SEPolicy changes to allow vendor BoringSSL self test. Introduces new domain vendor_boringssl_self_test and runs /vendor/bin/boringssl_self_test(32|64) in it. New domain required because boringssl_self_test needs to be in coredomain in order to reboot the device, but vendor code may not run in coredomain. Bug: 141150335 Test: flashall && manually verify no selinux errors logged and that four flag files are created in /dev/boringssl, two by the system self tests and two by the vendor. Change-Id: I46e2a5ea338eddacdfd089f696295dbd16795c5a

commit: 90eb9b0e048d3bf9822e6cb35e464ae641eaa716 [log] [tgz]
author: Pete Bentley <prb@google.com> Mon Sep 30 18:00:55 2019 +0100
committer: Pete Bentley <prb@google.com> Tue Oct 01 14:14:36 2019 +0100
tree: 53ee54e146d1575fd4e54a8f0b76a01f16cffb07
parent: 3cda2d5c2b58c6daf322099c530669a889f0139e [diff] [blame]
diff --git a/private/file_contexts b/private/file_contexts
index ef4f2c7..cf4c69b 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -360,6 +360,7 @@
 
 /vendor/apex(/[^/]+){0,2}                      u:object_r:vendor_apex_file:s0
 /vendor/bin/misc_writer                        u:object_r:vendor_misc_writer_exec:s0
+/vendor/bin/boringssl_self_test(32|64)         u:object_r:vendor_boringssl_self_test_exec:s0
 
 # HAL location
 /(vendor|system/vendor)/lib(64)?/hw            u:object_r:vendor_hal_file:s0
commit	90eb9b0e048d3bf9822e6cb35e464ae641eaa716	[log] [tgz]
author	Pete Bentley <prb@google.com>	Mon Sep 30 18:00:55 2019 +0100
committer	Pete Bentley <prb@google.com>	Tue Oct 01 14:14:36 2019 +0100
tree	53ee54e146d1575fd4e54a8f0b76a01f16cffb07
parent	3cda2d5c2b58c6daf322099c530669a889f0139e [diff] [blame]