42 lines
1.7 KiB
Text
42 lines
1.7 KiB
Text
|
This fork of Android differs in the following ways:
|
||
|
- README.android
|
||
|
- All Android.mk and Android.bp files
|
||
|
- ALL MODULE_LICENSE_* files
|
||
|
- libselinux/include/selinux/android.h
|
||
|
- libselinux/src/android/android.c
|
||
|
|
||
|
All other changes should be upstreamed to selinux as
|
||
|
Android no longer carries changes outside of those files.
|
||
|
|
||
|
The upstream project can be found at:
|
||
|
https://github.com/SELinuxProject/selinux
|
||
|
|
||
|
Thus, since all changes are in separate files, updates merged from
|
||
|
upstream should occur with no merge conflicts.
|
||
|
|
||
|
This fork differs from upstream libselinux in at least the following ways:
|
||
|
|
||
|
* The Android fork omits compiling many of the src files and specifies
|
||
|
custom build configurations. The exact details, are encoded in the
|
||
|
Android.bp and Android.mk files.
|
||
|
|
||
|
* The SELinux policy files are all located in / rather than under
|
||
|
/etc/selinux since /etc is not available in Android until /system
|
||
|
is mounted and use fixed paths, not dependent on /etc/selinux/config.
|
||
|
|
||
|
* The kernel policy file (sepolicy in Android, policy.N in Linux) does
|
||
|
not include a version suffix since Android does not need to support
|
||
|
booting multiple kernels.
|
||
|
|
||
|
* The policy loading logic does not support automatic downgrading of
|
||
|
the kernel policy file to a version known to the kernel, since this
|
||
|
requires libsepol on the device and is only needed to support mixing
|
||
|
and matching kernels and userspace easily.
|
||
|
|
||
|
* restorecon functionality, including recursive restorecon, has been
|
||
|
been upstreamed as selinux_restorecon(), but there are residual
|
||
|
differences between it and selinux_android_restorecon().
|
||
|
|
||
|
* Support for seapp_contexts, a new Android-specific SELinux
|
||
|
configuration file has been added within android.c.
|