tequilaOS/platform_system_sepolicy

Author	SHA1	Message	Date
Jack Yu	181b6376d0	Merge "Add sepolicy for nfc hal v1.2" am: `fd2d7b3f5c` am: `c4b5e0a3a8` Change-Id: Id4c20b3c5fd3538359ce9d2756e19ae993b0c855	2019-04-22 23:56:05 -07:00
Jack Yu	c4b5e0a3a8	Merge "Add sepolicy for nfc hal v1.2" am: `fd2d7b3f5c` Change-Id: I8f0ee4c639ae570272acee893c08f9a5b6c80a28	2019-04-22 23:52:06 -07:00
Treehugger Robot	fd2d7b3f5c	Merge "Add sepolicy for nfc hal v1.2"	2019-04-23 06:34:31 +00:00
Bowgo Tsai	eb38ddbff2	Merge "Adding userdebug_plat_sepolicy.cil" am: `258ed21fde` am: `b50f6a6a93` Change-Id: Ib5823dc46e40966c124e547d275ec955279c211b	2019-04-22 19:28:47 -07:00
Bowgo Tsai	b50f6a6a93	Merge "Adding userdebug_plat_sepolicy.cil" am: `258ed21fde` Change-Id: I24d7fc436dad6aa926bab084967bf820c73bd3cc	2019-04-22 19:18:48 -07:00
Treehugger Robot	258ed21fde	Merge "Adding userdebug_plat_sepolicy.cil"	2019-04-23 02:01:36 +00:00
Tri Vo	1079e6c4a5	Merge "Treble-ize sepolicy for fwk HIDL services." am: `6cf01b3ef2` am: `48c8f21b37` Change-Id: Iee8b7b999a4ca887361e2923136ac9cc9e8a06ca	2019-04-22 17:28:57 -07:00
Tri Vo	48c8f21b37	Merge "Treble-ize sepolicy for fwk HIDL services." am: `6cf01b3ef2` Change-Id: I2019f25251efd876bccda847bd694adaaf263b4b	2019-04-22 17:12:46 -07:00
Tri Vo	6cf01b3ef2	Merge "Treble-ize sepolicy for fwk HIDL services."	2019-04-23 00:05:06 +00:00
Bowgo Tsai	4d3d1b7ad4	[automerger skipped] Merge "Adding /debug_ramdisk mount point" into qt-dev am: `f33351bc98` -s ours am skip reason: change_id Iad3b84d9bdf5d8e789219126c88701bf969253ef with SHA1 `2e86fa0e81` is in history Change-Id: I456571eafb78d19cca9e4d6e7c91b719461ab0c7	2019-04-22 13:58:58 -07:00
Chong Zhang	ac0ef9e311	Merge "add mediaswcodec to watchdog and dumpstate" into qt-dev am: `2c25a31b7a` Change-Id: Icf1dff4cc44481f91799ca6a053390f2eab1e3f6	2019-04-22 13:47:44 -07:00
TreeHugger Robot	f33351bc98	Merge "Adding /debug_ramdisk mount point" into qt-dev	2019-04-22 19:53:20 +00:00
Tri Vo	1d34b8cc31	Treble-ize sepolicy for fwk HIDL services. Bug: 130734497 Test: m selinux_policy; system_server and statds still have permission to export HIDL services. Change-Id: I6e87b236bdbdd939fca51fb7255e97635118ed2d	2019-04-22 12:47:53 -07:00
TreeHugger Robot	2c25a31b7a	Merge "add mediaswcodec to watchdog and dumpstate" into qt-dev	2019-04-22 19:24:44 +00:00
Jack Yu	a5dde796b5	Add sepolicy for nfc hal v1.2 Bug: 130509605 Test: No avc denial log and NFC works with hal v1.2 Change-Id: If54884f76a32705d11f2085f66fe83b9e0354f79	2019-04-22 12:08:20 +00:00
Bowgo Tsai	e763667ee1	Adding userdebug_plat_sepolicy.cil The userdebug sepolicy will be installed into debug ramdisk. When the ramdisk is used, the device must be unlocked and init will load this userdebug version of platform sepolicy to allow adb root. Bug: 126493225 Test: 'make' and checks that the userdebug sepolicy is in debug ramdisk Change-Id: I9df514054a86d63449b3ebfd1afdee2aee649418	2019-04-20 06:06:27 +00:00
Chong Zhang	45f5738b91	Merge "add mediaswcodec to watchdog and dumpstate" am: `40a71c6f7b` am: `851681366e` Change-Id: I6236774d935a59648ecb0c039df8c15e6991e9ed	2019-04-19 18:14:17 -07:00
Chong Zhang	851681366e	Merge "add mediaswcodec to watchdog and dumpstate" am: `40a71c6f7b` Change-Id: Ib33186810ec1d23f3c100fa1e1ef4eb41d482ae0	2019-04-19 17:46:07 -07:00
Bowgo Tsai	3d2d1de35d	Merge "Adding /debug_ramdisk mount point" am: `63f8d4feb7` am: `f5d5e2a848` Change-Id: I797d7158dc509cf303bae13f1676b3053e26cd8e	2019-04-19 17:45:32 -07:00
