a26eb5586a6c876699f510df408ddb7a1e4c7787 - platform_device_qcom_sepolicy

commit	a26eb5586a6c876699f510df408ddb7a1e4c7787	[log] [tgz]
author	Ravi Kumar Siddojigari <rsiddoji@codeaurora.org>	Mon Apr 22 15:28:20 2019 +0530
committer	Jaihind Yadav <jaihindyadav@codeaurora.org>	Thu May 02 16:46:14 2019 +0530
tree	34388f07e91510a01ecfecc96148223e559e795b
parent	3233102de894b96708cc09b787d4b51e5768326a [diff]

sepolicy: remove violators  which are not to be used

As part of security hardening  following  violators are
been removed
1. untrusted_app_visible_hwservice_violators
2. data_between_core_and_vendor_violators

Security testing check for violators sharing data between core and
vendor so removed the violator exception  in vendor_init.

hwservice are not to be exposed to untrusted app so remove hal_perf
for this list untrusted_app_visible_hwservice_violators list

Test:
testNoExemptionsForDataBetweenCoreAndVendor
testNoUntrustedAppVisiblehwservice

Change-Id: I76f26848a0f148b1b332f68fd05f7632f9399af6

generic/vendor/common/hwservice.te[diff]
generic/vendor/common/vendor_init.te[diff]

2 files changed

tree: 34388f07e91510a01ecfecc96148223e559e795b

generic/
legacy/
qva/
Android.mk