tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
42234 commits 1 branch 0 tags 50 MiB
Commit graph

9426 commits

Author SHA1 Message Date
Treehugger Robot
0ae1926576 Merge "Add system property for leaudio_allow_list" am: ae07b5380b am: 79b8e705aa am: 55d69325e9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2375411

Change-Id: I0072eadd143a989436277d43fca5d48411c5615e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 14:04:25 +00:00
Pedro Loureiro
efd12cc5bf Merge "Add SEPolicy for device config service" am: 43b0b8a65c am: 14060332c7 am: fe0ce26f53 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2430374

Change-Id: Ic9b09bf6e69fcec9e8f35de48be914f332bd45b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 14:03:59 +00:00
Treehugger Robot
79b8e705aa Merge "Add system property for leaudio_allow_list" am: ae07b5380b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2375411

Change-Id: I4323da4ee1e703e48f78cef880c154e94c8f49f3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 12:17:11 +00:00
Pedro Loureiro
14060332c7 Merge "Add SEPolicy for device config service" am: 43b0b8a65c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2430374

Change-Id: I16624fc06f8cd15de32734e31a47acc504a5dea1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 12:16:51 +00:00
Treehugger Robot
ae07b5380b Merge "Add system property for leaudio_allow_list" 2023-02-14 11:21:55 +00:00
Pedro Loureiro
43b0b8a65c Merge "Add SEPolicy for device config service" 2023-02-14 11:18:41 +00:00
Akilesh Kailash
959a886b33 Merge "Set sepolicy for ublk control device and block device" am: a3c0ca4e67 am: 12e344b7de am: 782a9dd2d1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2433673

Change-Id: I6bb7907b4904e5bcd9ce45a789efaae001509f52
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 06:28:18 +00:00
Akilesh Kailash
12e344b7de Merge "Set sepolicy for ublk control device and block device" am: a3c0ca4e67 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2433673

Change-Id: Ia1104a335a2932a48bc2f9eecb547c65e13fe334
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 04:41:42 +00:00
Akilesh Kailash
a3c0ca4e67 Merge "Set sepolicy for ublk control device and block device" 2023-02-14 03:59:06 +00:00
Jeffrey Huang
5c1b962965 Merge "Restrict system server from reading statsd data" am: 01fd5eb907 am: e53a5b25b6 am: 6788ed4f1c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2410783

Change-Id: Ie7c7bc680c96aab593f115303a9c1b85664877ed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 00:51:35 +00:00
Akilesh Kailash
63a21044f2 Set sepolicy for ublk control device and block device 
ublk-control device: /dev/ublk-control
ublk-block device: /dev/block/ublkbN where N is 0,1,2..

Bug: 269144965
Test: Verify sepolicy changes through kernel logs when user-space daemon
communicates with ublk driver

Change-Id: I10de557566e3c0628ea72fbbda4cff21e7cda68f
Signed-off-by: Akilesh Kailash <akailash@google.com>
 2023-02-13 16:30:40 -08:00
Jeffrey Huang
e53a5b25b6 Merge "Restrict system server from reading statsd data" am: 01fd5eb907 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2410783

Change-Id: I18a4d57758865141a9e0b6f479ff5aabf8db0ece
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-13 23:07:21 +00:00
Jeffrey Huang
01fd5eb907 Merge "Restrict system server from reading statsd data" 2023-02-13 22:37:09 +00:00
Pedro Loureiro
58847ab171 Add SEPolicy for device config service 
A new mainline module that will have the device config logic requires a new service (device_config_updatable).

Bug: 252703257

Test: manual because logic that launches service is behind flag

Change-Id: I4ffba0c7d2afc44af8438b7d84d836e42388bd7d
 2023-02-13 09:37:12 +00:00
Jeff Sharkey
36e24fc6f7 Merge "Add dropbox entries as files to dumpstate ZIP." am: 3926d95720 am: 89f51e46f2 am: 3662756348 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422870

Change-Id: I80adc4ebf7f1a49b475cc64f62160fc48cdc9d7e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-10 23:11:06 +00:00
Jeff Sharkey
89f51e46f2 Merge "Add dropbox entries as files to dumpstate ZIP." am: 3926d95720 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422870

Change-Id: I4481603e241edea765e7a745ed69bf31f0735b21
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-10 21:31:36 +00:00
Jeff Sharkey
3926d95720 Merge "Add dropbox entries as files to dumpstate ZIP." 2023-02-10 20:41:51 +00:00
Krishang Garodia
cae679a22d Merge "Update SE policy for all media provider processes" am: 6e51f51b5f am: 98cc4fec56 am: 1fc7e3ba0f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2429034

Change-Id: Iac5966beac9c22d01207396da49e5fbbc9400505
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-10 15:30:47 +00:00
Jeff Sharkey
ef5e5c82d4 Add dropbox entries as files to dumpstate ZIP. 
Since each dropbox entry is already stored as a file on disk, include
them as-is into the dumpstate ZIP file.

