3d85f1e116
seapp_contexts supports multiple boolean attributes: isPrivApp, isEphemeralApp, isIsolatedComputeApp, isSdkSandboxAudit, isSdkSandboxNext, fromRunAs. Each of these exists to support a specific labelling scenario from the framework. When a new predicate is required, an update to libselinux is also required. This change generically handles any attribute starting with "is" and maps it directly (case-insensitive) to the same seinfo field. It is assumed that only one of these is required at a time. An error is raised if seapp_contexts contains multiple is-selector within one rule. An error is raised if seinfo contains multiple is-selector. The order for comparison between seapp_contexts is altered: an entry with an is-selector will be prioritized over one with an unspecifed is-selector. This is not quite the previous order (e.g., isPrivApp < targetSdkVersion < fromRunAs), but it is understood that the previous order was not intentional and emerged from the incremental contributions to this library. The boolean info.isPreinstalledApp is replaced by checking the first byte of info.partition. Test: atest --host libselinux_test Bug: 307635909 Change-Id: Ice3b84870e3255f6d9357d9750acbe9691b45aad |
||
|---|---|---|
| .. | ||
| fuzzers | ||
| include | ||
| man | ||
| rust | ||
| src | ||
| utils | ||
| Android.bp | ||
| exported.map.txt | ||
| LICENSE | ||
| Makefile | ||
| MODULE_LICENSE_PUBLIC_DOMAIN | ||
| VERSION | ||