From 9c81dc8d56bf1a988f8470c8b18cbf2f12102b4f Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Mon, 24 Oct 2022 11:25:00 +0800 Subject: [PATCH] isolate legacy sepolicy to start reviewing while letting others work Bug: 254378739 Test: boot, camera, google map, play youtube Change-Id: If8ee7c64c0f7534a7e918f36a0e785b0ee9cd11f --- .../private}/permissioncontroller_app.te | 0 {private => legacy/private}/property_contexts | 0 {private => legacy/private}/radio.te | 0 {private => legacy/private}/service_contexts | 0 .../system_ext}/private/property_contexts | 0 .../system_ext}/public/property.te | 0 .../whitechapel_pro}/attributes | 0 .../whitechapel_pro}/audioserver.te | 0 .../whitechapel_pro}/bipchmgr.te | 0 .../whitechapel_pro}/bluetooth.te | 0 .../whitechapel_pro}/bootanim.te | 0 .../whitechapel_pro}/bootdevice_sysdev.te | 0 .../cat_engine_service_app.te | 0 .../whitechapel_pro}/cbd.te | 0 .../whitechapel_pro}/cbrs_setup.te | 0 .../whitechapel_pro}/cccdk_timesync_app.te | 0 .../certs/EuiccSupportPixel.x509.pem | 0 .../whitechapel_pro}/certs/app.x509.pem | 0 .../certs/com_google_mds.x509.pem | 0 .../certs/com_qorvo_uwb.x509.pem | 0 .../whitechapel_pro}/charger_vendor.te | 0 .../whitechapel_pro}/chre.te | 0 .../whitechapel_pro}/con_monitor.te | 0 .../whitechapel_pro}/device.te | 0 .../whitechapel_pro}/dmd.te | 0 .../whitechapel_pro}/domain.te | 0 .../whitechapel_pro}/e2fs.te | 0 .../whitechapel_pro}/euiccpixel_app.te | 0 .../whitechapel_pro}/fastbootd.te | 0 .../whitechapel_pro}/file.te | 0 .../whitechapel_pro}/file_contexts | 0 .../whitechapel_pro}/fsck.te | 0 .../whitechapel_pro}/genfs_contexts | 0 .../whitechapel_pro}/google_camera_app.te | 0 .../whitechapel_pro}/gpsd.te | 0 .../whitechapel_pro}/grilservice_app.te | 0 .../whitechapel_pro}/gxp_logging.te | 0 .../whitechapel_pro}/hal_bootctl_default.te | 0 .../whitechapel_pro}/hal_camera_default.te | 0 .../whitechapel_pro}/hal_contexthub.te | 0 .../hal_fingerprint_default.te | 0 .../hal_graphics_allocator_default.te | 0 .../hal_graphics_composer_default.te | 0 .../whitechapel_pro}/hal_health_default.te | 0 .../hal_health_storage_default.te | 0 .../whitechapel_pro}/hal_nfc_default.te | 0 .../whitechapel_pro}/hal_power_default.te | 0 .../hal_power_stats_default.te | 0 .../whitechapel_pro}/hal_radioext_default.te | 0 .../hal_secure_element_gto.te | 0 .../hal_secure_element_gto_ese2.te | 0 .../hal_secure_element_st33spi.te | 0 .../hal_secure_element_st54spi.te | 0 .../hal_secure_element_uicc.te | 0 .../whitechapel_pro}/hal_sensors_default.te | 0 .../whitechapel_pro}/hal_thermal_default.te | 0 .../whitechapel_pro}/hal_usb_gadget_impl.te | 0 .../whitechapel_pro}/hal_usb_impl.te | 0 .../whitechapel_pro}/hal_uwb_vendor.te | 0 .../hal_uwb_vendor_default.te | 0 .../whitechapel_pro}/hal_wifi_ext.te | 0 .../whitechapel_pro}/hal_wlc.te | 0 .../whitechapel_pro}/hbmsvmanager_app.te | 0 .../whitechapel_pro}/hwservice.te | 0 .../whitechapel_pro}/hwservice_contexts | 0 .../whitechapel_pro}/hwservicemanager.te | 0 .../whitechapel_pro}/incident.te | 0 .../whitechapel_pro}/init-display-sh.te | 0 .../whitechapel_pro}/init.te | 0 .../whitechapel_pro}/init_radio.te | 0 .../whitechapel_pro}/installd.te | 0 .../whitechapel_pro}/kernel.te | 0 legacy/whitechapel_pro/keys.conf | 11 ++ .../whitechapel_pro}/logd.te | 0 .../whitechapel_pro}/logger_app.te | 0 .../whitechapel_pro}/mac_permissions.xml | 0 .../whitechapel_pro}/mediacodec_google.te | 0 .../whitechapel_pro}/mediacodec_samsung.te | 0 .../whitechapel_pro}/modem_diagnostic_app.te | 0 .../whitechapel_pro}/modem_logging_control.te | 0 .../whitechapel_pro}/modem_svc_sit.te | 0 .../whitechapel_pro}/nfc.te | 0 .../whitechapel_pro}/oemrilservice_app.te | 0 .../whitechapel_pro}/ofl_app.te | 0 .../whitechapel_pro}/omadm.te | 0 .../whitechapel_pro}/pixelstats_vendor.te | 0 .../whitechapel_pro}/platform_app.te | 0 .../whitechapel_pro}/property.te | 0 .../whitechapel_pro}/property_contexts | 0 .../whitechapel_pro}/radio.te | 0 .../whitechapel_pro}/ramdump_app.te | 0 .../whitechapel_pro}/recovery.te | 0 .../whitechapel_pro}/rfsd.te | 0 .../whitechapel_pro}/rild.te | 0 .../whitechapel_pro}/rlsservice.te | 0 .../whitechapel_pro}/sced.te | 0 .../whitechapel_pro}/seapp_contexts | 0 .../whitechapel_pro}/service.te | 0 .../whitechapel_pro}/service_contexts | 0 .../whitechapel_pro}/shell.te | 0 .../whitechapel_pro}/ssr_detector.te | 0 .../whitechapel_pro}/surfaceflinger.te | 0 .../whitechapel_pro}/system_server.te | 0 .../whitechapel_pro}/tcpdump_logger.te | 0 .../whitechapel_pro}/te_macros | 0 .../whitechapel_pro}/tee.te | 0 .../whitechapel_pro}/toolbox.te | 0 .../whitechapel_pro}/trusty_apploader.te | 0 .../whitechapel_pro}/trusty_metricsd.te | 0 .../whitechapel_pro}/untrusted_app_all.te | 0 .../whitechapel_pro}/update_engine.te | 0 .../whitechapel_pro}/uwb_vendor_app.te | 0 .../whitechapel_pro}/vcd.te | 0 .../vendor_engineermode_app.te | 0 .../whitechapel_pro}/vendor_ims_app.te | 0 .../whitechapel_pro}/vendor_ims_remote_app.te | 0 .../whitechapel_pro}/vendor_init.te | 0 .../vendor_qualifiednetworks_app.te | 0 .../whitechapel_pro}/vendor_rcs_app.te | 0 .../vendor_rcs_service_app.te | 0 .../whitechapel_pro}/vendor_shell.te | 0 .../vendor_silentlogging_remote_app.te | 0 .../vendor_telephony_debug_app.te | 0 .../vendor_telephony_network_test_app.te | 0 .../vendor_telephony_silentlogging_app.te | 0 .../vendor_telephony_test_app.te | 0 .../vendor_telephony_uartswitch_app.te | 0 .../whitechapel_pro}/vendor_uwb_init.te | 0 .../whitechapel_pro}/vndservice.te | 0 .../whitechapel_pro}/vndservice_contexts | 0 .../whitechapel_pro}/vold.te | 0 tracking_denials/dumpstate.te | 6 - tracking_denials/google_camera_app.te | 4 - tracking_denials/hal_camera_default.te | 5 - tracking_denials/hal_drm_widevine.te | 2 - tracking_denials/hal_power_default.te | 4 - tracking_denials/hal_radioext_default.te | 2 - .../hal_secure_element_st33spi.te | 2 - tracking_denials/hal_sensors_default.te | 2 - tracking_denials/hal_thermal_default.te | 7 - tracking_denials/hal_uwb_vendor_default.te | 3 - tracking_denials/incidentd.te | 2 - tracking_denials/kernel.te | 9 -- .../rebalance_interrupts_vendor.te | 2 - tracking_denials/servicemanager.te | 2 - tracking_denials/ssr_detector_app.te | 12 -- tracking_denials/surfaceflinger.te | 4 - tracking_denials/vendor_init.te | 2 - .../vendor_telephony_silentlogging_app.te | 3 - whitechapel_pro/dumpstate.te | 17 -- whitechapel_pro/hal_dumpstate_default.te | 145 ------------------ whitechapel_pro/keys.conf | 11 -- zuma-sepolicy.mk | 9 +- 153 files changed, 19 insertions(+), 247 deletions(-) rename {private => legacy/private}/permissioncontroller_app.te (100%) rename {private => legacy/private}/property_contexts (100%) rename {private => legacy/private}/radio.te (100%) rename {private => legacy/private}/service_contexts (100%) rename {system_ext => legacy/system_ext}/private/property_contexts (100%) rename {system_ext => legacy/system_ext}/public/property.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/attributes (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/audioserver.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/bipchmgr.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/bluetooth.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/bootanim.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/bootdevice_sysdev.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/cat_engine_service_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/cbd.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/cbrs_setup.