1<?xml version="1.0" encoding="utf-8"?> 2<policy> 3 4<!-- 5 6 * A signature is a hex encoded X.509 certificate or a tag defined in 7 keys.conf and is required for each signer tag. The signature can 8 either appear as a set of attached cert child tags or as an attribute. 9 * A signer tag must contain a seinfo tag XOR multiple package stanzas. 10 * Each signer/package tag is allowed to contain one seinfo tag. This tag 11 represents additional info that each app can use in setting a SELinux security 12 context on the eventual process as well as the apps data directory. 13 * seinfo assignments are made according to the following rules: 14 - Stanzas with package name refinements will be checked first. 15 - Stanzas w/o package name refinements will be checked second. 16 - The "default" seinfo label is automatically applied. 17 18 * valid stanzas can take one of the following forms: 19 20 // single cert protecting seinfo 21 <signer signature="@PLATFORM" > 22 <seinfo value="platform" /> 23 </signer> 24 25 // multiple certs protecting seinfo (all contained certs must match) 26 <signer> 27 <cert signature="@PLATFORM1"/> 28 <cert signature="@PLATFORM2"/> 29 <seinfo value="platform" /> 30 </signer> 31 32 // single cert protecting explicitly named app 33 <signer signature="@PLATFORM" > 34 <package name="com.android.foo"> 35 <seinfo value="bar" /> 36 </package> 37 </signer> 38 39 // multiple certs protecting explicitly named app (all certs must match) 40 <signer> 41 <cert signature="@PLATFORM1"/> 42 <cert signature="@PLATFORM2"/> 43 <package name="com.android.foo"> 44 <seinfo value="bar" /> 45 </package> 46 </signer> 47--> 48 49 <!-- Platform dev key in AOSP --> 50 <signer signature="@PLATFORM" > 51 <seinfo value="platform" /> 52 </signer> 53 54 <!-- Media key in AOSP --> 55 <signer signature="@MEDIA" > 56 <seinfo value="media" /> 57 </signer> 58 59</policy> 60