Docs: Fix broken links to NSA site Bug: 30195435

am: 6fba509e55

Change-Id: I17d26941a92b221f598198abd124c4b39c648c1a

1 files changed, 55 insertions, 30 deletions

diff --git a/src/security/selinux/index.jd b/src/security/selinux/index.jd
index 8745f8ef..f331a358 100644
--- a/src/security/selinux/index.jd
+++ b/src/security/selinux/index.jd
@@ -33,20 +33,27 @@ application at time of installation. Starting with Android 4.3,
 Security-Enhanced Linux (SELinux) is used to further define the boundaries of
 the Android application sandbox.</p>
 
-<p>As part of the Android <a href="{@docRoot}devices/tech/security/index.html">security model</a>, Android uses SELinux to enforce mandatory access control (MAC) over all
-processes, even processes running with root/superuser privileges (a.k.a. Linux
-capabilities). SELinux enhances Android security by confining privileged
-processes and automating security policy creation.</p>
-
-<p>Contributions to it have been made by a number of companies and organizations;
-all Android code and contributors are publicly available for review on <a href="https://android.googlesource.com/">android.googlesource.com</a>. With SELinux, Android can better protect and confine system services, control
+<p>As part of the Android <a href="{@docRoot}security/index.html">
+security model</a>, Android uses SELinux to enforce mandatory access control
+(MAC) over all processes, even processes running with root/superuser privileges
+(a.k.a. Linux capabilities). SELinux enhances Android security by confining
+privileged processes and automating security policy creation.</p>
+
+<p>Contributions to it have been made by a number
+of companies and organizations; all Android code
+and contributors are publicly available for review on <a
+href="https://android.googlesource.com/">android.googlesource.com</a>. With
+SELinux, Android can better protect and confine system services, control
 access to application data and system logs, reduce the effects of malicious
 software, and protect users from potential flaws in code on mobile devices.</p>
 
-<p>Android includes SELinux in enforcing mode and a corresponding security policy
-that works by default across the <a href="https://android.googlesource.com/">Android Open Source Project</a>. In enforcing mode, illegitimate actions are prevented and all attempted
-violations are logged by the kernel to <code>dmesg</code> and <code>logcat</code>. Android device manufacturers should gather information about errors so they
-may refine their software and SELinux policies before enforcing them.</p>
+<p>Android includes SELinux in enforcing mode and a
+corresponding security policy that works by default across the <a
+href="https://android.googlesource.com/">Android Open Source Project</a>. In
+enforcing mode, illegitimate actions are prevented and all attempted violations
+are logged by the kernel to <code>dmesg</code> and <code>logcat</code>. Android
+device manufacturers should gather information about errors so they may
+refine their software and SELinux policies before enforcing them.</p>
 
 <h2 id=background>Background</h2>
 
@@ -63,38 +70,56 @@ incremental application of SELinux to an ever-increasing portion of the system.
 Per-domain permissive mode also enables policy development for new services
 while keeping the rest of the system enforcing.</p>
 
-<p>In the Android 5.0 (L) release, Android moves to full enforcement of SELinux. This builds
-upon the permissive release of 4.3 and the partial enforcement of 4.4. In
-short, Android is shifting from enforcement on a limited set of crucial domains
-(<code>installd</code>, <code>netd</code>, <code>vold</code> and <code>zygote</code>) to everything (more than 60 domains). This means manufacturers will have to
-better understand and scale their SELinux implementations to provide compatible
-devices. Understand that:</p>
+<p>In the Android 5.0 (L) release, Android moves to full enforcement of
+SELinux. This builds upon the permissive release of 4.3 and the partial
+enforcement of 4.4. In short, Android is shifting from enforcement on a
+limited set of crucial domains (<code>installd</code>, <code>netd</code>,
+<code>vold</code> and <code>zygote</code>) to everything (more than 60
+domains). This means manufacturers will have to better understand and scale
+their SELinux implementations to provide compatible devices. Understand
+that:</p>
+
 
