08d4c8fa6e
This commit adds fake 31.0 prebuilt. The prebuilt is based on AOSP policy, but slightly modified so the set of types and attributes is a subset of real 31.0 prebuilt (sc-dev policy). Steps taken to make the fake prebuilt: 1) build plat_sepolicy.cil both on AOSP and sc-dev, with lunch target aosp_arm64-eng. 2) diff both outputs to find out which types and attributes don't exist. 3) remove all relevant files and statements. As a result, the following types are removed. artd artd_exec artd_service power_stats_service transformer_service virtualizationservice virtualizationservice_data_file virtualizationservice_exec Bug: 189161483 Test: N/A, will do after adding 31.0 mapping files. Change-Id: Ia957fc32b1838dae730d9dd7bd917d684d4a24cf Merged-In: Ia4ea2999f4bc8ae80f13e51d99fba3e98e293447
27 lines
1 KiB
Text
27 lines
1 KiB
Text
# Label inodes via getxattr.
|
|
fs_use_xattr yaffs2 u:object_r:labeledfs:s0;
|
|
fs_use_xattr jffs2 u:object_r:labeledfs:s0;
|
|
fs_use_xattr ext2 u:object_r:labeledfs:s0;
|
|
fs_use_xattr ext3 u:object_r:labeledfs:s0;
|
|
fs_use_xattr ext4 u:object_r:labeledfs:s0;
|
|
fs_use_xattr xfs u:object_r:labeledfs:s0;
|
|
fs_use_xattr btrfs u:object_r:labeledfs:s0;
|
|
fs_use_xattr f2fs u:object_r:labeledfs:s0;
|
|
fs_use_xattr squashfs u:object_r:labeledfs:s0;
|
|
fs_use_xattr overlay u:object_r:labeledfs:s0;
|
|
fs_use_xattr erofs u:object_r:labeledfs:s0;
|
|
fs_use_xattr incremental-fs u:object_r:labeledfs:s0;
|
|
fs_use_xattr virtiofs u:object_r:labeledfs:s0;
|
|
|
|
# Label inodes from task label.
|
|
fs_use_task pipefs u:object_r:pipefs:s0;
|
|
fs_use_task sockfs u:object_r:sockfs:s0;
|
|
|
|
# Label inodes from combination of task label and fs label.
|
|
# Define type_transition rules if you want per-domain types.
|
|
fs_use_trans devpts u:object_r:devpts:s0;
|
|
fs_use_trans tmpfs u:object_r:tmpfs:s0;
|
|
fs_use_trans devtmpfs u:object_r:device:s0;
|
|
fs_use_trans shm u:object_r:shm:s0;
|
|
fs_use_trans mqueue u:object_r:mqueue:s0;
|
|
|