Commit graph

1 commit

Author SHA1 Message Date
Bowgo Tsai
8a86424e34 Copying platform seinfo into vendor partition
Some vendor apps are using platform key for signing.
This moves them to untrusted_app domain when the system partition is
switched to a Generic System Image (GSI), because the value of
platform's seinfo in /system/etc/selinux/plat_mac_permissions.xml
has been changed.

Duplicating the device-specific platform seinfo into
/vendor/etc/selinux/vendor_mac_permissions.xml to make it
self-contained within the vendor partition.

Bug: 157141777
Test: boot the device with a GSI, then `adb shell ps -eZ | grep qtidata`
Test: ./build/make/tools/releasetools/sign_target_files_apks \
      --default_key_mappings path/to/keydir \
      -o out/dist/<lunch>-target_files-*.zip \
      signed-tardis-target_files.zip and checks the platform seinfo in
      /vendor/etc/selinux/vendor_mac_permissions.xml is replaced.

Change-Id: Ic9a79780e30f456138e4de67210cc60ac2e490d6
2020-06-03 17:46:07 +08:00