Enable supplemental_process context for com.android.supplemental.process
Note that this requires the supplemental process app to be signed with
the supplemental process key, also added neverallow rule to ensure
supplemental_process always runs in the correct domain
Bug: 203670791
Test: Device boots, attempted to let supplemental_process run in an incorrect domain and it failed as expected, signed test app and verified that app runs in correct selinux domain
adb shell ps -eZ | grep supplemental
Ignore-AOSP-First: Feature is developed in internal branch
Change-Id: I478c9a16032dc1f1286f5295fc080cbe574f09c9
diff --git a/private/seapp_contexts b/private/seapp_contexts
index c7daf6b..dcc53bb 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -135,6 +135,9 @@
isSystemServer=true domain=system_server_startup
+# supplemental_process must run in the supplemental_process domain
+neverallow name=com.android.supplemental.process domain=((?!supplemental_process).)*
+
user=_app isPrivApp=true name=com.android.traceur domain=traceur_app type=app_data_file levelFrom=all
user=_app isPrivApp=true name=com.android.remoteprovisioner domain=remote_prov_app type=app_data_file levelFrom=all
user=system seinfo=platform domain=system_app type=system_app_data_file
@@ -169,3 +172,4 @@
user=_app domain=untrusted_app_25 type=app_data_file levelFrom=user
user=_app minTargetSdkVersion=28 fromRunAs=true domain=runas_app levelFrom=all
user=_app fromRunAs=true domain=runas_app levelFrom=user
+user=_app seinfo=supplemental_process name=com.android.supplemental.process domain=supplemental_process type=app_data_file levelFrom=user