Clarify SELinux CDD requirements.
First paragraph: change "can use" to "use" and drop the "if" to
avoid confusion about whether SELinux is mandatory.
Third paragraph: reword for greater clarity.
List of device implementation requirements:
- Add a requirement about global enforcing mode (already tested by CTS
but not stated explicitly here),
- Drop the language about supporting per-domain permissive, as
per-domain permissive is supported by all modern kernels and since
we now require all domains to ship enforcing, we don't even strictly
need it. Just retain the requirement that all domains be enforcing.
- Drop the SHOULD requirement on loading policy from the /sepolicy file as
nothing depends on this per se.
- Clarify that the neverallow rules live in the external/sepolicy folder,
not in the final sepolicy file.
- Drop the MUST requirement on dynamic updates of policy; if they
want to support it, then they are still free to do so but it is unclear
why it is mandatory.
Last para: Clarify that device implementations should only add to
the upstream AOSP policy.
Change-Id: I5255536ba096821fcb14e53f8bfc06a75919cb45
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
1 file changed