| This fork of Android differs in the following ways: |
| - README.android |
| - All Android.mk and Android.bp files |
| - ALL MODULE_LICENSE_* files |
| - libselinux/include/selinux/android.h |
| - libselinux/src/android/android.c |
| |
| All other changes should be upstreamed to selinux as |
| Android no longer carries changes outside of those files. |
| |
| The upstream project can be found at: |
| https://github.com/SELinuxProject/selinux |
| |
| Thus, since all changes are in separate files, updates merged from |
| upstream should occur with no merge conflicts. |
| |
| This fork differs from upstream libselinux in at least the following ways: |
| |
| * The Android fork omits compiling many of the src files and specifies |
| custom build configurations. The exact details, are encoded in the |
| Android.bp and Android.mk files. |
| |
| * The SELinux policy files are all located in / rather than under |
| /etc/selinux since /etc is not available in Android until /system |
| is mounted and use fixed paths, not dependent on /etc/selinux/config. |
| |
| * The kernel policy file (sepolicy in Android, policy.N in Linux) does |
| not include a version suffix since Android does not need to support |
| booting multiple kernels. |
| |
| * The policy loading logic does not support automatic downgrading of |
| the kernel policy file to a version known to the kernel, since this |
| requires libsepol on the device and is only needed to support mixing |
| and matching kernels and userspace easily. |
| |
| * restorecon functionality, including recursive restorecon, has been |
| been upstreamed as selinux_restorecon(), but there are residual |
| differences between it and selinux_android_restorecon(). |
| |
| * Support for seapp_contexts, a new Android-specific SELinux |
| configuration file has been added within android.c. |