Start tracking vendor seapp coredomain violations (2)

As part of Treble, enforce that vendor's seapp_contexts can't label apps using coredomains. Apps installed to system/system_ext/product should be labeled with platform side sepolicy. This change marks violating domains that need to be fixed. Bug: 296512192 Test: build and see build log Change-Id: Iba8dbfe1260b481b2981e62d740552bf84c8004f
2023-08-21 20:55:09 +09:00 · 2023-08-21 20:55:09 +09:00 · 3a3a2ec43d
commit 3a3a2ec43d
parent 9e2678845c
1 changed files with 3 additions and 0 deletions
--- a/battery_mitigation/sepolicy/brownout_detection_app.te
+++ b/battery_mitigation/sepolicy/brownout_detection_app.te
@ -1,5 +1,8 @@
 type brownout_detection_app, domain, coredomain;

+# TODO(b/296512192): move brownout_detection_app out of vendor sepolicy
+typeattribute brownout_detection_app vendor_seapp_assigns_coredomain_violators;
+
 userdebug_or_eng(`
  app_domain(brownout_detection_app)
  net_domain(brownout_detection_app)