sepolicy for vendor overlay Make /(product|system/product)/vendor_overlay/<ver> have the vendor file context. If vendor_overlay requires to mount on the vendor directories other than 'vendor_file', the contexts must be defined in the device specific sepolicy files. Bug: 119076200 Test: build and check if the files are overided and have the required sepolicy contexts. Change-Id: I69ed38d4ea8e7d89f56865b1ca1e26f290e9892d

commit: df9d78327603e68fd8057433c1b6758e324418d8 [log] [tgz]
author: Justin Yun <justinyun@google.com> Tue Nov 06 15:00:49 2018 +0900
committer: Justin Yun <justinyun@google.com> Sun Dec 30 00:48:25 2018 +0000
tree: 3e888eb0b3b3ff7d8f9e4c54f44fd021fee0df97
parent: 893272d883b87869033071846f8883794833b4f4 [diff] [blame]
diff --git a/private/file_contexts b/private/file_contexts
index fd3e1dc..13d87ff 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -382,6 +382,14 @@
 /(product_services|system/product_services)/overlay(/.*)?       u:object_r:vendor_overlay_file:s0
 
 #############################
+# Vendor files from /(product|system/product)/vendor_overlay
+#
+# NOTE: For additional vendor file contexts for vendor overlay files,
+# use device specific file_contexts.
+#
+/(product|system/product)/vendor_overlay/[0-9]+/.*          u:object_r:vendor_file:s0
+
+#############################
 # Data files
 #
 # NOTE: When modifying existing label rules, changes may also need to
commit	df9d78327603e68fd8057433c1b6758e324418d8	[log] [tgz]
author	Justin Yun <justinyun@google.com>	Tue Nov 06 15:00:49 2018 +0900
committer	Justin Yun <justinyun@google.com>	Sun Dec 30 00:48:25 2018 +0000
tree	3e888eb0b3b3ff7d8f9e4c54f44fd021fee0df97
parent	893272d883b87869033071846f8883794833b4f4 [diff] [blame]