---
 private/app_neverallows.te | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/private/app_neverallows.te b/private/app_neverallows.te
index 6470b0ef5..dfaee86e1 100644
--- a/private/app_neverallows.te
+++ b/private/app_neverallows.te
@@ -5,7 +5,15 @@
 # Only allow domains in AOSP to use the untrusted_app_all attribute.
 neverallow { untrusted_app_all -untrusted_app -untrusted_app_25 } domain:process fork;
 
-define(`all_untrusted_apps',`{ untrusted_app_all untrusted_app_25 untrusted_app ephemeral_app isolated_app mediaprovider }')
+define(`all_untrusted_apps',`{
+  ephemeral_app
+  isolated_app
+  mediaprovider
+  untrusted_app
+  untrusted_app_25
+  untrusted_app_all
+  untrusted_v2_app
+}')
 # Receive or send uevent messages.
 neverallow all_untrusted_apps domain:netlink_kobject_uevent_socket *;
 
-- 
GitLab