[go: nahoru, domu]
Google Git
Sign in
android / device / google / bonito-sepolicy / 1c099ce5d5a0f51944e98a164471270a83c7909b^1..1c099ce5d5a0f51944e98a164471270a83c7909b / .
commit1c099ce5d5a0f51944e98a164471270a83c7909b[log] [tgz]
authorAlan Stokes <alanstokes@google.com>Tue Oct 27 12:05:25 2020 +0000
committerAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>Tue Oct 27 12:05:25 2020 +0000
tree30acff8530e3fc705b6e5b5fa98629e045d7cf3e
parentd5e0b338581d04863d1532008b4d39bdad3a64ea [diff]
parent5614363db9616cd1ce170c2f1057d28faeac3695 [diff]
Remove levelFrom=none from vendor apps. am: d5ba804602 am: 07207d6436 am: 5614363db9

Original change: https://android-review.googlesource.com/c/device/google/bonito-sepolicy/+/1471866

Change-Id: I98a3f5b05b456dfaa8fed50aaa28e537f0c0a31c

diff --git a/vendor/qcom/common/seapp_contexts b/vendor/qcom/common/seapp_contexts
index f3c98c7..48c9b4f 100644
--- a/vendor/qcom/common/seapp_contexts
+++ b/vendor/qcom/common/seapp_contexts

@@ -1,4 +1,4 @@
-user=system seinfo=platform name=com.google.SSRestartDetector domain=ssr_detector_app type=system_app_data_file
+user=system seinfo=platform name=com.google.SSRestartDetector domain=ssr_detector_app type=system_app_data_file levelFrom=user
 user=_app seinfo=platform name=com.android.pixellogger domain=logger_app type=app_data_file levelFrom=all
 user=_app seinfo=platform name=com.android.ramdump domain=ramdump_app type=app_data_file levelFrom=all
 
@@ -6,7 +6,7 @@
 
 #Add new domain for DataServices
 # Domain for CNEService , uceShimService and other connectivity services
-user=radio seinfo=platform name=.dataservices domain=dataservice_app type=radio_data_file
+user=radio seinfo=platform name=.dataservices domain=dataservice_app type=radio_data_file levelFrom=user
 
 # The default domain for tango_core process
 user=_app seinfo=tango name=com.google.tango domain=tango_core type=app_data_file levelFrom=user
@@ -22,7 +22,7 @@
 user=_app seinfo=google name=com.google.android.GoogleCamera domain=google_camera_app type=app_data_file levelFrom=user
 
 #Needed for time service apk
-user=_app seinfo=platform name=com.qualcomm.timeservice domain=timeservice_app type=app_data_file
+user=_app seinfo=platform name=com.qualcomm.timeservice domain=timeservice_app type=app_data_file levelFrom=all
 
 # Domain for easelservice app
 user=_app seinfo=easel name=com.google.android.imaging.easel.service domain=easelservice_app type=app_data_file levelFrom=user
@@ -35,4 +35,4 @@
 
 user=_app seinfo=platform name=com.qualcomm.qti.services.secureui* domain=secure_ui_service_app levelFrom=all
 
-user=radio isPrivApp=true seinfo=platform name=com.google.RilConfigService domain=ril_config_service_app type=app_data_file
+user=radio isPrivApp=true seinfo=platform name=com.google.RilConfigService domain=ril_config_service_app type=app_data_file levelFrom=all

diff --git a/vendor/qcom/common/time_daemon.te b/vendor/qcom/common/time_daemon.te
index d97cdbb..f0aa0e5 100644
--- a/vendor/qcom/common/time_daemon.te
+++ b/vendor/qcom/common/time_daemon.te

@@ -1,4 +1,4 @@
-type time_daemon, domain;
+type time_daemon, domain, mlstrustedsubject;
 type time_daemon_exec, exec_type, vendor_file_type, file_type;
 
 init_daemon_domain(time_daemon)