Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 7826a7879c28f5ea43556ce7f812876fde4eea4f^2..7826a7879c28f5ea43556ce7f812876fde4eea4f / .
commit7826a7879c28f5ea43556ce7f812876fde4eea4f[log] [tgz]
authorTreehugger Robot <treehugger-gerrit@google.com>Thu Sep 13 02:13:24 2018 +0000
committerGerrit Code Review <noreply-gerritcodereview@google.com>Thu Sep 13 02:13:24 2018 +0000
tree942735606d05bd00ef571e1e3d5d28fce379723a
parent9ec48cef5b6bd78c925c4e0cc447dc314a0c8c7f [diff]
parent6cf9160e8299687a73a48dbb5d4e0f8beb8c2aa2 [diff]
Merge "add links to docs explaining motivations behind neverallow assertions."
diff --git a/private/seapp_contexts b/private/seapp_contexts
index c21d49f..418150e 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts

@@ -112,7 +112,7 @@
 user=_app seinfo=media domain=mediaprovider name=android.process.media type=app_data_file levelFrom=user
 user=_app seinfo=platform domain=platform_app type=app_data_file levelFrom=user
 user=_app isV2App=true isEphemeralApp=true domain=ephemeral_app type=app_data_file levelFrom=all
-user=_app isPrivApp=true domain=priv_app type=app_data_file levelFrom=user
+user=_app isPrivApp=true domain=priv_app type=privapp_data_file levelFrom=user
 user=_app minTargetSdkVersion=28 domain=untrusted_app type=app_data_file levelFrom=all
 user=_app minTargetSdkVersion=26 domain=untrusted_app_27 type=app_data_file levelFrom=user
 user=_app domain=untrusted_app_25 type=app_data_file levelFrom=user

diff --git a/public/device.te b/public/device.te
index c68b515..1ab08b4 100644
--- a/public/device.te
+++ b/public/device.te

@@ -80,18 +80,23 @@
 type frp_block_device, dev_type;
 
 # System block device mounted on /system.
+# Documented at https://source.android.com/devices/bootloader/partitions-images
 type system_block_device, dev_type;
 
 # Recovery block device.
+# Documented at https://source.android.com/devices/bootloader/partitions-images
 type recovery_block_device, dev_type;
 
 # boot block device.
+# Documented at https://source.android.com/devices/bootloader/partitions-images
 type boot_block_device, dev_type;
 
 # Userdata block device mounted on /data.
+# Documented at https://source.android.com/devices/bootloader/partitions-images
 type userdata_block_device, dev_type;
 
 # Cache block device mounted on /cache.
+# Documented at https://source.android.com/devices/bootloader/partitions-images
 type cache_block_device, dev_type;
 
 # Block device for any swap partition.
@@ -100,9 +105,11 @@
 # Metadata block device used for encryption metadata.
 # Assign this type to the partition specified by the encryptable=
 # mount option in your fstab file in the entry for userdata.
+# Documented at https://source.android.com/devices/bootloader/partitions-images
 type metadata_block_device, dev_type;
 
 # The 'misc' partition used by recovery and A/B.
+# Documented at https://source.android.com/devices/bootloader/partitions-images
 type misc_block_device, dev_type;
 
 # 'super' partition to be used for logical partitioning.

diff --git a/public/property_contexts b/public/property_contexts
index 6a271a1..9dd6501 100644
--- a/public/property_contexts
+++ b/public/property_contexts

@@ -66,6 +66,7 @@
 keyguard.no_require_sim u:object_r:exported3_default_prop:s0 exact bool
 media.recorder.show_manufacturer_and_model u:object_r:exported3_default_prop:s0 exact bool
 media.stagefright.cache-params u:object_r:exported3_default_prop:s0 exact string
+media.stagefright.thumbnail.prefer_hw_codecs u:object_r:exported3_default_prop:s0 exact bool
 persist.bluetooth.a2dp_offload.cap u:object_r:bluetooth_a2dp_offload_prop:s0 exact string
 persist.bluetooth.a2dp_offload.disabled u:object_r:bluetooth_a2dp_offload_prop:s0 exact bool
 persist.config.calibration_fac u:object_r:exported3_default_prop:s0 exact string