diff options
| author | Inseob Kim <inseob@google.com> | 2023-07-26 23:58:56 +0000 |
|---|---|---|
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2023-07-26 23:58:56 +0000 |
| commit | e10dde6f744144f4ef957e881e081d750f6d658c (patch) | |
| tree | 9f44618ef7a8a555eef29bc05ebad87224373edd | |
| parent | 3fa5cf25d66c3e80cd82396115333f03fb7bda16 (diff) | |
| download | redbull-sepolicy-e10dde6f744144f4ef957e881e081d750f6d658c.tar.gz | |
Reland "Move coredomain seapp contexts to system_ext"
This reverts commit 3fa5cf25d66c3e80cd82396115333f03fb7bda16.
Reason for revert: fixed boot test breakage
Change-Id: I38cd0f3a47a2b3abec09f9effb87b63422fe493a
| -rw-r--r-- | system_ext/private/seapp_contexts | 24 | ||||
| -rw-r--r-- | vendor/google/seapp_contexts | 18 | ||||
| -rw-r--r-- | vendor/qcom/common/seapp_contexts | 3 | ||||
| -rw-r--r-- | vendor/verizon/seapp_contexts | 3 |
4 files changed, 24 insertions, 24 deletions
diff --git a/system_ext/private/seapp_contexts b/system_ext/private/seapp_contexts new file mode 100644 index 0000000..934937f --- /dev/null +++ b/system_ext/private/seapp_contexts @@ -0,0 +1,24 @@ +# Use a custom domain for GoogleCamera, to allow for Hexagon DSP access +user=_app seinfo=google name=com.google.android.GoogleCamera domain=google_camera_app type=app_data_file levelFrom=all + +# Also allow GoogleCameraNext, the dogfood beta version, the same access as GoogleCamera +user=_app seinfo=googlepulse name=com.google.android.apps.googlecamera.fishfood domain=google_camera_app type=app_data_file levelFrom=all + +# Domain for DeviceDropMonitor service +user=_app seinfo=platform name=com.google.android.devicedropmonitor domain=device_drop_monitor type=app_data_file levelFrom=all + +# Domain for Display +user=_app seinfo=platform name=com.android.hbmsvmanager domain=hbmsvmanager_app type=app_data_file levelFrom=all + +# Domain for IpHealthMonitor service +user=_app seinfo=platform name=com.google.android.iphealthmonitor domain=ip_health_monitor type=app_data_file levelFrom=all + +# Domain for UvExposureReporter service +user=_app isPrivApp=true name=com.google.android.uvexposurereporter domain=uv_exposure_reporter type=app_data_file levelFrom=all + +# Domain for connectivity monitor +user=_app isPrivApp=true seinfo=platform name=com.google.android.connectivitymonitor domain=con_monitor_app type=app_data_file levelFrom=all + +# Verizon for OBDM tool +user=_app seinfo=verizon name=com.verizon.obdm domain=obdm_app type=app_data_file levelFrom=all +user=_app seinfo=verizon name=com.verizon.obdm:background domain=obdm_app type=app_data_file levelFrom=all diff --git a/vendor/google/seapp_contexts b/vendor/google/seapp_contexts index feda6f8..680d4e6 100644 --- a/vendor/google/seapp_contexts +++ b/vendor/google/seapp_contexts @@ -11,24 +11,6 @@ user=_app seinfo=mds name=com.google.mds domain=modem_diagnostic_app type=app_da # Domain for GoogleCBRS app user=_app seinfo=platform name=com.google.googlecbrs domain=cbrs_setup_app type=app_data_file levelFrom=user -# Use a custom domain for GoogleCamera, to allow for Hexagon DSP access -user=_app seinfo=google name=com.google.android.GoogleCamera domain=google_camera_app type=app_data_file levelFrom=all - -# Also allow GoogleCameraNext, the dogfood beta version, the same access as GoogleCamera -user=_app seinfo=googlepulse name=com.google.android.apps.googlecamera.fishfood domain=google_camera_app type=app_data_file levelFrom=all - -# Domain for Display -user=_app seinfo=platform name=com.android.hbmsvmanager domain=hbmsvmanager_app type=app_data_file levelFrom=all - -# Domain for UvExposureReporter service -user=_app isPrivApp=true name=com.google.android.uvexposurereporter domain=uv_exposure_reporter type=app_data_file levelFrom=all - -# Domain for DeviceDropMonitor service -user=_app seinfo=platform name=com.google.android.devicedropmonitor domain=device_drop_monitor type=app_data_file levelFrom=all - -# Domain for IpHealthMonitor service -user=_app seinfo=platform name=com.google.android.iphealthmonitor domain=ip_health_monitor type=app_data_file levelFrom=all - # Domain for EuiccSupportPixel user=_app isPrivApp=true seinfo=EuiccSupportPixel name=com.google.euiccpixel domain=euiccpixel_app type=app_data_file levelFrom=all diff --git a/vendor/qcom/common/seapp_contexts b/vendor/qcom/common/seapp_contexts index b899748..7360124 100644 --- a/vendor/qcom/common/seapp_contexts +++ b/vendor/qcom/common/seapp_contexts @@ -9,9 +9,6 @@ user=radio isPrivApp=true seinfo=platform name=com.google.RilConfigService domai user=_app seinfo=platform name=.qtidataservices domain=qtidataservices_app type=app_data_file levelFrom=all -# Domain for connectivity monitor -user=_app isPrivApp=true seinfo=platform name=com.google.android.connectivitymonitor domain=con_monitor_app type=app_data_file levelFrom=all - #Domain for omadm user=_app isPrivApp=true seinfo=platform name=com.android.omadm.service domain=omadm_app type=app_data_file levelFrom=all diff --git a/vendor/verizon/seapp_contexts b/vendor/verizon/seapp_contexts deleted file mode 100644 index 951fef3..0000000 --- a/vendor/verizon/seapp_contexts +++ /dev/null @@ -1,3 +0,0 @@ -# Verizon for OBDM tool -user=_app seinfo=verizon name=com.verizon.obdm domain=obdm_app type=app_data_file levelFrom=all -user=_app seinfo=verizon name=com.verizon.obdm:background domain=obdm_app type=app_data_file levelFrom=all |