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/cccdk_timesync_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/certs/EuiccSupportPixel.x509.pem (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/certs/app.x509.pem (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/certs/com_google_mds.x509.pem (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/certs/com_qorvo_uwb.x509.pem (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/charger_vendor.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/chre.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/con_monitor.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/device.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/dmd.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/domain.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/e2fs.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/euiccpixel_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/fastbootd.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/file.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/file_contexts (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/fsck.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/genfs_contexts (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/google_camera_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/gpsd.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/grilservice_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/gxp_logging.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_bootctl_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_camera_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_contexthub.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_fingerprint_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_graphics_allocator_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_graphics_composer_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_health_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_health_storage_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_nfc_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_power_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_power_stats_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_radioext_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_secure_element_gto.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_secure_element_gto_ese2.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_secure_element_st33spi.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_secure_element_st54spi.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_secure_element_uicc.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_sensors_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_thermal_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_usb_gadget_impl.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_usb_impl.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_uwb_vendor.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_uwb_vendor_default.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_wifi_ext.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hal_wlc.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hbmsvmanager_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hwservice.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hwservice_contexts (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/hwservicemanager.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/incident.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/init-display-sh.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/init.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/init_radio.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/installd.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/kernel.te (100%) create mode 100644 legacy/whitechapel_pro/keys.conf rename {whitechapel_pro => legacy/whitechapel_pro}/logd.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/logger_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/mac_permissions.xml (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/mediacodec_google.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/mediacodec_samsung.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/modem_diagnostic_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/modem_logging_control.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/modem_svc_sit.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/nfc.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/oemrilservice_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/ofl_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/omadm.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/pixelstats_vendor.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/platform_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/property.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/property_contexts (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/radio.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/ramdump_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/recovery.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/rfsd.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/rild.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/rlsservice.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/sced.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/seapp_contexts (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/service.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/service_contexts (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/shell.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/ssr_detector.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/surfaceflinger.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/system_server.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/tcpdump_logger.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/te_macros (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/tee.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/toolbox.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/trusty_apploader.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/trusty_metricsd.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/untrusted_app_all.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/update_engine.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/uwb_vendor_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vcd.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_engineermode_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_ims_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_ims_remote_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_init.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_qualifiednetworks_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_rcs_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_rcs_service_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_shell.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_silentlogging_remote_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_telephony_debug_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_telephony_network_test_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_telephony_silentlogging_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_telephony_test_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_telephony_uartswitch_app.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vendor_uwb_init.