Google Git
Sign in
android / platform / external / sepolicy / bca98efa575bedab68f2d5eaee2cd1fd1741962b
commitbca98efa575bedab68f2d5eaee2cd1fd1741962b[log] [tgz]
authorNick Kralevich <nnk@google.com>Fri Feb 26 20:06:52 2016 -0800
committerNick Kralevich <nnk@google.com>Fri Feb 26 20:06:52 2016 -0800
treecf2e2dfab673dcf553358dba4afb2698596e8f51
parentf25ea5f9c00dff32a2d04c7af3e76d0efac28a7c [diff]
Don't allow permissive SELinux domains on user builds.

It's a CTS requirement that all SELinux domains be in
enforcing mode. Add the same assertion to the build system
when targeting user builds.

In particular, this avoids a situation where device integrity
checking is enabled on user builds, but permissive denials
are being generated, causing the device to unexpectedly reboot
into safe mode.

A developer wanting to put an SELinux domain into permissive
mode for userdebug/eng purposes can write the following
in their policy:

  userdebug_or_eng(`
    permissive foo;
  ')

Bug: 26902605
Bug: 27313768
Change-Id: Ic0971d9e96a28f2a98f9d56a547661d24fb81a21
1 file changed
tree: cf2e2dfab673dcf553358dba4afb2698596e8f51
  1. tools/
  2. access_vectors
  3. adbd.te
  4. Android.mk
  5. app.te
  6. atrace.te
  7. attributes
  8. binderservicedomain.te
  9. blkid.te
  10. blkid_untrusted.te
  11. bluetooth.te
  12. bluetoothdomain.te
  13. bootanim.te
  14. bootstat.te
  15. clatd.te
  16. CleanSpec.mk
  17. debuggerd.te
  18. device.te
  19. dex2oat.te
  20. dhcp.te
  21. dnsmasq.te
  22. domain.te
  23. domain_deprecated.te
  24. drmserver.te
  25. dumpstate.te
  26. file.te
  27. file_contexts
  28. file_contexts_asan
  29. fingerprintd.te
  30. fs_use
  31. fsck.te
  32. fsck_untrusted.te
  33. gatekeeperd.te
  34. genfs_contexts
  35. global_macros
  36. gpsd.te
  37. hci_attach.te
  38. healthd.te
  39. hostapd.te
  40. idmap.te
  41. init.te
  42. initial_sid_contexts
  43. initial_sids
  44. inputflinger.te
  45. install_recovery.te
  46. installd.te
  47. ioctl_macros
  48. isolated_app.te
  49. kernel.te
  50. keys.conf
  51. keystore.te
  52. lmkd.te
  53. logd.te
  54. mac_permissions.xml
  55. mdnsd.te
  56. mediaserver.te
  57. mls
  58. mls_macros
  59. MODULE_LICENSE_PUBLIC_DOMAIN
  60. mtp.te
  61. net.te
  62. netd.te
  63. neverallow_macros
  64. nfc.te
  65. NOTICE
  66. perfprofd.te
  67. platform_app.te
  68. policy_capabilities
  69. port_contexts
  70. ppp.te
  71. priv_app.te
  72. property.te
  73. property_contexts
  74. racoon.te
  75. radio.te
  76. README
  77. recovery.te
  78. rild.te
  79. roles
  80. runas.te
  81. sdcardd.te
  82. seapp_contexts
  83. security_classes
  84. service.te
  85. service_contexts
  86. servicemanager.te
  87. sgdisk.te
  88. shared_relro.te
  89. shell.te
  90. slideshow.te
  91. su.te
  92. surfaceflinger.te
  93. system_app.te
  94. system_server.te
  95. te_macros
  96. tee.te
  97. toolbox.te
  98. tzdatacheck.te
  99. ueventd.te
  100. uncrypt.te
  101. untrusted_app.te
  102. update_engine.te
  103. update_verifier.te
  104. users
  105. vdc.te
  106. vold.te
  107. watchdogd.te
  108. wpa.te
  109. zygote.te