Remove levelFrom=none from vendor apps.
(This is the same as https://r.android.com/1458479, for
crosshatch-sepolicy, but with minor modifications due to different
base policy. I've checked again that these changes should be safe with
the local sepolicy and updated the explanation below.)
Set levelFrom=user or levelFrom=all explicitly on the apps that were
implicitly using levelFrom=none before. This provides better isolation
for app data files and unblocks future policy changes.
These changes should be safe even if the apps create files with
their new level:
- ssr_detector_app has write access to system_app_data_file and
cgroup, but they are mlstrustedobject.
- data_service_app has write access to system_app_data_file, but it is
mlstrustedobject.
- ril_config_service_app has write access to vendor_radio_data_file,
but it is mlstrustedobject.
- timeservice_app connects to time_daemon:unix_stream_socket, but it
is mlstrustedsubject.
Test: presubmits
Bug: 170622707
Change-Id: I70e0c6f43bd50dc7933e39f123f1232d9b4c6fa1
2 files changed