Treehugger Robot	40a71c6f7b	Merge "add mediaswcodec to watchdog and dumpstate"	2019-04-20 00:14:07 +00:00
Bowgo Tsai	f5d5e2a848	Merge "Adding /debug_ramdisk mount point" am: `63f8d4feb7` Change-Id: I68350b984a07963e61efbb84efb0983f3961152b	2019-04-19 17:13:41 -07:00
Bowgo Tsai	1c48f44992	Adding /debug_ramdisk mount point This change allows first-stage init to mount a tmpfs under /debug_ramdisk to preserve files from the debug ramdisk, for second-stage init to load sepolicy and property files. This is to allow adb root on a USER build if the device is unlocked. Bug: 126493225 Test: boot a device with debug ramdisk, checks related files are loaded Change-Id: Iad3b84d9bdf5d8e789219126c88701bf969253ef Merged-In: Iad3b84d9bdf5d8e789219126c88701bf969253ef (cherry picked from commit `2e86fa0e81`)	2019-04-20 08:00:18 +08:00
Treehugger Robot	63f8d4feb7	Merge "Adding /debug_ramdisk mount point"	2019-04-19 23:54:53 +00:00
Changyeon Jo	e627f09ef9	Merge "Allow adb start/stop mdnsd via ctl.start/stop" am: `2fbb6f0637` am: `18935eb5e8` Change-Id: I6c58282852d1cb4ca0d4ea60a7381615b3e038d9	2019-04-19 14:14:20 -07:00
Changyeon Jo	18935eb5e8	Merge "Allow adb start/stop mdnsd via ctl.start/stop" am: `2fbb6f0637` Change-Id: I07cede8a3482f9b086bf66433b7d84b0ea04df91	2019-04-19 13:30:26 -07:00
Treehugger Robot	2fbb6f0637	Merge "Allow adb start/stop mdnsd via ctl.start/stop"	2019-04-19 19:17:14 +00:00
Chong Zhang	785521e211	add mediaswcodec to watchdog and dumpstate bug: 130887807 test: adb bugreport and check mediaswcodec stack is there Change-Id: I4a37e4e06c4905f435e96d8b1497e3617e688478 (cherry-picked from https://android-review.googlesource.com/c/platform/system/sepolicy/+/947830)	2019-04-19 12:16:40 -07:00
Chong Zhang	ad3621a7b7	add mediaswcodec to watchdog and dumpstate bug: 130887807 test: adb bugreport and check mediaswcodec stack is there Change-Id: I4a37e4e06c4905f435e96d8b1497e3617e688478	2019-04-19 12:13:33 -07:00
Sudheer Shanka	bd9411d012	Remove obsolete denials tracking. am: `5bce022dce` Change-Id: If1bd6e8a94eddd341eb864a2b43071a4abbb529e	2019-04-19 09:17:34 -07:00
Sudheer Shanka	5bce022dce	Remove obsolete denials tracking. Bug: 118185801 Test: manual Change-Id: Ibc4590d6e7b825124035e8f51574afbe5ae4b750	2019-04-18 17:22:19 -07:00
Bowgo Tsai	2e86fa0e81	Adding /debug_ramdisk mount point This change allows first-stage init to mount a tmpfs under /debug_ramdisk to preserve files from the debug ramdisk, for second-stage init to load sepolicy and property files. This is to allow adb root on a USER build if the device is unlocked. Bug: 126493225 Test: boot a device with debug ramdisk, checks related files are loaded Change-Id: Iad3b84d9bdf5d8e789219126c88701bf969253ef	2019-04-18 23:59:54 +08:00
Chong Zhang	d89b7fd325	Merge "Allow system_server to schedule mediaswcodec" into qt-dev am: `625ed86bc9` Change-Id: I7344ba1e4186f4b0745f9101d88dee7ef207ecac	2019-04-17 20:46:41 -07:00
TreeHugger Robot	625ed86bc9	Merge "Allow system_server to schedule mediaswcodec" into qt-dev	2019-04-18 03:24:14 +00:00
Chong Zhang	e024c222f5	Merge "Allow system_server to schedule mediaswcodec" am: `6e4d217991` am: `24a7570815` Change-Id: Ia103b93ae69656c76eb7da7b309c842641ed7ed6	2019-04-17 14:47:25 -07:00
Ryan Mitchell	c354f10e51	Merge "Allow zygote to scan static overlays on /oem" am: `1054b44b81` am: `5338085676` Change-Id: Ief3ee638819d69d6badf759d005433f73689abc6	2019-04-17 14:44:48 -07:00
