commit 7f8b6cc66c4dfbd320b06af6be2e0740ee9ddbcf
author Tri Vo <trong@google.com> Sat Jul 28 16:48:06 2018 -0700
committer Tri Vo <trong@google.com> Tue Aug 21 21:32:41 2018 +0000
tree b5469cec2dfb2db4cd9a54b2508cec694a14ab4b
parent 7ed266c678a13a889482e1b42cc2fe6934e78051

Rename untrusted_app_visible_*' to include 'violators'.

Bug: 110887137
Test: Flash new system policy onto a device with vendor policy that uses
untrusted_app_visible_* attributes, and check that old and new attributes
are applied to exactly same types.
Change-Id: Ibee0ec645878fcc8c93cd0fbd169a8d45129d79e
Merged-In: Ibee0ec645878fcc8c93cd0fbd169a8d45129d79e
(cherry picked from commit 7abca51d198b721eb217db89aed4256887a7b9d1)

private/technical_debt.cil

diff --git a/private/technical_debt.cil b/private/technical_debt.cil
index b04e5e0..35db2b3 100644
--- a/private/technical_debt.cil
+++ b/private/technical_debt.cil
@@ -40,3 +40,13 @@
 ; Unfortunately, we can't currently express this in module policy language:
 ;     typeattribute { appdomain -isolated_app } hal_neuralnetworks_client;
 (typeattributeset hal_neuralnetworks_client ((and (appdomain) ((not (isolated_app))))))
+
+; TODO(b/112056006): move these to mapping files when/if we implement 'versioned' attributes.
+; Rename untrusted_app_visible_* to untrusted_app_visible_*_violators.
+; Unfortunately, we can't currently express this in module policy language:
+;     typeattribute untrusted_app_visible_hwservice untrusted_app_visible_hwservice_violators;
+;     typeattribute untrusted_app_visible_halserver untrusted_app_visible_halserver_violators;
+(typeattribute untrusted_app_visible_hwservice)
+(typeattributeset untrusted_app_visible_hwservice_violators (untrusted_app_visible_hwservice))
+(typeattribute untrusted_app_visible_halserver)
+(typeattributeset untrusted_app_visible_halserver_violators (untrusted_app_visible_halserver))