tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
33613 commits 1 branch 0 tags 50 MiB
Commit graph

3 commits

Author SHA1 Message Date
Alan Stokes
d376e2041f Initial sepolicy for composd 
Add what we need to allow composd to run and expose an AIDL service.

Also delete the policy for compsvc; we never access it in the host
now, and the real policy is in microdroid. Retain the compos_exec
type, since it is referenced in the APEX sepolicy.

Bug: 186126194
Test: adb shell cmd -w android.system.composd; no denials.
Change-Id: I5f06b2b01852cdebd2d67009b363ec08b17ce33a
 2021-09-13 10:33:53 +01:00
Alan Stokes
80bb558584 Remove compos_key_cmd from policy 
It's a test tool which is generally run as root, and will be deleted
eventually. It doesn't need its own label; system_file works fine.

We never actually allowed it anything, nor defined a transition into
the domain.

Bug: 194474784
Test: Device boots, no denials
Test: compos_key_cmd run from root works
Change-Id: If118798086dae2faadeda658bc02b6eb6e6bf606
 2021-07-28 14:36:50 +01:00
Inseob Kim
7560aed40a Add domain for compos binaries 
Bug: 191263171
Test: atest MicrodroidHostTestCases
Test: atest ComposHostTestCases
Change-Id: I1fd35d0efe83d2cecaa41580e6d1d0b8f6242b3f
 2021-07-23 06:01:39 +00:00