1*2d543d20SAndroid Build Coastguard WorkerThis fork of Android differs in the following ways: 2*2d543d20SAndroid Build Coastguard Worker - README.android 3*2d543d20SAndroid Build Coastguard Worker - All Android.mk and Android.bp files 4*2d543d20SAndroid Build Coastguard Worker - ALL MODULE_LICENSE_* files 5*2d543d20SAndroid Build Coastguard Worker - libselinux/include/selinux/android.h 6*2d543d20SAndroid Build Coastguard Worker - libselinux/src/android/android.c 7*2d543d20SAndroid Build Coastguard Worker 8*2d543d20SAndroid Build Coastguard WorkerAll other changes should be upstreamed to selinux as 9*2d543d20SAndroid Build Coastguard WorkerAndroid no longer carries changes outside of those files. 10*2d543d20SAndroid Build Coastguard Worker 11*2d543d20SAndroid Build Coastguard WorkerThe upstream project can be found at: 12*2d543d20SAndroid Build Coastguard Workerhttps://github.com/SELinuxProject/selinux 13*2d543d20SAndroid Build Coastguard Worker 14*2d543d20SAndroid Build Coastguard WorkerThus, since all changes are in separate files, updates merged from 15*2d543d20SAndroid Build Coastguard Workerupstream should occur with no merge conflicts. 16*2d543d20SAndroid Build Coastguard Worker 17*2d543d20SAndroid Build Coastguard WorkerThis fork differs from upstream libselinux in at least the following ways: 18*2d543d20SAndroid Build Coastguard Worker 19*2d543d20SAndroid Build Coastguard Worker* The Android fork omits compiling many of the src files and specifies 20*2d543d20SAndroid Build Coastguard Worker custom build configurations. The exact details, are encoded in the 21*2d543d20SAndroid Build Coastguard Worker Android.bp and Android.mk files. 22*2d543d20SAndroid Build Coastguard Worker 23*2d543d20SAndroid Build Coastguard Worker* The SELinux policy files are all located in / rather than under 24*2d543d20SAndroid Build Coastguard Worker /etc/selinux since /etc is not available in Android until /system 25*2d543d20SAndroid Build Coastguard Worker is mounted and use fixed paths, not dependent on /etc/selinux/config. 26*2d543d20SAndroid Build Coastguard Worker 27*2d543d20SAndroid Build Coastguard Worker* The kernel policy file (sepolicy in Android, policy.N in Linux) does 28*2d543d20SAndroid Build Coastguard Worker not include a version suffix since Android does not need to support 29*2d543d20SAndroid Build Coastguard Worker booting multiple kernels. 30*2d543d20SAndroid Build Coastguard Worker 31*2d543d20SAndroid Build Coastguard Worker* The policy loading logic does not support automatic downgrading of 32*2d543d20SAndroid Build Coastguard Worker the kernel policy file to a version known to the kernel, since this 33*2d543d20SAndroid Build Coastguard Worker requires libsepol on the device and is only needed to support mixing 34*2d543d20SAndroid Build Coastguard Worker and matching kernels and userspace easily. 35*2d543d20SAndroid Build Coastguard Worker 36*2d543d20SAndroid Build Coastguard Worker* restorecon functionality, including recursive restorecon, has been 37*2d543d20SAndroid Build Coastguard Worker been upstreamed as selinux_restorecon(), but there are residual 38*2d543d20SAndroid Build Coastguard Worker differences between it and selinux_android_restorecon(). 39*2d543d20SAndroid Build Coastguard Worker 40*2d543d20SAndroid Build Coastguard Worker* Support for seapp_contexts, a new Android-specific SELinux 41*2d543d20SAndroid Build Coastguard Worker configuration file has been added within android.c. 42