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vndservice.te (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vndservice_contexts (100%) rename {whitechapel_pro => legacy/whitechapel_pro}/vold.te (100%) delete mode 100644 tracking_denials/dumpstate.te delete mode 100644 tracking_denials/google_camera_app.te delete mode 100644 tracking_denials/hal_camera_default.te delete mode 100644 tracking_denials/hal_drm_widevine.te delete mode 100644 tracking_denials/hal_power_default.te delete mode 100644 tracking_denials/hal_radioext_default.te delete mode 100644 tracking_denials/hal_secure_element_st33spi.te delete mode 100644 tracking_denials/hal_sensors_default.te delete mode 100644 tracking_denials/hal_thermal_default.te delete mode 100644 tracking_denials/hal_uwb_vendor_default.te delete mode 100644 tracking_denials/incidentd.te delete mode 100644 tracking_denials/kernel.te delete mode 100644 tracking_denials/rebalance_interrupts_vendor.te delete mode 100644 tracking_denials/servicemanager.te delete mode 100644 tracking_denials/ssr_detector_app.te delete mode 100644 tracking_denials/surfaceflinger.te delete mode 100644 tracking_denials/vendor_init.te delete mode 100644 tracking_denials/vendor_telephony_silentlogging_app.te delete mode 100644 whitechapel_pro/dumpstate.te delete mode 100644 whitechapel_pro/hal_dumpstate_default.te delete mode 100644 whitechapel_pro/keys.conf diff --git a/private/permissioncontroller_app.te b/legacy/private/permissioncontroller_app.te similarity index 100% rename from private/permissioncontroller_app.te rename to legacy/private/permissioncontroller_app.te diff --git a/private/property_contexts b/legacy/private/property_contexts similarity index 100% rename from private/property_contexts rename to legacy/private/property_contexts diff --git a/private/radio.te b/legacy/private/radio.te similarity index 100% rename from private/radio.te rename to legacy/private/radio.te diff --git a/private/service_contexts b/legacy/private/service_contexts similarity index 100% rename from private/service_contexts rename to legacy/private/service_contexts diff --git a/system_ext/private/property_contexts b/legacy/system_ext/private/property_contexts similarity index 100% rename from system_ext/private/property_contexts rename to legacy/system_ext/private/property_contexts diff --git a/system_ext/public/property.te b/legacy/system_ext/public/property.te similarity index 100% rename from system_ext/public/property.te rename to legacy/system_ext/public/property.te diff --git a/whitechapel_pro/attributes b/legacy/whitechapel_pro/attributes similarity index 100% rename from whitechapel_pro/attributes rename to legacy/whitechapel_pro/attributes diff --git a/whitechapel_pro/audioserver.te b/legacy/whitechapel_pro/audioserver.te similarity index 100% rename from whitechapel_pro/audioserver.te rename to legacy/whitechapel_pro/audioserver.te diff --git a/whitechapel_pro/bipchmgr.te b/legacy/whitechapel_pro/bipchmgr.te similarity index 100% rename from whitechapel_pro/bipchmgr.te rename to legacy/whitechapel_pro/bipchmgr.te diff --git a/whitechapel_pro/bluetooth.te b/legacy/whitechapel_pro/bluetooth.te similarity index 100% rename from whitechapel_pro/bluetooth.te rename to legacy/whitechapel_pro/bluetooth.te diff --git a/whitechapel_pro/bootanim.te b/legacy/whitechapel_pro/bootanim.te similarity index 100% rename from whitechapel_pro/bootanim.te rename to legacy/whitechapel_pro/bootanim.te diff --git a/whitechapel_pro/bootdevice_sysdev.te b/legacy/whitechapel_pro/bootdevice_sysdev.te similarity index 100% rename from whitechapel_pro/bootdevice_sysdev.te rename to legacy/whitechapel_pro/bootdevice_sysdev.te diff --git a/whitechapel_pro/cat_engine_service_app.te b/legacy/whitechapel_pro/cat_engine_service_app.te similarity index 100% rename from whitechapel_pro/cat_engine_service_app.te rename to legacy/whitechapel_pro/cat_engine_service_app.te diff --git a/whitechapel_pro/cbd.te b/legacy/whitechapel_pro/cbd.te similarity index 100% rename from whitechapel_pro/cbd.te rename to legacy/whitechapel_pro/cbd.te diff --git a/whitechapel_pro/cbrs_setup.te b/legacy/whitechapel_pro/cbrs_setup.te similarity index 100% rename from whitechapel_pro/cbrs_setup.te rename to legacy/whitechapel_pro/cbrs_setup.te diff --git a/whitechapel_pro/cccdk_timesync_app.te b/legacy/whitechapel_pro/cccdk_timesync_app.te similarity index 100% rename from whitechapel_pro/cccdk_timesync_app.te rename to legacy/whitechapel_pro/cccdk_timesync_app.te diff --git a/whitechapel_pro/certs/EuiccSupportPixel.x509.pem b/legacy/whitechapel_pro/certs/EuiccSupportPixel.x509.pem similarity index 100% rename from whitechapel_pro/certs/EuiccSupportPixel.x509.pem rename to legacy/whitechapel_pro/certs/EuiccSupportPixel.x509.pem diff --git a/whitechapel_pro/certs/app.x509.pem b/legacy/whitechapel_pro/certs/app.x509.pem similarity index 100% rename from whitechapel_pro/certs/app.x509.pem rename to legacy/whitechapel_pro/certs/app.x509.pem diff --git a/whitechapel_pro/certs/com_google_mds.x509.pem b/legacy/whitechapel_pro/certs/com_google_mds.x509.pem similarity index 100% rename from whitechapel_pro/certs/com_google_mds.x509.pem rename to legacy/whitechapel_pro/certs/com_google_mds.x509.pem diff --git a/whitechapel_pro/certs/com_qorvo_uwb.x509.pem b/legacy/whitechapel_pro/certs/com_qorvo_uwb.x509.pem similarity index 100% rename from whitechapel_pro/certs/com_qorvo_uwb.x509.pem rename to legacy/whitechapel_pro/certs/com_qorvo_uwb.x509.pem diff --git a/whitechapel_pro/charger_vendor.te b/legacy/whitechapel_pro/charger_vendor.te similarity index 100% rename from whitechapel_pro/charger_vendor.te rename to legacy/whitechapel_pro/charger_vendor.te diff --git a/whitechapel_pro/chre.te b/legacy/whitechapel_pro/chre.te similarity index 100% rename from whitechapel_pro/chre.te rename to legacy/whitechapel_pro/chre.te diff --git a/whitechapel_pro/con_monitor.te b/legacy/whitechapel_pro/con_monitor.te similarity index 100% rename from whitechapel_pro/con_monitor.te rename to legacy/whitechapel_pro/con_monitor.te diff --git a/whitechapel_pro/device.te b/legacy/whitechapel_pro/device.te similarity index 100% rename from whitechapel_pro/device.te rename to legacy/whitechapel_pro/device.te diff --git a/whitechapel_pro/dmd.te b/legacy/whitechapel_pro/dmd.te similarity index 100% rename from whitechapel_pro/dmd.te rename to legacy/whitechapel_pro/dmd.te diff --git a/whitechapel_pro/domain.te b/legacy/whitechapel_pro/domain.te similarity index 100% rename from whitechapel_pro/domain.te rename to legacy/whitechapel_pro/domain.te diff --git a/whitechapel_pro/e2fs.te b/legacy/whitechapel_pro/e2fs.te similarity index 100% rename from whitechapel_pro/e2fs.te rename to legacy/whitechapel_pro/e2fs.te diff --git a/whitechapel_pro/euiccpixel_app.te b/legacy/whitechapel_pro/euiccpixel_app.te similarity index 100% rename from whitechapel_pro/euiccpixel_app.te rename to legacy/whitechapel_pro/euiccpixel_app.te diff --git a/whitechapel_pro/fastbootd.te b/legacy/whitechapel_pro/fastbootd.te similarity index 100% rename from whitechapel_pro/fastbootd.te rename to legacy/whitechapel_pro/fastbootd.te diff --git a/whitechapel_pro/file.te b/legacy/whitechapel_pro/file.te similarity index 100% rename from whitechapel_pro/file.te rename to legacy/whitechapel_pro/file.te diff --git a/whitechapel_pro/file_contexts b/legacy/whitechapel_pro/file_contexts similarity index 100% rename from whitechapel_pro/file_contexts rename to legacy/whitechapel_pro/file_contexts diff --git a/whitechapel_pro/fsck.te b/legacy/whitechapel_pro/fsck.te similarity index 100% rename from whitechapel_pro/fsck.te rename to legacy/whitechapel_pro/fsck.te diff --git a/whitechapel_pro/genfs_contexts b/legacy/whitechapel_pro/genfs_contexts similarity index 100% rename from whitechapel_pro/genfs_contexts rename to legacy/whitechapel_pro/genfs_contexts diff --git a/whitechapel_pro/google_camera_app.te b/legacy/whitechapel_pro/google_camera_app.te similarity index 100% rename from