platform_system_sepolicy/vendor/keys.conf

20 lines
926 B
Text
Raw Normal View History

#
# Maps an arbitrary tag [TAGNAME] with the string contents found in
# TARGET_BUILD_VARIANT. Common convention is to start TAGNAME with an @ and
# name it after the base file name of the pem file.
#
# Each tag (section) then allows one to specify any string found in
# TARGET_BUILD_VARIANT. Typcially this is user, eng, and userdebug. Another
# option is to use ALL which will match ANY TARGET_BUILD_VARIANT string.
#
# Some vendor apps are using platform key for signing.
# This moves them to untrusted_app domain when the system partition is
# switched to a Generic System Image (GSI), because the value of platform's
# seinfo in /system/etc/selinux/plat_mac_permissions.xml has been changed.
# Duplicating the device-specific platform seinfo into
# /vendor/etc/selinux/vendor_mac_permissions.xml to make it self-contained
# within the vendor partition.
[@PLATFORM]
ALL : $DEFAULT_SYSTEM_DEV_CERTIFICATE/platform.x509.pem