Update neverallow rules for init_first_stage We are introducing Microdroid-specific variant of the init_first_stage, and need to add init_first_stage_defaults and init_first_stage.microdroid to the neverallow rule. Bug: 287206497 Test: build com.android.virt APEX Change-Id: I88543256ab0479d4676865ebb1d16d9d39f1f455

commit: 11a9c2c7634c1523b892ae53575a7c8b6e016114 [log] [tgz]
author: Nikita Ioffe <ioffe@google.com> Wed Jun 21 16:51:09 2023 +0100
committer: Nikita Ioffe <ioffe@google.com> Wed Jun 21 16:51:09 2023 +0100
tree: 334f3982f56d3531e417a4ee31f4c7f4a7ca4c9b
parent: df9c3441aa12df7bce9e25d024fd07ba7f4e47ad [diff] [blame]
diff --git a/android/neverallow.go b/android/neverallow.go
index f2e8c85..41105e6 100644
--- a/android/neverallow.go
+++ b/android/neverallow.go

@@ -239,7 +239,9 @@
 func createInitFirstStageRules() []Rule {
 	return []Rule{
 		NeverAllow().
+			Without("name", "init_first_stage_defaults").
 			Without("name", "init_first_stage").
+			Without("name", "init_first_stage.microdroid").
 			With("install_in_root", "true").
 			Because("install_in_root is only for init_first_stage."),
 	}
commit	11a9c2c7634c1523b892ae53575a7c8b6e016114	[log] [tgz]
author	Nikita Ioffe <ioffe@google.com>	Wed Jun 21 16:51:09 2023 +0100
committer	Nikita Ioffe <ioffe@google.com>	Wed Jun 21 16:51:09 2023 +0100
tree	334f3982f56d3531e417a4ee31f4c7f4a7ca4c9b
parent	df9c3441aa12df7bce9e25d024fd07ba7f4e47ad [diff] [blame]