whitechapel_pro/google_camera_app.te rename to legacy/whitechapel_pro/google_camera_app.te diff --git a/whitechapel_pro/gpsd.te b/legacy/whitechapel_pro/gpsd.te similarity index 100% rename from whitechapel_pro/gpsd.te rename to legacy/whitechapel_pro/gpsd.te diff --git a/whitechapel_pro/grilservice_app.te b/legacy/whitechapel_pro/grilservice_app.te similarity index 100% rename from whitechapel_pro/grilservice_app.te rename to legacy/whitechapel_pro/grilservice_app.te diff --git a/whitechapel_pro/gxp_logging.te b/legacy/whitechapel_pro/gxp_logging.te similarity index 100% rename from whitechapel_pro/gxp_logging.te rename to legacy/whitechapel_pro/gxp_logging.te diff --git a/whitechapel_pro/hal_bootctl_default.te b/legacy/whitechapel_pro/hal_bootctl_default.te similarity index 100% rename from whitechapel_pro/hal_bootctl_default.te rename to legacy/whitechapel_pro/hal_bootctl_default.te diff --git a/whitechapel_pro/hal_camera_default.te b/legacy/whitechapel_pro/hal_camera_default.te similarity index 100% rename from whitechapel_pro/hal_camera_default.te rename to legacy/whitechapel_pro/hal_camera_default.te diff --git a/whitechapel_pro/hal_contexthub.te b/legacy/whitechapel_pro/hal_contexthub.te similarity index 100% rename from whitechapel_pro/hal_contexthub.te rename to legacy/whitechapel_pro/hal_contexthub.te diff --git a/whitechapel_pro/hal_fingerprint_default.te b/legacy/whitechapel_pro/hal_fingerprint_default.te similarity index 100% rename from whitechapel_pro/hal_fingerprint_default.te rename to legacy/whitechapel_pro/hal_fingerprint_default.te diff --git a/whitechapel_pro/hal_graphics_allocator_default.te b/legacy/whitechapel_pro/hal_graphics_allocator_default.te similarity index 100% rename from whitechapel_pro/hal_graphics_allocator_default.te rename to legacy/whitechapel_pro/hal_graphics_allocator_default.te diff --git a/whitechapel_pro/hal_graphics_composer_default.te b/legacy/whitechapel_pro/hal_graphics_composer_default.te similarity index 100% rename from whitechapel_pro/hal_graphics_composer_default.te rename to legacy/whitechapel_pro/hal_graphics_composer_default.te diff --git a/whitechapel_pro/hal_health_default.te b/legacy/whitechapel_pro/hal_health_default.te similarity index 100% rename from whitechapel_pro/hal_health_default.te rename to legacy/whitechapel_pro/hal_health_default.te diff --git a/whitechapel_pro/hal_health_storage_default.te b/legacy/whitechapel_pro/hal_health_storage_default.te similarity index 100% rename from whitechapel_pro/hal_health_storage_default.te rename to legacy/whitechapel_pro/hal_health_storage_default.te diff --git a/whitechapel_pro/hal_nfc_default.te b/legacy/whitechapel_pro/hal_nfc_default.te similarity index 100% rename from whitechapel_pro/hal_nfc_default.te rename to legacy/whitechapel_pro/hal_nfc_default.te diff --git a/whitechapel_pro/hal_power_default.te b/legacy/whitechapel_pro/hal_power_default.te similarity index 100% rename from whitechapel_pro/hal_power_default.te rename to legacy/whitechapel_pro/hal_power_default.te diff --git a/whitechapel_pro/hal_power_stats_default.te b/legacy/whitechapel_pro/hal_power_stats_default.te similarity index 100% rename from whitechapel_pro/hal_power_stats_default.te rename to legacy/whitechapel_pro/hal_power_stats_default.te diff --git a/whitechapel_pro/hal_radioext_default.te b/legacy/whitechapel_pro/hal_radioext_default.te similarity index 100% rename from whitechapel_pro/hal_radioext_default.te rename to legacy/whitechapel_pro/hal_radioext_default.te diff --git a/whitechapel_pro/hal_secure_element_gto.te b/legacy/whitechapel_pro/hal_secure_element_gto.te similarity index 100% rename from whitechapel_pro/hal_secure_element_gto.te rename to legacy/whitechapel_pro/hal_secure_element_gto.te diff --git a/whitechapel_pro/hal_secure_element_gto_ese2.te b/legacy/whitechapel_pro/hal_secure_element_gto_ese2.te similarity index 100% rename from whitechapel_pro/hal_secure_element_gto_ese2.te rename to legacy/whitechapel_pro/hal_secure_element_gto_ese2.te diff --git a/whitechapel_pro/hal_secure_element_st33spi.te b/legacy/whitechapel_pro/hal_secure_element_st33spi.te similarity index 100% rename from whitechapel_pro/hal_secure_element_st33spi.te rename to legacy/whitechapel_pro/hal_secure_element_st33spi.te diff --git a/whitechapel_pro/hal_secure_element_st54spi.te b/legacy/whitechapel_pro/hal_secure_element_st54spi.te similarity index 100% rename from whitechapel_pro/hal_secure_element_st54spi.te rename to legacy/whitechapel_pro/hal_secure_element_st54spi.te diff --git a/whitechapel_pro/hal_secure_element_uicc.te b/legacy/whitechapel_pro/hal_secure_element_uicc.te similarity index 100% rename from whitechapel_pro/hal_secure_element_uicc.te rename to legacy/whitechapel_pro/hal_secure_element_uicc.te diff --git a/whitechapel_pro/hal_sensors_default.te b/legacy/whitechapel_pro/hal_sensors_default.te similarity index 100% rename from whitechapel_pro/hal_sensors_default.te rename to legacy/whitechapel_pro/hal_sensors_default.te diff --git a/whitechapel_pro/hal_thermal_default.te b/legacy/whitechapel_pro/hal_thermal_default.te similarity index 100% rename from whitechapel_pro/hal_thermal_default.te rename to legacy/whitechapel_pro/hal_thermal_default.te diff --git a/whitechapel_pro/hal_usb_gadget_impl.te b/legacy/whitechapel_pro/hal_usb_gadget_impl.te similarity index 100% rename from whitechapel_pro/hal_usb_gadget_impl.te rename to legacy/whitechapel_pro/hal_usb_gadget_impl.te diff --git a/whitechapel_pro/hal_usb_impl.te b/legacy/whitechapel_pro/hal_usb_impl.te similarity index 100% rename from whitechapel_pro/hal_usb_impl.te rename to legacy/whitechapel_pro/hal_usb_impl.te diff --git a/whitechapel_pro/hal_uwb_vendor.te b/legacy/whitechapel_pro/hal_uwb_vendor.te similarity index 100% rename from whitechapel_pro/hal_uwb_vendor.te rename to legacy/whitechapel_pro/hal_uwb_vendor.te diff --git a/whitechapel_pro/hal_uwb_vendor_default.te b/legacy/whitechapel_pro/hal_uwb_vendor_default.te similarity index 100% rename from whitechapel_pro/hal_uwb_vendor_default.te rename to legacy/whitechapel_pro/hal_uwb_vendor_default.te diff --git a/whitechapel_pro/hal_wifi_ext.te b/legacy/whitechapel_pro/hal_wifi_ext.te similarity index 100% rename from whitechapel_pro/hal_wifi_ext.te rename to legacy/whitechapel_pro/hal_wifi_ext.te diff --git a/whitechapel_pro/hal_wlc.te b/legacy/whitechapel_pro/hal_wlc.te similarity index 100% rename from whitechapel_pro/hal_wlc.te rename to legacy/whitechapel_pro/hal_wlc.te diff --git a/whitechapel_pro/hbmsvmanager_app.te b/legacy/whitechapel_pro/hbmsvmanager_app.te similarity index 100% rename from whitechapel_pro/hbmsvmanager_app.te rename to legacy/whitechapel_pro/hbmsvmanager_app.te diff --git a/whitechapel_pro/hwservice.te b/legacy/whitechapel_pro/hwservice.te similarity index 100% rename from whitechapel_pro/hwservice.te rename to legacy/whitechapel_pro/hwservice.te diff --git a/whitechapel_pro/hwservice_contexts b/legacy/whitechapel_pro/hwservice_contexts similarity index 100% rename from whitechapel_pro/hwservice_contexts rename to legacy/whitechapel_pro/hwservice_contexts diff --git a/whitechapel_pro/hwservicemanager.te b/legacy/whitechapel_pro/hwservicemanager.te similarity index 100% rename from whitechapel_pro/hwservicemanager.te rename to legacy/whitechapel_pro/hwservicemanager.te diff --git a/whitechapel_pro/incident.te b/legacy/whitechapel_pro/incident.te similarity index 100% rename from whitechapel_pro/incident.te rename to legacy/whitechapel_pro/incident.te diff --git a/whitechapel_pro/init-display-sh.te b/legacy/whitechapel_pro/init-display-sh.te similarity index 100% rename from whitechapel_pro/init-display-sh.te rename