Security Statement for the Compatibility Between the SELinux Module and Hosts

The Android virtualization solution provided by the Kunpeng BoostKit for ARM Native is constructed based on a container. Due to the Docker characteristics, applications running in a container are actually executed on the host OS. In this solution, the Android OS uses the host Linux kernel instead of its native kernel. As a result, the SELinux function of the Android OS is unavailable. The deliverables of the Kunpeng BoostKit for ARM Native do not contain the solution to this problem. If you want to enable SELinux in your commercial system, you need to find a solution by yourself.

We provide a method for quickly disabling SELinux. The Host Linux, native Android OS, and Docker are not within the delivery scope of the Kunpeng BoostKit for ARM Native. The provided modification method is for reference only and is not a commercial deliverable. Therefore, no commercial commitment is made.

Disabling SELinux may cause security issues. If you do not plan to enable SELinux, it is recommended that an end-to-end solution be used to eliminate the risks caused by the lack of SELinux. The Kunpeng BoostKit for ARM Native applies only to users who do not require SELinux. If you use the Kunpeng BoostKit for ARM Native, you need to bear the security risks.