Move microdroid sepolicy to system/sepolicy Bug: 190511750 Test: boot microdroid Change-Id: I4aa4a56e9be5103d70469c3508110a973f3e4f12

commit: e1389977e00124633c1165d778081afe6b185f92 [log] [tgz]
author: Inseob Kim <inseob@google.com> Mon Jul 19 07:48:34 2021 +0000
committer: Inseob Kim <inseob@google.com> Mon Jul 19 07:48:34 2021 +0000
tree: a516e15cb0e7dca45ecd53486ab6f99afa8998e1
parent: 951bf93ad8941b7e2848b82dac92b8f75c13b279 [diff] [blame]
diff --git a/microdroid/system/private/tombstoned.te b/microdroid/system/private/tombstoned.te
new file mode 100644
index 0000000..2567a23
--- /dev/null
+++ b/microdroid/system/private/tombstoned.te

@@ -0,0 +1,12 @@
+typeattribute tombstoned coredomain;
+
+init_daemon_domain(tombstoned)
+
+# Write to arbitrary pipes given to us.
+allow tombstoned domain:fd use;
+allow tombstoned domain:fifo_file write;
+
+allow tombstoned domain:dir r_dir_perms;
+allow tombstoned domain:file r_file_perms;
+allow tombstoned tombstone_data_file:dir rw_dir_perms;
+allow tombstoned tombstone_data_file:file { create_file_perms link };
commit	e1389977e00124633c1165d778081afe6b185f92	[log] [tgz]
author	Inseob Kim <inseob@google.com>	Mon Jul 19 07:48:34 2021 +0000
committer	Inseob Kim <inseob@google.com>	Mon Jul 19 07:48:34 2021 +0000
tree	a516e15cb0e7dca45ecd53486ab6f99afa8998e1
parent	951bf93ad8941b7e2848b82dac92b8f75c13b279 [diff] [blame]