to legacy/whitechapel_pro/init-display-sh.te diff --git a/whitechapel_pro/init.te b/legacy/whitechapel_pro/init.te similarity index 100% rename from whitechapel_pro/init.te rename to legacy/whitechapel_pro/init.te diff --git a/whitechapel_pro/init_radio.te b/legacy/whitechapel_pro/init_radio.te similarity index 100% rename from whitechapel_pro/init_radio.te rename to legacy/whitechapel_pro/init_radio.te diff --git a/whitechapel_pro/installd.te b/legacy/whitechapel_pro/installd.te similarity index 100% rename from whitechapel_pro/installd.te rename to legacy/whitechapel_pro/installd.te diff --git a/whitechapel_pro/kernel.te b/legacy/whitechapel_pro/kernel.te similarity index 100% rename from whitechapel_pro/kernel.te rename to legacy/whitechapel_pro/kernel.te diff --git a/legacy/whitechapel_pro/keys.conf b/legacy/whitechapel_pro/keys.conf new file mode 100644 index 00000000..a282ba42 --- /dev/null +++ b/legacy/whitechapel_pro/keys.conf @@ -0,0 +1,11 @@ +[@GOOGLE] +ALL : device/google/zuma-sepolicy/legacy/whitechapel_pro/certs/app.x509.pem + +[@MDS] +ALL : device/google/zuma-sepolicy/legacy/whitechapel_pro/certs/com_google_mds.x509.pem + +[@UWB] +ALL : device/google/zuma-sepolicy/legacy/whitechapel_pro/certs/com_qorvo_uwb.x509.pem + +[@EUICCSUPPORTPIXEL] +ALL : device/google/zuma-sepolicy/legacy/whitechapel_pro/certs/EuiccSupportPixel.x509.pem diff --git a/whitechapel_pro/logd.te b/legacy/whitechapel_pro/logd.te similarity index 100% rename from whitechapel_pro/logd.te rename to legacy/whitechapel_pro/logd.te diff --git a/whitechapel_pro/logger_app.te b/legacy/whitechapel_pro/logger_app.te similarity index 100% rename from whitechapel_pro/logger_app.te rename to legacy/whitechapel_pro/logger_app.te diff --git a/whitechapel_pro/mac_permissions.xml b/legacy/whitechapel_pro/mac_permissions.xml similarity index 100% rename from whitechapel_pro/mac_permissions.xml rename to legacy/whitechapel_pro/mac_permissions.xml diff --git a/whitechapel_pro/mediacodec_google.te b/legacy/whitechapel_pro/mediacodec_google.te similarity index 100% rename from whitechapel_pro/mediacodec_google.te rename to legacy/whitechapel_pro/mediacodec_google.te diff --git a/whitechapel_pro/mediacodec_samsung.te b/legacy/whitechapel_pro/mediacodec_samsung.te similarity index 100% rename from whitechapel_pro/mediacodec_samsung.te rename to legacy/whitechapel_pro/mediacodec_samsung.te diff --git a/whitechapel_pro/modem_diagnostic_app.te b/legacy/whitechapel_pro/modem_diagnostic_app.te similarity index 100% rename from whitechapel_pro/modem_diagnostic_app.te rename to legacy/whitechapel_pro/modem_diagnostic_app.te diff --git a/whitechapel_pro/modem_logging_control.te b/legacy/whitechapel_pro/modem_logging_control.te similarity index 100% rename from whitechapel_pro/modem_logging_control.te rename to legacy/whitechapel_pro/modem_logging_control.te diff --git a/whitechapel_pro/modem_svc_sit.te b/legacy/whitechapel_pro/modem_svc_sit.te similarity index 100% rename from whitechapel_pro/modem_svc_sit.te rename to legacy/whitechapel_pro/modem_svc_sit.te diff --git a/whitechapel_pro/nfc.te b/legacy/whitechapel_pro/nfc.te similarity index 100% rename from whitechapel_pro/nfc.te rename to legacy/whitechapel_pro/nfc.te diff --git a/whitechapel_pro/oemrilservice_app.te b/legacy/whitechapel_pro/oemrilservice_app.te similarity index 100% rename from whitechapel_pro/oemrilservice_app.te rename to legacy/whitechapel_pro/oemrilservice_app.te diff --git a/whitechapel_pro/ofl_app.te b/legacy/whitechapel_pro/ofl_app.te similarity index 100% rename from whitechapel_pro/ofl_app.te rename to legacy/whitechapel_pro/ofl_app.te diff --git a/whitechapel_pro/omadm.te b/legacy/whitechapel_pro/omadm.te similarity index 100% rename from whitechapel_pro/omadm.te rename to legacy/whitechapel_pro/omadm.te diff --git a/whitechapel_pro/pixelstats_vendor.te b/legacy/whitechapel_pro/pixelstats_vendor.te similarity index 100% rename from whitechapel_pro/pixelstats_vendor.te rename to legacy/whitechapel_pro/pixelstats_vendor.te diff --git a/whitechapel_pro/platform_app.te b/legacy/whitechapel_pro/platform_app.te similarity index 100% rename from whitechapel_pro/platform_app.te rename to legacy/whitechapel_pro/platform_app.te diff --git a/whitechapel_pro/property.te b/legacy/whitechapel_pro/property.te similarity index 100% rename from whitechapel_pro/property.te rename to legacy/whitechapel_pro/property.te diff --git a/whitechapel_pro/property_contexts b/legacy/whitechapel_pro/property_contexts similarity index 100% rename from whitechapel_pro/property_contexts rename to legacy/whitechapel_pro/property_contexts diff --git a/whitechapel_pro/radio.te b/legacy/whitechapel_pro/radio.te similarity index 100% rename from whitechapel_pro/radio.te rename to legacy/whitechapel_pro/radio.te diff --git a/whitechapel_pro/ramdump_app.te b/legacy/whitechapel_pro/ramdump_app.te similarity index 100% rename from whitechapel_pro/ramdump_app.te rename to legacy/whitechapel_pro/ramdump_app.te diff --git a/whitechapel_pro/recovery.te b/legacy/whitechapel_pro/recovery.te similarity index 100% rename from whitechapel_pro/recovery.te rename to legacy/whitechapel_pro/recovery.te diff --git a/whitechapel_pro/rfsd.te b/legacy/whitechapel_pro/rfsd.te similarity index 100% rename from whitechapel_pro/rfsd.te rename to legacy/whitechapel_pro/rfsd.te diff --git a/whitechapel_pro/rild.te b/legacy/whitechapel_pro/rild.te similarity index 100% rename from whitechapel_pro/rild.te rename to legacy/whitechapel_pro/rild.te diff --git a/whitechapel_pro/rlsservice.te b/legacy/whitechapel_pro/rlsservice.te similarity index 100% rename from whitechapel_pro/rlsservice.te rename to legacy/whitechapel_pro/rlsservice.te diff --git a/whitechapel_pro/sced.te b/legacy/whitechapel_pro/sced.te similarity index 100% rename from whitechapel_pro/sced.te rename to legacy/whitechapel_pro/sced.te diff --git a/whitechapel_pro/seapp_contexts b/legacy/whitechapel_pro/seapp_contexts similarity index 100% rename from whitechapel_pro/seapp_contexts rename to legacy/whitechapel_pro/seapp_contexts diff --git a/whitechapel_pro/service.te b/legacy/whitechapel_pro/service.te similarity index 100% rename from whitechapel_pro/service.te rename to legacy/whitechapel_pro/service.te diff --git a/whitechapel_pro/service_contexts b/legacy/whitechapel_pro/service_contexts similarity index 100% rename from whitechapel_pro/service_contexts rename to legacy/whitechapel_pro/service_contexts diff --git a/whitechapel_pro/shell.te b/legacy/whitechapel_pro/shell.te similarity index 100% rename from whitechapel_pro/shell.te rename to legacy/whitechapel_pro/shell.te diff --git a/whitechapel_pro/ssr_detector.te b/legacy/whitechapel_pro/ssr_detector.te similarity index 100% rename from whitechapel_pro/ssr_detector.te rename to legacy/whitechapel_pro/ssr_detector.te diff --git a/whitechapel_pro/surfaceflinger.te b/legacy/whitechapel_pro/surfaceflinger.te similarity index 100% rename from whitechapel_pro/surfaceflinger.te rename to legacy/whitechapel_pro/surfaceflinger.te diff --git a/whitechapel_pro/system_server.te b/legacy/whitechapel_pro/system_server.te similarity index 100% rename from whitechapel_pro/system_server.te rename to legacy/whitechapel_pro/system_server.te diff --git a/whitechapel_pro/tcpdump_logger.te b/legacy/whitechapel_pro/tcpdump_logger.te similarity index 100% rename from whitechapel_pro/tcpdump_logger.te rename to legacy/whitechapel_pro/tcpdump_logger.te diff --git a/whitechapel_pro/te_macros b/legacy/whitechapel_pro/te_macros similarity index 100% rename from whitechapel_pro/te_macros rename to legacy/whitechapel_pro/te_macros diff --git a/whitechapel_pro/tee.te b/legacy/whitechapel_pro/tee.te