Remove levelFrom=none from vendor apps.
(This is the same as https://r.android.com/1458479, for
crosshatch-sepolicy, but with minor modifications due to different
base policy. I've checked again that these changes should be safe with
the local sepolicy and updated the explanation below.)
Set levelFrom=user or levelFrom=all explicitly on the apps that were
implicitly using levelFrom=none before. This provides better isolation
for app data files and unblocks future policy changes.
These changes should be safe even if the apps create files with
their new level:
- ssr_detector_app has write access to system_app_data_file and
cgroup, but they are mlstrustedobject.
- data_service_app has write access to radio_data_file, but it is
mlstrustedobject.
- ril_config_service_app has write access to radio_vendor_data_file,
but it is mlstrustedobject.
- timeservice_app connects to time_daemon:unix_stream_socket, which we
make mlstrustedsubject.
Test: presubmits
Bug: 170622707
Change-Id: I983b79da1c1eca0906f442d9447df0db2cb494d7
2 files changed