be3db7b7ae
We want various per-user directories to have their SELinux MLS level set to restrict access from other users, as an improvement to user isolation. We extend vold_prepare_subdirs to implement this if a flag is set. vold itself then sets the flag based on a new property, ro.vold.level_from_user. This is to allow testing of further incremental work to ensure system apps correctly handle the new restriction on different devices rather than causing immediate breakage. Eventually this will go away and the restriction will apply everywhere. Bug: 141677108 Test: Manual, with and without propery set. Change-Id: I8e2207bd94b487bdcc09fd4d80b031027dfea1e3 |
||
|---|---|---|
| .. | ||
| IVold.aidl | ||
| IVoldListener.aidl | ||
| IVoldMountCallback.aidl | ||
| IVoldTaskListener.aidl | ||