Dear All,

     My slides with a review of SELinux in class can be found at
http://www.cs.dartmouth.edu/~sergey/ftc/secse07-slides-upd.pdf
(the accompanying paper is http://www.cs.dartmouth.edu/~sergey/ftc/secse07-pastures.pdf)

     You will find Android SELinux policy in 
https://android.googlesource.com/platform/external/sepolicy/+/master
(see also https://source.android.com/security/selinux/implement.html) .

I recommend that you download the tgz of the policy and explore it:
https://android.googlesource.com/platform/external/sepolicy/+archive/master.tar.gz

Go from the shortest policies to longer ones. One useful trick is
to do "wc *te | sort -n", which will get the files sorted by the number
of lines; or do "sort -nr" to reverse. Since many utilities are not
meant to drop child processes or access many files, you will find
that some policies are quite short. Look at tzdatacheck.te, for example,
then at dhcp.te

Note that per-process .te files refer to file labels rather than
file names. Nothing says a label of a file must somehow match
its name or path, but normally files are labeled in reasonable
correspondence to their names. See file_contexts for how files
are prelabeled; notice the regular expressions on pathnames used.

Finally, search for file_type_auto_trans and domain_auto_trans,
which specify the rules for creating new file and process labels.
There aren't that many of them.

Thanks,
--Sergey