similarity index 100% rename from whitechapel_pro/tee.te rename to legacy/whitechapel_pro/tee.te diff --git a/whitechapel_pro/toolbox.te b/legacy/whitechapel_pro/toolbox.te similarity index 100% rename from whitechapel_pro/toolbox.te rename to legacy/whitechapel_pro/toolbox.te diff --git a/whitechapel_pro/trusty_apploader.te b/legacy/whitechapel_pro/trusty_apploader.te similarity index 100% rename from whitechapel_pro/trusty_apploader.te rename to legacy/whitechapel_pro/trusty_apploader.te diff --git a/whitechapel_pro/trusty_metricsd.te b/legacy/whitechapel_pro/trusty_metricsd.te similarity index 100% rename from whitechapel_pro/trusty_metricsd.te rename to legacy/whitechapel_pro/trusty_metricsd.te diff --git a/whitechapel_pro/untrusted_app_all.te b/legacy/whitechapel_pro/untrusted_app_all.te similarity index 100% rename from whitechapel_pro/untrusted_app_all.te rename to legacy/whitechapel_pro/untrusted_app_all.te diff --git a/whitechapel_pro/update_engine.te b/legacy/whitechapel_pro/update_engine.te similarity index 100% rename from whitechapel_pro/update_engine.te rename to legacy/whitechapel_pro/update_engine.te diff --git a/whitechapel_pro/uwb_vendor_app.te b/legacy/whitechapel_pro/uwb_vendor_app.te similarity index 100% rename from whitechapel_pro/uwb_vendor_app.te rename to legacy/whitechapel_pro/uwb_vendor_app.te diff --git a/whitechapel_pro/vcd.te b/legacy/whitechapel_pro/vcd.te similarity index 100% rename from whitechapel_pro/vcd.te rename to legacy/whitechapel_pro/vcd.te diff --git a/whitechapel_pro/vendor_engineermode_app.te b/legacy/whitechapel_pro/vendor_engineermode_app.te similarity index 100% rename from whitechapel_pro/vendor_engineermode_app.te rename to legacy/whitechapel_pro/vendor_engineermode_app.te diff --git a/whitechapel_pro/vendor_ims_app.te b/legacy/whitechapel_pro/vendor_ims_app.te similarity index 100% rename from whitechapel_pro/vendor_ims_app.te rename to legacy/whitechapel_pro/vendor_ims_app.te diff --git a/whitechapel_pro/vendor_ims_remote_app.te b/legacy/whitechapel_pro/vendor_ims_remote_app.te similarity index 100% rename from whitechapel_pro/vendor_ims_remote_app.te rename to legacy/whitechapel_pro/vendor_ims_remote_app.te diff --git a/whitechapel_pro/vendor_init.te b/legacy/whitechapel_pro/vendor_init.te similarity index 100% rename from whitechapel_pro/vendor_init.te rename to legacy/whitechapel_pro/vendor_init.te diff --git a/whitechapel_pro/vendor_qualifiednetworks_app.te b/legacy/whitechapel_pro/vendor_qualifiednetworks_app.te similarity index 100% rename from whitechapel_pro/vendor_qualifiednetworks_app.te rename to legacy/whitechapel_pro/vendor_qualifiednetworks_app.te diff --git a/whitechapel_pro/vendor_rcs_app.te b/legacy/whitechapel_pro/vendor_rcs_app.te similarity index 100% rename from whitechapel_pro/vendor_rcs_app.te rename to legacy/whitechapel_pro/vendor_rcs_app.te diff --git a/whitechapel_pro/vendor_rcs_service_app.te b/legacy/whitechapel_pro/vendor_rcs_service_app.te similarity index 100% rename from whitechapel_pro/vendor_rcs_service_app.te rename to legacy/whitechapel_pro/vendor_rcs_service_app.te diff --git a/whitechapel_pro/vendor_shell.te b/legacy/whitechapel_pro/vendor_shell.te similarity index 100% rename from whitechapel_pro/vendor_shell.te rename to legacy/whitechapel_pro/vendor_shell.te diff --git a/whitechapel_pro/vendor_silentlogging_remote_app.te b/legacy/whitechapel_pro/vendor_silentlogging_remote_app.te similarity index 100% rename from whitechapel_pro/vendor_silentlogging_remote_app.te rename to legacy/whitechapel_pro/vendor_silentlogging_remote_app.te diff --git a/whitechapel_pro/vendor_telephony_debug_app.te b/legacy/whitechapel_pro/vendor_telephony_debug_app.te similarity index 100% rename from whitechapel_pro/vendor_telephony_debug_app.te rename to legacy/whitechapel_pro/vendor_telephony_debug_app.te diff --git a/whitechapel_pro/vendor_telephony_network_test_app.te b/legacy/whitechapel_pro/vendor_telephony_network_test_app.te similarity index 100% rename from whitechapel_pro/vendor_telephony_network_test_app.te rename to legacy/whitechapel_pro/vendor_telephony_network_test_app.te diff --git a/whitechapel_pro/vendor_telephony_silentlogging_app.te b/legacy/whitechapel_pro/vendor_telephony_silentlogging_app.te similarity index 100% rename from whitechapel_pro/vendor_telephony_silentlogging_app.te rename to legacy/whitechapel_pro/vendor_telephony_silentlogging_app.te diff --git a/whitechapel_pro/vendor_telephony_test_app.te b/legacy/whitechapel_pro/vendor_telephony_test_app.te similarity index 100% rename from whitechapel_pro/vendor_telephony_test_app.te rename to legacy/whitechapel_pro/vendor_telephony_test_app.te diff --git a/whitechapel_pro/vendor_telephony_uartswitch_app.te b/legacy/whitechapel_pro/vendor_telephony_uartswitch_app.te similarity index 100% rename from whitechapel_pro/vendor_telephony_uartswitch_app.te rename to legacy/whitechapel_pro/vendor_telephony_uartswitch_app.te diff --git a/whitechapel_pro/vendor_uwb_init.te b/legacy/whitechapel_pro/vendor_uwb_init.te similarity index 100% rename from whitechapel_pro/vendor_uwb_init.te rename to legacy/whitechapel_pro/vendor_uwb_init.te diff --git a/whitechapel_pro/vndservice.te b/legacy/whitechapel_pro/vndservice.te similarity index 100% rename from whitechapel_pro/vndservice.te rename to legacy/whitechapel_pro/vndservice.te diff --git a/whitechapel_pro/vndservice_contexts b/legacy/whitechapel_pro/vndservice_contexts similarity index 100% rename from whitechapel_pro/vndservice_contexts rename to legacy/whitechapel_pro/vndservice_contexts diff --git a/whitechapel_pro/vold.te b/legacy/whitechapel_pro/vold.te similarity index 100% rename from whitechapel_pro/vold.te rename to legacy/whitechapel_pro/vold.te diff --git a/tracking_denials/dumpstate.te b/tracking_denials/dumpstate.te deleted file mode 100644 index aaff71e5..00000000 --- a/tracking_denials/dumpstate.te +++ /dev/null @@ -1,6 +0,0 @@ -# b/221384768 -dontaudit dumpstate app_zygote:process { signal }; -dontaudit dumpstate hal_power_stats_vendor_service:service_manager { find }; -dontaudit dumpstate sysfs:file { read }; -# b/227694693 -dontaudit dumpstate incident:process { signal }; diff --git a/tracking_denials/google_camera_app.te b/tracking_denials/google_camera_app.te deleted file mode 100644 index 7174d568..00000000 --- a/tracking_denials/google_camera_app.te +++ /dev/null @@ -1,4 +0,0 @@ -# b/209889068 -dontaudit google_camera_app vendor_default_prop:file { getattr }; -dontaudit google_camera_app vendor_default_prop:file { map }; -dontaudit google_camera_app vendor_default_prop:file { open }; diff --git a/tracking_denials/hal_camera_default.te b/tracking_denials/hal_camera_default.te deleted file mode 100644 index f423e497..00000000 --- a/tracking_denials/hal_camera_default.te +++ /dev/null @@ -1,5 +0,0 @@ -# b/205780065 -dontaudit hal_camera_default system_data_file:dir { search }; -# b/218585004 -dontaudit hal_camera_default traced:unix_stream_socket { connectto }; -dontaudit hal_camera_default traced_producer_socket:sock_file { write }; diff --git a/tracking_denials/hal_drm_widevine.te b/tracking_denials/hal_drm_widevine.te deleted file mode 100644 index cfe7fcf7..00000000 --- a/tracking_denials/hal_drm_widevine.te +++ /dev/null @@ -1,2 +0,0 @@ -# b/229209076 -dontaudit hal_drm_widevine vndbinder_device:chr_file { read }; diff --git a/tracking_denials/hal_power_default.te b/tracking_denials/hal_power_default.te deleted file mode 100644 index 731d4baa..00000000 --- a/tracking_denials/hal_power_default.te +++ /dev/null @@ -1,4 +0,0 @@ -# b/208909174 -dontaudit hal_power_default hal_power_default:capability { dac_read_search }; -# b/221384860 -dontaudit hal_power_default hal_power_default:capability { dac_override }; diff --git a/tracking_denials/hal_radioext_default.te b/tracking_denials/hal_radioext_default.te deleted file mode 100644 index 74a400df..00000000 --- a/tracking_denials/hal_radioext_default.te +++ /dev/null @@ -1,2 +0,0 @@ -# b/227122249 -dontaudit hal_radioext_default hal_bluetooth_coexistence_hwservice:hwservice_manager { find }; diff --git a/tracking_denials/hal_secure_element_st33spi.te b/tracking_denials/hal_secure_element_st33spi.te deleted file mode 100644 index da4b099d..00000000 --- a/tracking_denials/hal_secure_element_st33spi.te +++ /dev/null @@ -1,2 +0,0 @@ -# b/229167195 -dontaudit hal_secure_element_st33spi vendor_secure_element_prop:file { read }; diff --git a/tracking_denials/hal_sensors_default.te b/tracking_denials/hal_sensors_default.te deleted file mode 100644 index fb1bb237..00000000 --- a/tracking_denials/hal_sensors_default.te +++ /dev/null @@ -1,2 +0,0 @@ -# b/227695036 -dontaudit hal_sensors_default sensor_reg_data_file:dir { write }; diff --git a/tracking_denials/hal_thermal_default.te b/tracking_denials/hal_thermal_default.te deleted file mode 100644 index abbd2f97..00000000 --- a/tracking_denials/hal_thermal_default.te +++ /dev/null @@ -1,7 +0,0 @@ -# b/205904328 -dontaudit hal_thermal_default hal_thermal_default:netlink_generic_socket { bind }; -dontaudit hal_thermal_default hal_thermal_default:netlink_generic_socket { create }; -dontaudit hal_thermal_default hal_thermal_default:netlink_generic_socket { getattr }; -dontaudit hal_thermal_default hal_thermal_default:netlink_generic_socket { read }; -dontaudit hal_thermal_default hal_thermal_default:netlink_generic_socket { setopt }; -dontaudit hal_thermal_default hal_thermal_default:netlink_generic_socket { write }; diff --git a/tracking_denials/hal_uwb_vendor_default.te b/tracking_denials/hal_uwb_vendor_default.te deleted file mode 100644 index 2e0025fc..00000000 --- a/tracking_denials/hal_uwb_vendor_default.te +++ /dev/null @@ -1,3 +0,0 @@ -# b/208721505 -dontaudit hal_uwb_vendor_default dumpstate:fd { use }; -dontaudit hal_uwb_vendor_default dumpstate:fifo_file { write }; diff --git a/tracking_denials/incidentd.te b/tracking_denials/incidentd.te deleted file mode 100644 index 90b1025f..00000000 --- a/tracking_denials/incidentd.te +++ /dev/null @@ -1,2 +0,0 @@ -# b/226850644 -dontaudit incidentd debugfs_wakeup_sources:file { read }; diff --git a/tracking_denials/kernel.te b/tracking_denials/kernel.te deleted file mode 100644 index e8fb22af..00000000 --- a/tracking_denials/kernel.te +++ /dev/null @@ -1,9 +0,0 @@ -# b/220801802 -allow kernel same_process_hal_file:file r_file_perms; -# b/227121550 -dontaudit kernel vendor_usb_debugfs:dir { search }; -dontaudit kernel vendor_votable_debugfs:dir { search }; -# b/227286343 -dontaudit kernel vendor_regmap_debugfs:dir { search }; -# b/228181404 -dontaudit kernel vendor_maxfg_debugfs:dir { search }; diff --git a/tracking_denials/rebalance_interrupts_vendor.te b/tracking_denials/rebalance_interrupts_vendor.te deleted file mode 100644 index b9b246ce..00000000 --- a/tracking_denials/rebalance_interrupts_vendor.te +++ /dev/null @@ -1,2 +0,0 @@ -# b/214472867 -dontaudit rebalance_interrupts_vendor rebalance_interrupts_vendor:capability { dac_override }; diff --git a/tracking_denials/servicemanager.te b/tracking_denials/servicemanager.te deleted file mode 100644 index 72e6e6e9..00000000 --- a/tracking_denials/servicemanager.te +++ /dev/null @@ -1,2 +0,0 @@ -# b/214122471 -dontaudit servicemanager hal_fingerprint_default:binder { call }; diff --git a/tracking_denials/ssr_detector_app.te b/tracking_denials/ssr_detector_app.te deleted file mode 100644 index 182b08e1..00000000 --- a/tracking_denials/ssr_detector_app.te +++ /dev/null @@ -1,12 +0,0 @@ -# b/205202542 -dontaudit ssr_detector_app vendor_persist_sys_default_prop:file { getattr }; -dontaudit ssr_detector_app vendor_persist_sys_default_prop:file { map }; -dontaudit ssr_detector_app vendor_persist_sys_default_prop:file { open }; -dontaudit ssr_detector_app vendor_persist_sys_default_prop:file { read }; -# b/207571417 -dontaudit ssr_detector_app cgroup:file { open }; -dontaudit ssr_detector_app cgroup:file { write }; -dontaudit ssr_detector_app sysfs:file { getattr }; -dontaudit ssr_detector_app sysfs:file { open }; -dontaudit ssr_detector_app sysfs:file { read }; -dontaudit ssr_detector_app sysfs:file { write }; diff --git a/tracking_denials/surfaceflinger.te b/tracking_denials/surfaceflinger.te deleted file mode 100644 index cd7b63d9..00000000 --- a/tracking_denials/surfaceflinger.te +++ /dev/null @@ -1,4 +0,0 @@ -# b/215042694 -dontaudit surfaceflinger kernel:process { setsched }; -# b/208721808 -dontaudit surfaceflinger hal_graphics_composer_default:dir { search }; diff --git a/tracking_denials/vendor_init.te b/tracking_denials/vendor_init.te deleted file mode 100644 index ea8ff1e4..00000000 --- a/tracking_denials/vendor_init.te +++ /dev/null @@ -1,2 +0,0 @@ -# b/205656950 -dontaudit vendor_init thermal_link_device:file { create }; diff --git a/tracking_denials/vendor_telephony_silentlogging_app.te b/tracking_denials/vendor_telephony_silentlogging_app.te deleted file mode 100644 index a74e3e3a..00000000 --- a/tracking_denials/vendor_telephony_silentlogging_app.te +++ /dev/null @@ -1,3 +0,0 @@ -# b/221384996 -dontaudit vendor_telephony_silentlogging_app system_app_data_file:dir { getattr }; -dontaudit vendor_telephony_silentlogging_app system_app_data_file:dir { search }; diff --git a/whitechapel_pro/dumpstate.te b/whitechapel_pro/dumpstate.te deleted file mode 100644 index 8ff47509..00000000 --- a/whitechapel_pro/dumpstate.te +++ /dev/null @@ -1,17 +0,0 @@ -dump_hal(hal_health) -dump_hal(hal_graphics_composer) -dump_hal(hal_telephony) -dump_hal(hal_uwb_vendor) - -userdebug_or_eng(` - allow dumpstate media_rw_data_file:file append; -') - -allow dumpstate sysfs_scsi_devices_0000:file r_file_perms; -allow dumpstate persist_file:dir r_dir_perms; -allow dumpstate modem_efs_file:dir r_dir_perms; -allow dumpstate modem_userdata_file:dir r_dir_perms; -allow dumpstate modem_img_file:dir r_dir_perms; -allow dumpstate fuse:dir search; - -dontaudit dumpstate vendor_dmabuf_debugfs:file r_file_perms; diff --git a/whitechapel_pro/hal_dumpstate_default.te b/whitechapel_pro/hal_dumpstate_default.te deleted file mode 100644 index 82fb1a3d..00000000 --- a/whitechapel_pro/hal_dumpstate_default.te +++ /dev/null @@ -1,145 +0,0 @@ -allow hal_dumpstate_default vendor_camera_data_file:dir r_dir_perms; -allow hal_dumpstate_default vendor_camera_data_file:file r_file_perms; - -allow hal_dumpstate_default sysfs_cpu:file r_file_perms; - -allow hal_dumpstate_default vendor_usf_reg_edit:file execute_no_trans; -allow hal_dumpstate_default vendor_usf_stats:file execute_no_trans; - -allow hal_dumpstate_default vendor_hwc_log_file:dir r_dir_perms; -allow hal_dumpstate_default vendor_hwc_log_file:file r_file_perms; - -allow hal_dumpstate_default vendor_rfsd_log_file:dir r_dir_perms; -allow hal_dumpstate_default vendor_rfsd_log_file:file r_file_perms; - -allow hal_dumpstate_default vendor_gps_file:dir r_dir_perms; -allow hal_dumpstate_default vendor_gps_file:file r_file_perms; - -allow hal_dumpstate_default sysfs_chip_id:file r_file_perms; - -allow hal_dumpstate_default sysfs_wlc:dir r_dir_perms; -allow hal_dumpstate_default sysfs_wlc:file r_file_perms; - -allow hal_dumpstate_default sysfs_exynos_bts:dir r_dir_perms; -allow hal_dumpstate_default sysfs_exynos_bts_stats:file r_file_perms; - -allow hal_dumpstate_default sysfs_aoc:dir r_dir_perms; -allow hal_dumpstate_default sysfs_aoc_dumpstate:file r_file_perms; - -allow