Merge "Revert^2 "Introduce sdk_sandbox_audit SELinux domain"" into android14-tests-dev am: 2f98237c4d

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2836555

Change-Id: Iffd388a421177b61186f4a7b6e6076313206fd36
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

private/seapp_contexts

@@ -56,6 +56,12 @@
 # as the current dessert release, with additional auditing rules for the accesses
 # we are considering forbidding in the upcoming release.
 #
+# The sdk_sandbox_next and sdk_sandbox_audit domains are special domains for the
+# SDK sandbox process. sdk_sandbox_next defines the set of restrictions proposed
+# for the upcoming dessert release. sdk_sandbox_audit uses the same restrictions
+# as the current dessert release, with additional auditing rules for the accesses
+# we are considering forbidding in the upcoming release.
+#
 # isSdkSandboxNext=true means sdk sandbox processes will get
 # sdk_sandbox_next sepolicy applied to them.
 # An unspecified isSdkSandboxNext defaults to false.
@@ -64,6 +70,10 @@
 # sdk_sandbox_audit sepolicy applied to them.
 # An unspecified isSdkSandboxAudit defaults to false.
 #
+# isSdkSandboxAudit=true means sdk sandbox processes will get
+# sdk_sandbox_audit sepolicy applied to them.
+# An unspecified isSdkSandboxAudit defaults to false.
+#
 # Precedence: entries are compared using the following rules, in the order shown
 # (see external/selinux/libselinux/src/android/android_platform.c,
 # seapp_context_cmp()).