Google Git
Sign in
android / platform / system / sepolicy / 1d0bb522217f6b4e5ade5221434681490910fabd
commit1d0bb522217f6b4e5ade5221434681490910fabd[log] [tgz]
authorNick Kralevich <nnk@google.com>Mon May 15 12:04:46 2017 -0700
committerNick Kralevich <nnk@google.com>Mon May 15 12:18:18 2017 -0700
tree88ad1628dab9fc5181ab15e3a78025dfbb4d4e90
parentc5fc28d9aec56fa09a507b83a771cdf2e63a31b8 [diff]
DO NOT MERGE: domain.te: Drop appdomain transition neverallow assertion

Commit c5266df925169b959977d3fa03b4b369253db837 (Android 7.1) introduced
a new neverallow rule which required that the only way you could become
an appdomain was to have been spawned from zygote or run-as.

  # Only domains spawned from zygote and runas may have the appdomain attribute.
  neverallow { domain -runas -zygote } {
    appdomain -shell userdebug_or_eng(`-su')
    }:process { transition dyntransition };

This change was backported to Android 7.0 in commit
eedacf8341aaa127411f246a653c618d9dde4f5e as part of the relaxation of
another neverallow rule.

As a general rule, the introduction of new neverallow rules in older
Android releases causes pain and unscheduled engineering work for our
partners. As a result, we try to avoid making such changes.

Partially revert eedacf8341aaa127411f246a653c618d9dde4f5e, specifically
the part that introduced a new neverallow rule. This revert is intended
for Android 7.0 ONLY, and should not be applied to newer Android
releases.

Bug: 37418998
Change-Id: I4c2eb30000b230d22d8dbc3b1309a5b63f9f95c9
1 file changed
tree: 88ad1628dab9fc5181ab15e3a78025dfbb4d4e90
  1. tools/
  2. access_vectors
  3. adbd.te
  4. Android.mk
  5. app.te
  6. atrace.te
  7. attributes
  8. audioserver.te
  9. autoplay_app.te
  10. binderservicedomain.te
  11. blkid.te
  12. blkid_untrusted.te
  13. bluetooth.te
  14. bluetoothdomain.te
  15. boot_control_hal.te
  16. bootanim.te
  17. bootstat.te
  18. cameraserver.te
  19. clatd.te
  20. CleanSpec.mk
  21. debuggerd.te
  22. device.te
  23. dex2oat.te
  24. dhcp.te
  25. dnsmasq.te
  26. domain.te
  27. domain_deprecated.te
  28. drmserver.te
  29. dumpstate.te
  30. file.te
  31. file_contexts
  32. file_contexts_asan
  33. fingerprintd.te
  34. fs_use
  35. fsck.te
  36. fsck_untrusted.te
  37. gatekeeperd.te
  38. genfs_contexts
  39. global_macros
  40. gpsd.te
  41. hci_attach.te
  42. healthd.te
  43. hostapd.te
  44. idmap.te
  45. init.te
  46. initial_sid_contexts
  47. initial_sids
  48. inputflinger.te
  49. install_recovery.te
  50. installd.te
  51. ioctl_defines
  52. ioctl_macros
  53. isolated_app.te
  54. kernel.te
  55. keys.conf
  56. keystore.te
  57. lmkd.te
  58. logd.te
  59. mac_permissions.xml
  60. mdnsd.te
  61. mediacodec.te
  62. mediadrmserver.te
  63. mediaextractor.te
  64. mediaserver.te
  65. mls
  66. mls_macros
  67. MODULE_LICENSE_PUBLIC_DOMAIN
  68. mtp.te
  69. net.te
  70. netd.te
  71. neverallow_macros
  72. nfc.te
  73. NOTICE
  74. otapreopt_chroot.te
  75. perfprofd.te
  76. platform_app.te
  77. policy_capabilities
  78. port_contexts
  79. postinstall.te
  80. postinstall_dexopt.te
  81. ppp.te
  82. priv_app.te
  83. profman.te
  84. property.te
  85. property_contexts
  86. racoon.te
  87. radio.te
  88. README
  89. recovery.te
  90. recovery_persist.te
  91. recovery_refresh.te
  92. rild.te
  93. roles
  94. runas.te
  95. sdcardd.te
  96. seapp_contexts
  97. security_classes
  98. service.te
  99. service_contexts
  100. servicemanager.te
  101. sgdisk.te
  102. shared_relro.te
  103. shell.te
  104. slideshow.te
  105. su.te
  106. surfaceflinger.te
  107. system_app.te
  108. system_server.te
  109. te_macros
  110. tee.te
  111. toolbox.te
  112. tzdatacheck.te
  113. ueventd.te
  114. uncrypt.te
  115. untrusted_app.te
  116. update_engine.te
  117. update_verifier.te
  118. users
  119. vdc.te
  120. vold.te
  121. watchdogd.te
  122. wpa.te
  123. zygote.te