hal_dumpstate_default sscoredump_vendor_data_crashinfo_file:dir r_dir_perms; -allow hal_dumpstate_default sscoredump_vendor_data_crashinfo_file:file r_file_perms; - -allow hal_dumpstate_default sysfs_thermal:dir r_dir_perms; -allow hal_dumpstate_default sysfs_thermal:file r_file_perms; - -allow hal_dumpstate_default sysfs_wifi:dir r_dir_perms; -allow hal_dumpstate_default sysfs_wifi:file r_file_perms; - -allow hal_dumpstate_default sysfs_batteryinfo:dir r_dir_perms; -allow hal_dumpstate_default sysfs_batteryinfo:file r_file_perms; - -allow hal_dumpstate_default sysfs_acpm_stats:dir r_dir_perms; -allow hal_dumpstate_default sysfs_acpm_stats:file r_file_perms; - -allow hal_dumpstate_default radio_vendor_data_file:dir create_dir_perms; -allow hal_dumpstate_default radio_vendor_data_file:file create_file_perms; - -allow hal_dumpstate_default modem_efs_file:dir search; -allow hal_dumpstate_default modem_efs_file:file r_file_perms; -allow hal_dumpstate_default modem_stat_data_file:dir r_dir_perms; -allow hal_dumpstate_default modem_stat_data_file:file r_file_perms; -allow hal_dumpstate_default vendor_slog_file:file r_file_perms; - -allow hal_dumpstate_default logbuffer_device:chr_file r_file_perms; - -allow hal_dumpstate_default citadeld_service:service_manager find; -allow hal_dumpstate_default citadel_updater:file execute_no_trans; -binder_call(hal_dumpstate_default, citadeld); - -allow hal_dumpstate_default device:dir r_dir_perms; -allow hal_dumpstate_default aoc_device:chr_file rw_file_perms; - -allow hal_dumpstate_default proc_f2fs:dir r_dir_perms; -allow hal_dumpstate_default proc_f2fs:file r_file_perms; - -allow hal_dumpstate_default sysfs_scsi_devices_0000:dir r_dir_perms; -allow hal_dumpstate_default sysfs_scsi_devices_0000:file r_file_perms; - -allow hal_dumpstate_default sysfs_touch:dir r_dir_perms; -allow hal_dumpstate_default sysfs_touch:file rw_file_perms; - -allow hal_dumpstate_default proc_touch:dir r_dir_perms; -allow hal_dumpstate_default proc_touch:file rw_file_perms; - -allow hal_dumpstate_default vendor_displaycolor_service:service_manager find; -binder_call(hal_dumpstate_default, hal_graphics_composer_default); -allow hal_dumpstate_default sysfs_display:dir r_dir_perms; -allow hal_dumpstate_default sysfs_display:file r_file_perms; - -vndbinder_use(hal_dumpstate_default) - -allow hal_dumpstate_default shell_data_file:file getattr; - -allow hal_dumpstate_default vendor_log_file:dir search; -allow hal_dumpstate_default vendor_dumpsys:file execute_no_trans; - -allow hal_dumpstate_default vendor_toolbox_exec:file execute_no_trans; -allow hal_dumpstate_default vendor_shell_exec:file execute_no_trans; - -allow hal_dumpstate_default proc_vendor_sched:dir r_dir_perms; -allow hal_dumpstate_default proc_vendor_sched:file r_file_perms; - -get_prop(hal_dumpstate_default, vendor_camera_debug_prop); -get_prop(hal_dumpstate_default, boottime_public_prop) -get_prop(hal_dumpstate_default, vendor_camera_prop) -get_prop(hal_dumpstate_default, vendor_gps_prop) -set_prop(hal_dumpstate_default, vendor_modem_prop) -get_prop(hal_dumpstate_default, vendor_rild_prop) -get_prop(hal_dumpstate_default, vendor_tcpdump_log_prop) -set_prop(hal_dumpstate_default, vendor_logger_prop) - -userdebug_or_eng(` - allow hal_dumpstate_default mnt_vendor_file:dir search; - allow hal_dumpstate_default ramdump_vendor_mnt_file:dir search; - allow hal_dumpstate_default ramdump_vendor_mnt_file:file r_file_perms; - allow hal_dumpstate_default sysfs_bcl:dir r_dir_perms; - allow hal_dumpstate_default sysfs_bcl:file r_file_perms; - allow hal_dumpstate_default debugfs:dir r_dir_perms; - allow hal_dumpstate_default vendor_votable_debugfs:dir r_dir_perms; - allow hal_dumpstate_default vendor_votable_debugfs:file r_file_perms; - allow hal_dumpstate_default debugfs_f2fs:dir r_dir_perms; - allow hal_dumpstate_default debugfs_f2fs:file r_file_perms; - allow hal_dumpstate_default vendor_battery_debugfs:dir r_dir_perms; - allow hal_dumpstate_default vendor_battery_debugfs:file r_file_perms; - allow hal_dumpstate_default vendor_charger_debugfs:dir r_dir_perms; - allow hal_dumpstate_default vendor_charger_debugfs:file r_file_perms; - allow hal_dumpstate_default vendor_dmabuf_debugfs:file r_file_perms; - allow hal_dumpstate_default vendor_maxfg_debugfs:dir r_dir_perms; - allow hal_dumpstate_default vendor_maxfg_debugfs:file r_file_perms; - allow hal_dumpstate_default vendor_pm_genpd_debugfs:file r_file_perms; - allow hal_dumpstate_default vendor_dri_debugfs:dir r_dir_perms; - allow hal_dumpstate_default vendor_dri_debugfs:file r_file_perms; - allow hal_dumpstate_default vendor_page_pinner_debugfs:dir search; - allow hal_dumpstate_default vendor_page_pinner_debugfs:file r_file_perms; -') - -dontaudit hal_dumpstate_default mnt_vendor_file:dir search; -dontaudit hal_dumpstate_default vendor_dri_debugfs:dir r_dir_perms; -dontaudit hal_dumpstate_default vendor_dri_debugfs:file r_file_perms; -dontaudit hal_dumpstate_default debugfs:dir r_dir_perms; -dontaudit hal_dumpstate_default vendor_votable_debugfs:dir r_dir_perms; -dontaudit hal_dumpstate_default vendor_votable_debugfs:file r_file_perms; -dontaudit hal_dumpstate_default debugfs_f2fs:dir r_dir_perms; -dontaudit hal_dumpstate_default debugfs_f2fs:file r_file_perms; -dontaudit hal_dumpstate_default vendor_battery_debugfs:dir r_dir_perms; -dontaudit hal_dumpstate_default vendor_battery_debugfs:file r_file_perms; -dontaudit hal_dumpstate_default vendor_charger_debugfs:dir r_dir_perms; -dontaudit hal_dumpstate_default vendor_charger_debugfs:file r_file_perms; -dontaudit hal_dumpstate_default vendor_dmabuf_debugfs:file r_file_perms; -dontaudit hal_dumpstate_default vendor_maxfg_debugfs:dir r_dir_perms; -dontaudit hal_dumpstate_default vendor_maxfg_debugfs:file r_file_perms; -dontaudit hal_dumpstate_default vendor_pm_genpd_debugfs:file r_file_perms; -dontaudit hal_dumpstate_default sysfs_bcl:dir r_dir_perms; -dontaudit hal_dumpstate_default sysfs_bcl:file r_file_perms; -dontaudit hal_dumpstate_default vendor_page_pinner_debugfs:dir search; -dontaudit hal_dumpstate_default vendor_page_pinner_debugfs:file r_file_perms; diff --git a/whitechapel_pro/keys.conf b/whitechapel_pro/keys.conf deleted file mode 100644 index ecb2d148..00000000 --- a/whitechapel_pro/keys.conf +++ /dev/null @@ -1,11 +0,0 @@ -[@GOOGLE] -ALL : device/google/zuma-sepolicy/whitechapel_pro/certs/app.x509.pem - -[@MDS] -ALL : device/google/zuma-sepolicy/whitechapel_pro/certs/com_google_mds.x509.pem - -[@UWB] -ALL : device/google/zuma-sepolicy/whitechapel_pro/certs/com_qorvo_uwb.x509.pem - -[@EUICCSUPPORTPIXEL] -ALL : device/google/zuma-sepolicy/whitechapel_pro/certs/EuiccSupportPixel.x509.pem diff --git a/zuma-sepolicy.mk b/zuma-sepolicy.mk index d04b626e..9643479b 100644 --- a/zuma-sepolicy.mk +++ b/zuma-sepolicy.mk @@ -1,5 +1,5 @@ # sepolicy that are shared among devices using whitechapel -BOARD_SEPOLICY_DIRS += device/google/zuma-sepolicy/whitechapel_pro +BOARD_SEPOLICY_DIRS += device/google/zuma-sepolicy/vendor # unresolved SELinux error log with bug tracking BOARD_SEPOLICY_DIRS += device/google/zuma-sepolicy/tracking_denials @@ -18,3 +18,10 @@ BOARD_SEPOLICY_DIRS += hardware/google/pixel-sepolicy/powerstats # Health HAL BOARD_SEPOLICY_DIRS += device/google/zuma-sepolicy/health + +# To be reviewed and removed. +BOARD_SEPOLICY_DIRS += device/google/zuma-sepolicy/legacy/whitechapel_pro +PRODUCT_PRIVATE_SEPOLICY_DIRS += device/google/zuma-sepolicy/legacy/private +SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS += device/google/zuma-sepolicy/legacy/system_ext/public +SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS += device/google/zuma-sepolicy/legacy/system_ext/private +