diff options
author | Stephen Smalley <sds@tycho.nsa.gov> | 2014-03-12 09:40:43 -0400 |
---|---|---|
committer | Stephen Smalley <sds@tycho.nsa.gov> | 2014-03-12 13:21:19 -0400 |
commit | cc7b72e9555953d5642bf5fdf950be2f8aa77e89 (patch) | |
tree | 15f45001b1256f41a7e97388a6c97abecbc0b015 | |
parent | f8479e025f5873e8444f92ee36b01a373c72bd89 (diff) | |
download | android_external_sepolicy-cc7b72e9555953d5642bf5fdf950be2f8aa77e89.tar.gz android_external_sepolicy-cc7b72e9555953d5642bf5fdf950be2f8aa77e89.tar.bz2 android_external_sepolicy-cc7b72e9555953d5642bf5fdf950be2f8aa77e89.zip |
Add inline documentation for mac_permissions.xml.
Copied from our tree, adjusted to note relationship to keys.conf
and to be consistent with the AOSP implementation.
Change-Id: I09ba86d4c9a1b11a8865890e11283456ea2ffbcf
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
-rw-r--r-- | mac_permissions.xml | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/mac_permissions.xml b/mac_permissions.xml index a136833..f9f631b 100644 --- a/mac_permissions.xml +++ b/mac_permissions.xml @@ -1,6 +1,26 @@ <?xml version="1.0" encoding="utf-8"?> <policy> +<!-- + + * A signature is a hex encoded X.509 certificate or a tag defined in + keys.conf and is required for each signer tag. + * A signer tag may contain a seinfo tag and multiple package stanzas. + * A default tag is allowed that can contain policy for all apps not signed with a + previously listed cert. It may not contain any inner package stanzas. + * Each signer/default/package tag is allowed to contain one seinfo tag. This tag + represents additional info that each app can use in setting a SELinux security + context on the eventual process. + * When a package is installed the following logic is used to determine what seinfo + value, if any, is assigned. + - All signatures used to sign the app are checked first. + - If a signer stanza has inner package stanzas, those stanza will be checked + to try and match the package name of the app. If the package name matches + then that seinfo tag is used. If no inner package matches then the outer + seinfo tag is assigned. + - The default tag is consulted last if needed. +--> + <!-- Platform dev key in AOSP --> <signer signature="@PLATFORM" > <seinfo value="platform" /> |