The dumpsys output has already included truncated versions of all
dropbox entries for many years, and adding them as separate files
inside the dumpstate ZIP will speed up debugging and issue triage.

Bug: 267673062
Test: manual
Change-Id: I6e83dd01221f43bb2e2efc1a12368db30a545c71
 2023-02-10 14:02:35 +00:00
Krishang Garodia
98cc4fec56 Merge "Update SE policy for all media provider processes" am: 6e51f51b5f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2429034

Change-Id: Ia3bcaf702b2ccadce5186f869baebd8c6afad56d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-10 13:59:33 +00:00
Krishang Garodia
6e51f51b5f Merge "Update SE policy for all media provider processes" 2023-02-10 13:57:52 +00:00
Krishang Garodia
caf7984a2e Update SE policy for all media provider processes 
Bug: 230394838
Bug: 195009152
Test: manual
Change-Id: Ic8e1d45c910e1455dd28bfb748d134c066a33591
 2023-02-10 11:06:53 +00:00
Charlie Wang
b240222f41 Merge "Extension of isolated_compute_app for media services." am: bc778658ab am: 55886d20d9 am: 4cd8e4ef41 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2411335

Change-Id: Id6faecafa7b62d9e82a56d833222ecb366d1e416
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 21:03:24 +00:00
Max Bires
1ac58d12be Merge "Allow GMSCore to read RKP properties." am: db8a6b31ca am: 5516282b8b am: 76d8c830f8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2428194

Change-Id: I050a338e9805b050586bdc0d30d4ed01ec248d84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 21:00:13 +00:00
Charlie Wang
55886d20d9 Merge "Extension of isolated_compute_app for media services." am: bc778658ab 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2411335

Change-Id: I1133741d332cd7cdf075db8330baf1db61f58105
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 18:29:54 +00:00
Max Bires
5516282b8b Merge "Allow GMSCore to read RKP properties." am: db8a6b31ca 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2428194

Change-Id: I5b0aa3092d77a1e3c8917cd36d8a076b7d783f88
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 18:29:40 +00:00
Henri Chataing
38b90d44d0 Merge "Define the permissions for Nfc sysprops" am: ff275229d1 am: 1f26ebadf8 am: 80c5782174 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2424852

Change-Id: Ifcbe6d1eac4f6af02a5fd8263d4fa8a5ec0951f7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 18:23:44 +00:00
Charlie Wang
bc778658ab Merge "Extension of isolated_compute_app for media services." 2023-02-09 18:13:57 +00:00
Max Bires
db8a6b31ca Merge "Allow GMSCore to read RKP properties." 2023-02-09 17:51:57 +00:00
Henri Chataing
1f26ebadf8 Merge "Define the permissions for Nfc sysprops" am: ff275229d1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2424852

Change-Id: Ief06daa97a1ff07a8ebdc2cc1f0a77e769d2f76a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 17:01:39 +00:00
Henri Chataing
ff275229d1 Merge "Define the permissions for Nfc sysprops" 2023-02-09 16:08:40 +00:00
Jack He
54ac416034 Merge "Add sysprop for LeAudio inband ringtone support" am: 796621872b am: 259ea80e91 am: 030470c067 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422865

Change-Id: I5c4390e3b7848824914e9ffe2a839bd4452a8de9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 03:37:31 +00:00
Jack He
259ea80e91 Merge "Add sysprop for LeAudio inband ringtone support" am: 796621872b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422865

Change-Id: Ie3311c5fa54dad74f20578faba36fbd4981f1625
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 02:09:07 +00:00
Jack He
796621872b Merge "Add sysprop for LeAudio inband ringtone support" 2023-02-09 01:36:31 +00:00
Max Bires
89bbb2581b Allow GMSCore to read RKP properties. 
GMSCore requires access to read RKP properties in order for test suites
to validate the hostname is properly set.

