From 3a3a2ec43d2ae35a21f7c439a557401a78442421 Mon Sep 17 00:00:00 2001
From: Inseob Kim <inseob@google.com>
Date: Mon, 21 Aug 2023 20:55:09 +0900
Subject: [PATCH] Start tracking vendor seapp coredomain violations (2)

As part of Treble, enforce that vendor's seapp_contexts can't label apps
using coredomains. Apps installed to system/system_ext/product should be
labeled with platform side sepolicy.

This change marks violating domains that need to be fixed.

Bug: 296512192
Test: build and see build log
Change-Id: Iba8dbfe1260b481b2981e62d740552bf84c8004f
---
 battery_mitigation/sepolicy/brownout_detection_app.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/battery_mitigation/sepolicy/brownout_detection_app.te b/battery_mitigation/sepolicy/brownout_detection_app.te
index 6146a74..b8d1380 100644
--- a/battery_mitigation/sepolicy/brownout_detection_app.te
+++ b/battery_mitigation/sepolicy/brownout_detection_app.te
@@ -1,5 +1,8 @@
 type brownout_detection_app, domain, coredomain;
 
+# TODO(b/296512192): move brownout_detection_app out of vendor sepolicy
+typeattribute brownout_detection_app vendor_seapp_assigns_coredomain_violators;
+
 userdebug_or_eng(`
   app_domain(brownout_detection_app)
   net_domain(brownout_detection_app)