 <ul>
-  <li> Everything is in enforcing mode in the 5.0 release
-  <li> No processes other than <code>init</code> should run in the <code>init</code> domain
-  <li> Any generic denial (for a block_device, socket_device, default_service, etc.)
-indicates that device needs a special domain
+<li>Everything is in enforcing mode in the 5.0 release</li>
+<li> No processes other than <code>init</code> should run in the
+<code>init</code> domain</li>
+<li> Any generic denial (for a block_device, socket_device, default_service,
+etc.) indicates that device needs a special domain</li>
 </ul>
 
 <h2 id=supporting_documentation>Supporting documentation</h2>
 
 <p>See the documentation below for details on constructing useful policies:</p>
 
-<p><a href="http://seandroid.bitbucket.org/PapersandPresentations.html">http://seandroid.bitbucket.org/PapersandPresentations.html</a></p>
+<p><a href="http://seandroid.bitbucket.org/PapersandPresentations.html">
+http://seandroid.bitbucket.org/PapersandPresentations.html</a></p>
 
-<p><a href="https://www.codeproject.com/Articles/806904/Android-Security-Customization-with-SEAndroid">https://www.codeproject.com/Articles/806904/Android-Security-Customization-with-SEAndroid</a></p>
+<p><a href="https://www.codeproject.com/Articles/806904/Android-Security-Customization-with-SEAndroid">
+https://www.codeproject.com/Articles/806904/
+Android-Security-Customization-with-SEAndroid</a></p>
 
-<p><a href="https://events.linuxfoundation.org/sites/events/files/slides/abs2014_seforandroid_smalley.pdf">https://events.linuxfoundation.org/sites/events/files/slides/abs2014_seforandroid_smalley.pdf</a></p>
+<p><a href="https://events.linuxfoundation.org/sites/events/files/slides/abs2014_seforandroid_smalley.pdf">
+https://events.linuxfoundation.org/sites/events/files/slides/
+abs2014_seforandroid_smalley.pdf</a></p>
 
-<p><a href="https://www.internetsociety.org/sites/default/files/02_4.pdf">https://www.internetsociety.org/sites/default/files/02_4.pdf</a></p>
+<p><a href="https://www.internetsociety.org/sites/default/files/02_4.pdf">
+https://www.internetsociety.org/sites/default/files/02_4.pdf</a></p>
 
-<p><a href="http://freecomputerbooks.com/books/The_SELinux_Notebook-4th_Edition.pdf">http://freecomputerbooks.com/books/The_SELinux_Notebook-4th_Edition.pdf</a></p>
+<p><a href="http://freecomputerbooks.com/books/The_SELinux_Notebook-4th_Edition.pdf">
+http://freecomputerbooks.com/books/The_SELinux_Notebook-4th_Edition.pdf</a></p>
 
-<p><a href="http://selinuxproject.org/page/ObjectClassesPerms">http://selinuxproject.org/page/ObjectClassesPerms</a></p>
+<p><a href="http://selinuxproject.org/page/ObjectClassesPerms">
+http://selinuxproject.org/page/ObjectClassesPerms</a></p>
 
-<p><a href="https://www.nsa.gov/research/_files/publications/implementing_selinux.pdf">https://www.nsa.gov/research/_files/publications/implementing_selinux.pdf</a></p>
+<p><a href="https://www.nsa.gov/resources/everyone/digital-media-center/publications/research-papers/assets/files/implementing-selinux-as-linux-security-module-report.pdf">
+https://www.nsa.gov/resources/everyone/digital-media-center/publications/
+research-papers/assets/files/
+implementing-selinux-as-linux-security-module-report.pdf</a></p>
 
-<p><a href="https://www.nsa.gov/research/_files/publications/selinux_configuring_policy.pdf">https://www.nsa.gov/research/_files/publications/selinux_configuring_policy.pdf</a></p>
+<p><a href="https://www.nsa.gov/resources/everyone/digital-media-center/publications/research-papers/assets/files/configuring-selinux-policy-report.pdf">
+https://www.nsa.gov/resources/everyone/digital-media-center/publications/
+research-papers/assets/files/configuring-selinux-policy-report.pdf</a></p>
 
-<p><a href="https://www.gnu.org/software/m4/manual/index.html">https://www.gnu.org/software/m4/manual/index.html</a></p>
+<p><a href="https://www.gnu.org/software/m4/manual/index.html">
+https://www.gnu.org/software/m4/manual/index.html</a></p>