Test: N/A
Change-Id: If537e58d4df74516435bec8955c83bb5494a80f0
 2023-02-08 17:14:47 -08:00
Charles Chen
3e9f05faa3 Extension of isolated_compute_app for media services. 
Support media use cases in isolated_compute_app such as decoding with MediaCodecs.

Bug:266943251
Test: m &&  manual - sample app with IsolatedProcess=True can use MediaCodec.

Change-Id: I864dcfb16494efada2fbd2a7d34b5d7f6b8128cb
 2023-02-08 15:48:25 -08:00
Brian Julian
3e91bef971 Merge "Backports sepolicy for AltitudeService to T." am: f388934ffe am: e346f2fe80 am: 0966a7e8a3 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2406792

Change-Id: I942be729355e8a833f3fdca7023f2eba4d09ac6a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-08 19:38:08 +00:00
Ryan Savitski
9946954214 Merge "sepolicy: rework perfetto producer/profiler rules for "user" builds" am: b9a365a35f am: de2aa42a42 am: 93735cd5f5 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2419280

Change-Id: I0f5a6113f73d3e0b89eda8ae627a60d566a19ecd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-08 19:35:14 +00:00
Brian Julian
e346f2fe80 Merge "Backports sepolicy for AltitudeService to T." am: f388934ffe 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2406792

Change-Id: I8cd9387e7b27e032e38b23a531a710a8801c6a5b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-08 18:51:22 +00:00
Brian Julian
f388934ffe Merge "Backports sepolicy for AltitudeService to T." 2023-02-08 18:28:25 +00:00
Ryan Savitski
de2aa42a42 Merge "sepolicy: rework perfetto producer/profiler rules for "user" builds" am: b9a365a35f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2419280

Change-Id: Ie9d2cdac2900cdadda71e69dff5402a50536b187
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-08 18:16:07 +00:00
Ryan Savitski
b9a365a35f Merge "sepolicy: rework perfetto producer/profiler rules for "user" builds" 2023-02-08 17:23:44 +00:00
Patty Huang
a2ef6f9584 Add system property for leaudio_allow_list 
Bug: 239768625
Test: Manual
Tag: #feature
Change-Id: I95e9672e452b3cfbec6ea57052444fcf833fdeab
 2023-02-08 13:39:02 +08:00
Łukasz Rymanowski
88193e8aa1 Add sysprop for LeAudio inband ringtone support 
Bug: 242685105
Test: manual
Change-Id: I9e884c0c2765285110cde943e5eb419139167a50
 2023-02-07 22:31:12 +00:00
Henri Chataing
60eaabc953 Define the permissions for Nfc sysprops 
Bug: 268219397
Test: m
Change-Id: Ic945e56ce947c3ddae4847f007e6870e3188c065
 2023-02-07 21:57:13 +00:00
Brian Julian
32b0a39d27 Backports sepolicy for AltitudeService to T. 
Test: VtsHalAltitudeServiceTargetTest
Bug: 265013616
Change-Id: I8eb6af8b9350e0d021ef781eb9f3776b4adf3b7f
Merged-In: I8eb6af8b9350e0d021ef781eb9f3776b4adf3b7f
 2023-02-07 19:38:17 +00:00
Jakub Rotkiewicz
b7884d224b Merge "Bluetooth: Added sepolicy for Snoop Logger filtering" am: db85fd141e am: 2d1023f256 am: f68cfdc840 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2302410

Change-Id: Icb388027cd49707fa8148a820e4416b91cb0abba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-07 14:10:43 +00:00
Jaewan Kim
379a267f44 Allow virtualizationmanager to read AVF debug policy am: 93f5788ec5 am: a6f591b123 am: 1ec293d239 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2423325

Change-Id: I4bc8181e4b0565bfdafd39f71bb4512c8b8e49f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-07 14:10:23 +00:00
Jakub Rotkiewicz
2d1023f256 Merge "Bluetooth: Added sepolicy for Snoop Logger filtering" am: db85fd141e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2302410

Change-Id: I01ef5cc083efda96bd1083949a39e4177ca45a73
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-07 12:48:24 +00:00
Jaewan Kim
a6f591b123 Allow virtualizationmanager to read AVF debug policy am: 93f5788ec5 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2423325

Change-Id: Iddb3d51769a1a2f0d39d6612698ec411b891f958
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-07 12:47:48 +00:00