Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f56c5b14 authored by Tri Vo's avatar Tri Vo
Browse files

Add /product sepolicy support to SELinuxMMAC.java 

Bug: 119305624
Test: normal/recovery boot aosp_taimen
Test: this log entry is in logcat
SELinuxMMAC: Using policy file /product/etc/selinux/product_mac_permissions.xml
Test: wfcactivation app works without denials. Its mac permissions are
now in /product.
Change-Id: I977ad0d763e46dbcb5bff36fc6361b4e70098c13
parent abe06f91

services/core/java/com/android/server/pm/SELinuxMMAC.java

+8 −1
Original line number Diff line number Diff line
@@ -17,8 +17,8 @@ 
package com.android.server.pm;



import android.content.pm.PackageParser;

import android.content.pm.Signature;

import android.content.pm.PackageParser.SigningDetails;

import android.content.pm.Signature;

import android.os.Environment;

import android.util.Slog;

import android.util.Xml;
@@ -81,6 +81,13 @@ public final class SELinuxMMAC { 
        sMacPermissions.add(new File(

            Environment.getRootDirectory(), "/etc/selinux/plat_mac_permissions.xml"));



        // Product mac permissions (optional).

        final File productMacPermission = new File(

                Environment.getProductDirectory(), "/etc/selinux/product_mac_permissions.xml");

        if (productMacPermission.exists()) {

            sMacPermissions.add(productMacPermission);

        }



        // Vendor mac permissions.

        // The filename has been renamed from nonplat_mac_permissions to

        // vendor_mac_permissions. Either of them should exist.