tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/public/app.te

14 lines
539 B
Text
Raw Normal View History

app: move appdomain to public policy Vendor-specific app domains depend on the rules in app.te so they must reside in public policy. Bug: 70517907 Test: build Change-Id: If45557a5732a06f78c752779a8182e053beb25a2 Merged-In: If45557a5732a06f78c752779a8182e053beb25a2 (cherry picked from commit 1f4cab8bd460f2d7a943c5ac5f8f4c77e9d58fcd)
2017-12-19 17:19:52 +01:00
###
### Domain for all zygote spawned apps
###
### This file is the base policy for all zygote spawned apps.
### Other policy files, such as isolated_app.te, untrusted_app.te, etc
### extend from this policy. Only policies which should apply to ALL
### zygote spawned apps should be added here.
###
Initial selinux policy support for memfd Move all app tmpfs types to appdomain_tmpfs. These are still protected by mls categories and DAC. TODO clean up other app tmpfs types in a separate change. Treble-ize tmpfs passing between graphics composer HAL and surfaceflinger. Bug: 122854450 Test: boot Blueline with memfd enabled. Change-Id: Ib98aaba062f10972af6ae80fb85b7a0f60a32eee
2019-01-29 23:43:45 +01:00
type appdomain_tmpfs, file_type;
Add "DO NOT ADD statements" comments to public For visibility Bug: 232023812 Test: N/A Change-Id: I0bc6dc568210b81ba1f52acb18afd4bcc454ea1c
2024-03-28 02:37:28 +01:00
# system/sepolicy/public is for vendor-facing type and attribute definitions.
# DO NOT ADD allow, neverallow, or dontaudit statements here.
# Instead, add such policy rules to system/sepolicy/private/*.te.
Reference in a new issue Copy permalink