tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/tests
History
Alan Stokes 668e74f6f4 Exempt app_data_file_type from neverallow rules. 
We need to be able to access app data files from core domains such as
installd even for vendor apps. Those file types should not be
core_data_file_type, so we explicitly exempty app_data_file_type as
well as core_data_file_type from the relevant neverallows.

To prevent misuse of the attribute, add a test to check it is not
applied to anything in file_contexts. Exempt the existing violators in
system policy for now.

Test: Builds
Test: Adding a type with just "file_type, data_file_type, app_data_file_type" works
Test: New test successfully catches  violators.
Bug: 171795911
Change-Id: I07bf3ec3db615f8b7a33d8235da5e6d8e2508975
2020-11-12 18:08:18 +00:00
..
include Assert types labeled in genfs_contexts have correct attributes 2018-03-23 14:34:46 -07:00
Android.bp Fix sepolicy_tests on Mac 10.15 2019-11-23 17:45:01 -08:00
combine_maps.py sepolicy: don't construct mappings for ignored types 2020-01-08 08:53:27 -08:00
fc_sort.py fc_sort: delete c version, migrate to python version 2019-04-11 10:19:16 -07:00
mini_parser.py Only maintain maps between current and previous selinux versions. 2018-10-02 15:10:13 -07:00
policy.py Exempt app_data_file_type from neverallow rules. 2020-11-12 18:08:18 +00:00
searchpolicy.py Sync internal master and AOSP sepolicy. 2017-09-26 14:38:47 -07:00
sepol_wrap.cpp gracefully handle hashtab_search failures 2018-09-26 14:28:44 -07:00
sepolicy_tests.py Exempt app_data_file_type from neverallow rules. 2020-11-12 18:08:18 +00:00
treble_sepolicy_tests.py Remove binder_in_vendor_violators. 2020-08-27 00:00:35 +00:00