diff options
| author | Nick Kralevich <nnk@google.com> | 2016-04-13 07:55:04 -0700 |
|---|---|---|
| committer | Nick Kralevich <nnk@google.com> | 2016-04-13 07:55:04 -0700 |
| commit | 93a5329d87b903caf06ae96b9251cd092d6407b9 (patch) | |
| tree | 0b04bd5be150ecc7cabe1fb53b0144c4dc0ec528 | |
| parent | fd4dc054567029e31589878960c2cca44d3b8ea3 (diff) | |
| download | source.android.com-93a5329d87b903caf06ae96b9251cd092d6407b9.tar.gz | |
Change directory name
external/sepolicy was renamed system/sepolicy
Change-Id: I6fb858ea2d12f23840e4fc05ed7e2437f65cb6c8
| -rw-r--r-- | src/compatibility/android-cdd.html | 4 | ||||
| -rw-r--r-- | src/security/selinux/concepts.jd | 2 | ||||
| -rw-r--r-- | src/security/selinux/validate.jd | 2 |
3 files changed, 4 insertions, 4 deletions
diff --git a/src/compatibility/android-cdd.html b/src/compatibility/android-cdd.html index 8852a4ef..63db045b 100644 --- a/src/compatibility/android-cdd.html +++ b/src/compatibility/android-cdd.html @@ -5271,13 +5271,13 @@ in the upstream Android Open Source Project.</p> <li>MUST configure all domains in enforcing mode. No permissive mode domains are allowed, including domains specific to a device/vendor.</li> <li>MUST NOT modify, omit, or replace the neverallow rules present within the - external/sepolicy folder provided in the upstream Android Open Source Project + system/sepolicy folder provided in the upstream Android Open Source Project (AOSP) and the policy MUST compile with all neverallow rules present, for both AOSP SELinux domains as well as device/vendor specific domains.</li> </ul> <p>Device implementations SHOULD retain the default SELinux policy provided in -the external/sepolicy folder of the upstream Android Open Source Project and +the system/sepolicy folder of the upstream Android Open Source Project and only further add to this policy for their own device-specific configuration. Device implementations MUST be compatible with the upstream Android Open Source Project.</p> diff --git a/src/security/selinux/concepts.jd b/src/security/selinux/concepts.jd index 19584744..0ea2ed4f 100644 --- a/src/security/selinux/concepts.jd +++ b/src/security/selinux/concepts.jd @@ -122,7 +122,7 @@ for each class are represented by permissions. </p> <p>This says that all application domains are allowed to read and write files labeled app_data_file. Note that this rule relies upon macros defined in the global_macros file, and other helpful macros can also be found in the te_macros -file, both of which can be found in the <a href="https://android.googlesource.com/platform/external/sepolicy/">external/sepolicy</a> directory in the AOSP source tree. Macros are provided for common groupings of classes, permissions and +file, both of which can be found in the <a href="https://android.googlesource.com/platform/system/sepolicy/">system/sepolicy</a> directory in the AOSP source tree. Macros are provided for common groupings of classes, permissions and rules, and should be used whenever possible to help reduce the likelihood of failures due to denials on related permissions.</p> diff --git a/src/security/selinux/validate.jd b/src/security/selinux/validate.jd index 34199f52..339628d7 100644 --- a/src/security/selinux/validate.jd +++ b/src/security/selinux/validate.jd @@ -34,7 +34,7 @@ issuing the command:getenforce</p> <p>This will print the global SELinux mode: either Disabled, Enforcing, or Permissive. Please note, this command shows only the global SELinux mode. To determine the SELinux mode for each domain, you must examine the corresponding -files or run the latest version of <code>sepolicy-analyze</code> with the appropriate (-p) flag, present in /platform/external/sepolicy/tools/.</p> +files or run the latest version of <code>sepolicy-analyze</code> with the appropriate (-p) flag, present in /platform/system/sepolicy/tools/.</p> <h2 id=reading_denials>Reading denials</h2> |