Get rid of separate platform_app_data_file type.

The original concept was to allow separation between /data/data/<pkgdir>
files of "platform" apps (signed by one of the four build keys) and
untrusted apps.  But we had to allow read/write to support passing of
open files via Binder or local socket for compatibilty, and it seems
that direct open by pathname is in fact used in Android as well,
only passing the pathname via Binder or local socket.  So there is no
real benefit to keeping it as a separate type.

Retain a type alias for platform_app_data_file to app_data_file until
restorecon /data/data support is in place to provide compatibility.

Change-Id: Ic15066f48765322ad40500b2ba2801bb3ced5489
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

1 files changed, 4 insertions, 4 deletions

diff --git a/seapp_contexts b/seapp_contexts
index 0a78095..05f0486 100644
--- a/seapp_contexts
+++ b/seapp_contexts
@@ -40,10 +40,10 @@ user=bluetooth domain=bluetooth type=bluetooth_data_file
 user=nfc domain=nfc type=nfc_data_file
 user=radio domain=radio type=radio_data_file
 user=_app domain=untrusted_app type=app_data_file
-user=_app seinfo=platform domain=platform_app type=platform_app_data_file
-user=_app seinfo=shared domain=shared_app type=platform_app_data_file
-user=_app seinfo=media domain=media_app type=platform_app_data_file
+user=_app seinfo=platform domain=platform_app type=app_data_file
+user=_app seinfo=shared domain=shared_app type=app_data_file
+user=_app seinfo=media domain=media_app type=app_data_file
 user=_app seinfo=media name=com.android.providers.downloads path=cache* type=download_file
-user=_app seinfo=release domain=release_app type=platform_app_data_file
+user=_app seinfo=release domain=release_app type=app_data_file
 user=_isolated domain=isolated_app
 user=shell domain=shell type=shell_data_file