Change directory name
external/sepolicy was renamed system/sepolicy
Change-Id: I6fb858ea2d12f23840e4fc05ed7e2437f65cb6c8
diff --git a/src/compatibility/android-cdd.html b/src/compatibility/android-cdd.html
index 8852a4e..63db045 100644
--- a/src/compatibility/android-cdd.html
+++ b/src/compatibility/android-cdd.html
@@ -5271,13 +5271,13 @@
<li>MUST configure all domains in enforcing mode. No permissive mode domains
are allowed, including domains specific to a device/vendor.</li>
<li>MUST NOT modify, omit, or replace the neverallow rules present within the
- external/sepolicy folder provided in the upstream Android Open Source Project
+ system/sepolicy folder provided in the upstream Android Open Source Project
(AOSP) and the policy MUST compile with all neverallow rules present, for both
AOSP SELinux domains as well as device/vendor specific domains.</li>
</ul>
<p>Device implementations SHOULD retain the default SELinux policy provided in
-the external/sepolicy folder of the upstream Android Open Source Project and
+the system/sepolicy folder of the upstream Android Open Source Project and
only further add to this policy for their own device-specific configuration.
Device implementations MUST be compatible with the upstream Android Open Source
Project.</p>
diff --git a/src/security/selinux/concepts.jd b/src/security/selinux/concepts.jd
index 1958474..0ea2ed4 100644
--- a/src/security/selinux/concepts.jd
+++ b/src/security/selinux/concepts.jd
@@ -122,7 +122,7 @@
<p>This says that all application domains are allowed to read and write files labeled
app_data_file. Note that this rule relies upon macros defined in the
global_macros file, and other helpful macros can also be found in the te_macros
-file, both of which can be found in the <a href="https://android.googlesource.com/platform/external/sepolicy/">external/sepolicy</a> directory in the AOSP source tree. Macros are provided for common groupings of classes, permissions and
+file, both of which can be found in the <a href="https://android.googlesource.com/platform/system/sepolicy/">system/sepolicy</a> directory in the AOSP source tree. Macros are provided for common groupings of classes, permissions and
rules, and should be used whenever possible to help reduce the likelihood of
failures due to denials on related permissions.</p>
diff --git a/src/security/selinux/validate.jd b/src/security/selinux/validate.jd
index 34199f5..339628d 100644
--- a/src/security/selinux/validate.jd
+++ b/src/security/selinux/validate.jd
@@ -34,7 +34,7 @@
<p>This will print the global SELinux mode: either Disabled, Enforcing, or
Permissive. Please note, this command shows only the global SELinux mode. To
determine the SELinux mode for each domain, you must examine the corresponding
-files or run the latest version of <code>sepolicy-analyze</code> with the appropriate (-p) flag, present in /platform/external/sepolicy/tools/.</p>
+files or run the latest version of <code>sepolicy-analyze</code> with the appropriate (-p) flag, present in /platform/system/sepolicy/tools/.</p>
<h2 id=reading_denials>Reading denials</h2>
