3e8dbf01ef
app_domain was split up in commit:2e00e6373fto enable compilation by hiding type_transition rules from public policy. These rules need to be hidden from public policy because they describe how objects are labeled, of which non-platform should be unaware. Instead of cutting apart the app_domain macro, which non-platform policy may rely on for implementing new app types, move all app_domain calls to private policy. (cherry-pick of commit:76035ea019) Bug: 33428593 Test: bullhead and sailfish both boot. sediff shows no policy change. Change-Id: I4beead8ccc9b6e13c6348da98bb575756f539665
3 lines
162 B
Text
3 lines
162 B
Text
# The shared relro process is a Java program forked from the zygote, so it
|
|
# inherits from app to get basic permissions it needs to run.
|
|
app_domain(shared_relro)
|