Merge "Revert^2 "Start tracking vendor seapp coredomain violations"" into main am: 5d94d75e38

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2752267

Change-Id: Ic7857eca04d3ad375735f9676b0cf17d1c667849
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

public/attributes

@@ -300,6 +300,11 @@ expandattribute untrusted_app_visible_hwservice_violators false;
 attribute untrusted_app_visible_halserver_violators;
 expandattribute untrusted_app_visible_halserver_violators false;
 
+# All system domains which are assignable with vendor's seapp_contexts files.
+# TODO(b/280547417): Remove this once there are no violations
+attribute vendor_seapp_assigns_coredomain_violators;
+expandattribute vendor_seapp_assigns_coredomain_violators false;
+
 # PDX services
 attribute pdx_endpoint_dir_type;
 attribute pdx_endpoint_socket_type;

tools/check_seapp.c

@@ -22,6 +22,7 @@
 
 #define APP_DATA_REQUIRED_ATTRIB "app_data_file_type"
 #define COREDOMAIN "coredomain"
+#define VENDOR_SEAPP_ASSIGNS_COREDOMAIN_VIOLATORS "vendor_seapp_assigns_coredomain_violators"
 
 /**
  * Initializes an empty, static list.
@@ -449,7 +450,13 @@ static bool validate_domain(char *value, const char *filename, int lineno, char
 			return false;
 		}
 
-		if (type_has_attribute(pol.db, type_dat, attrib_dat)) {
+		type_datum_t *attrib_violators = find_type(pol.db,
+												   VENDOR_SEAPP_ASSIGNS_COREDOMAIN_VIOLATORS,
+												   TYPE_ATTRIB);
+		bool allowlisted = attrib_violators != NULL &&
+				type_has_attribute(pol.db, type_dat, attrib_violators);
+
+		if (type_has_attribute(pol.db, type_dat, attrib_dat) && !allowlisted) {
 			coredomain_violation_entry *entry = (coredomain_violation_entry *)malloc(sizeof(*entry));
 			entry->domain = strdup(value);
 			entry->filename = strdup(filename);