Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 44328c061d67636d4d8047ac69c4e778467eb4e8
commit44328c061d67636d4d8047ac69c4e778467eb4e8[log] [tgz]
authorMaciej Żenczykowski <maze@google.com>Wed May 08 18:50:27 2019 -0700
committerMaciej Żenczykowski <maze@google.com>Sat May 11 17:47:25 2019 -0700
treee87932ea7b045cdacdc657c623d04a903c45b06b
parent8f5436a19a3411d0aed1679561ed54ad9e33e9e7 [diff]
sepolicy - move public clatd to private

Clatd is effectively an internal implementation detail of netd.
It exists as a separate daemon only because this gives us a better
security boundary.  Netd is it's only launcher (via fork/exec) and
killer.

Generated via:
  { echo; cat public/clatd.te; echo; } >> private/clatd.te
  rm -f public/clatd.te

  plus a minor edit to put coredomain after clatd type declaration
  and required changes to move netd's clatd use out of public into private.

Test: build and install on non-aosp test device, atest, check for selinux clat denials
Change-Id: I80f110b75828f3657986e64650ef9e0f9877a07c
4 files changed
tree: e87932ea7b045cdacdc657c623d04a903c45b06b
  1. apex/
  2. build/
  3. prebuilts/
  4. private/
  5. public/
  6. reqd_mask/
  7. tests/
  8. tools/
  9. vendor/
  10. .gitignore
  11. Android.bp
  12. Android.mk
  13. CleanSpec.mk
  14. compat.mk
  15. contexts_tests.mk
  16. definitions.mk
  17. mac_permissions.mk
  18. MODULE_LICENSE_PUBLIC_DOMAIN
  19. NOTICE
  20. OWNERS
  21. policy_version.mk
  22. PREUPLOAD.cfg
  23. README
  24. seapp_contexts.mk
  25. treble_sepolicy_tests_for_release.mk