Merge changes from topic "b163478173-I"
* changes: Rem /vendor app neverallow to get vendor services sepolicy: remove hal_light_severice exception
This commit is contained in:
Steven Moreland
Gerrit Code Review
commit
eacff783ee
1 changed files with 5 additions and 2 deletions
|
|
@ -661,18 +661,21 @@ full_treble_only(`
|
|||
full_treble_only(`
|
||||
# Vendor apps are permited to use only stable public services. If they were to use arbitrary
|
||||
# services which can change any time framework/core is updated, breakage is likely.
|
||||
#
|
||||
# Note, this same logic applies to untrusted apps, but neverallows for these are separate.
|
||||
neverallow {
|
||||
appdomain
|
||||
-coredomain
|
||||
} {
|
||||
service_manager_type
|
||||
|
||||
-app_api_service
|
||||
-vendor_service # must be @VintfStability to be used by an app
|
||||
-ephemeral_app_api_service
|
||||
|
||||
-audioserver_service # TODO(b/36783122) remove exemptions below once app_api_service is fixed
|
||||
-cameraserver_service
|
||||
-hal_gnss_service # TODO(b/169256910) remove once all violators are gone
|
||||
-drmserver_service
|
||||
-hal_light_service # TODO(b/148154485) remove once all violators are gone
|
||||
-credstore_service
|
||||
-keystore_service
|
||||
-mediadrmserver_service
|
||||
|
|
|
|||
Loading…
Reference in a new issue