Add untrusted_app_27 This is a partial cherry pick of commit 6231b4d9 'Enforce per-app data protections for targetSdk 28+'. Untrusted_app_27 remains unreachable, but it's existence prevents future merge conflicts. Bug: 63897054 Test: build/boot aosp_walleye-userdebug Change-Id: I64b013874fe87b55f47e817a1279e76ecf86b7c0 Merged-In: I64b013874fe87b55f47e817a1279e76ecf86b7c0 (cherry picked from commit 6231b4d9fc98bb42956198e9f54cabde69464339)

commit: 3aa7ca56fdbcc710cb18ddcb53f4eda618ba83a9 [log] [tgz]
author: Jeff Vander Stoep <jeffv@google.com> Tue Apr 03 11:22:38 2018 -0700
committer: Jeff Vander Stoep <jeffv@google.com> Tue Apr 03 12:25:51 2018 -0700
tree: 3ed0ace2fdac2e7588dede4215350adfb157f260
parent: 0d1e52a50f1770bbdcae11f444570a86c3b1eeb1 [diff] [blame]
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index 09ffe56..a3f7bb5 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil

@@ -84,6 +84,7 @@
     traced_tmpfs
     traceur_app
     traceur_app_tmpfs
+    untrusted_app_all_devpts
     update_engine_log_data_file
     usbd
     usbd_exec
@@ -101,3 +102,8 @@
     wpantund_service
     wpantund_tmpfs))
 
+;; private_objects - a collection of types that were labeled differently in
+;;     older policy, but that should not remain accessible to vendor policy.
+;;     Thus, these types are also not mapped, but recorded for checkapi tests
+(typeattribute priv_objects)
+(typeattributeset priv_objects (untrusted_app_27_tmpfs))
commit	3aa7ca56fdbcc710cb18ddcb53f4eda618ba83a9	[log] [tgz]
author	Jeff Vander Stoep <jeffv@google.com>	Tue Apr 03 11:22:38 2018 -0700
committer	Jeff Vander Stoep <jeffv@google.com>	Tue Apr 03 12:25:51 2018 -0700
tree	3ed0ace2fdac2e7588dede4215350adfb157f260
parent	0d1e52a50f1770bbdcae11f444570a86c3b1eeb1 [diff] [blame]