Chong Zhang	24a7570815	Merge "Allow system_server to schedule mediaswcodec" am: `6e4d217991` Change-Id: I60d3e3d5de219834611e4b3065faa339b9078f61	2019-04-17 14:10:40 -07:00
Ryan Mitchell	5338085676	Merge "Allow zygote to scan static overlays on /oem" am: `1054b44b81` Change-Id: I33df646782f07fa78d6f763145fd7e772a10f338	2019-04-17 14:09:18 -07:00
Chong Zhang	6fd8d82f31	Allow system_server to schedule mediaswcodec bug: 130669553 Change-Id: I49d4ef473181d2270d90a9350c5e05b8b7db76bb (cherry-picked from https://android-review.googlesource.com/c/platform/system/sepolicy/+/946836)	2019-04-17 20:51:51 +00:00
Treehugger Robot	6e4d217991	Merge "Allow system_server to schedule mediaswcodec"	2019-04-17 20:09:36 +00:00
Treehugger Robot	1054b44b81	Merge "Allow zygote to scan static overlays on /oem"	2019-04-17 19:12:26 +00:00
Nick Kralevich	616a47ebaf	Remove isV2App am: `6b34e64ecb` Change-Id: Iac9592eb9f9fe4547d62b9e7e992bac4bffc4f76	2019-04-17 11:42:27 -07:00
Chong Zhang	042f844e54	Allow system_server to schedule mediaswcodec bug: 130669553 Change-Id: I49d4ef473181d2270d90a9350c5e05b8b7db76bb	2019-04-17 09:51:51 -07:00
Ryan Mitchell	ef1a64e231	Allow zygote to scan static overlays on /oem During preloading resources, zygote scans the overlay directories of supported partitions looking for android RROs to apply statically. Zygote currently is allowed to read overlays in /oem/overlay, but zygote does not have the search permission to be able to scan /oem. Without this patch, this denial is logged: 04-04 14:57:40.136 876 876 I auditd : type=1400 audit(0.0:9): avc: denied { search } for comm="main" name="oem" dev="dm-3" ino=46 scontext=u:r:zygote:s0 tcontext=u:object_r:oemfs:s0 tclass=dir permissive=0 Bug: 121033532 Test: booting without denials and stat oem succeeds Change-Id: I661f3e0aff7ec3513870d08ddc122fc359b8f995	2019-04-17 16:06:34 +00:00
Nick Kralevich	6b34e64ecb	Remove isV2App This selector is no longer used. Bug: 123605817 Bug: 111314398 Test: compiles and boots (cherry picked from commit `795add585c`) Change-Id: I673ce4b6898d58602e553e7cf194bb5eac8361e0	2019-04-17 00:10:26 -07:00
Nick Kralevich	819d644855	Remove isV2App am: `795add585c` am: `7c4351486a` Change-Id: Ib066e7229ac942dfd3466e411a23e55d8ac7b6e7	2019-04-16 23:24:40 -07:00
Nick Kralevich	7c4351486a	Remove isV2App am: `795add585c` Change-Id: Icf2e2a305d48fdfc1c2b0c587023748e7f6c2772	2019-04-16 23:14:36 -07:00
Nick Kralevich	795add585c	Remove isV2App This selector is no longer used. Bug: 123605817 Bug: 111314398 Test: compiles and boots Change-Id: I61bb6b9f17ba4534569bd4a1c0489023cdaf698d	2019-04-16 16:01:08 -07:00
Changyeon Jo	cfeaa1c664	Allow adb start/stop mdnsd via ctl.start/stop Bug: 128345139 Test: make selinux_policy Change-Id: I477d6d94c16974f23f703d5f334ef108279ab3bb Signed-off-by: Changyeon Jo <changyeon@google.com>	2019-04-16 08:39:33 -07:00
Jiyong Park	a74c1549fb	[automerger skipped] Merge "Allow bootstrap bionic only to init, ueventd, and apexd" into qt-dev am: `f9085929fb` -s ours am skip reason: change_id Id7bba2e8ed1c9faf6aa85dbbdd89add04826b160 with SHA1 `a0f998e6de` is in history Change-Id: I880eb42828cd565e9614523870df1ea06026597b	2019-04-15 10:06:56 -07:00
Jiyong Park	86019af2f3	[automerger skipped] Allow bootstrap bionic only to init, ueventd, and apexd am: `972d4b6473` -s ours am skip reason: change_id Id7bba2e8ed1c9faf6aa85dbbdd89add04826b160 with SHA1 `a0f998e6de` is in history Change-Id: Ia44b6dd3ff19d4026f3afdd3b0c3c657c8552969	2019-04-15 09:59:38 -07:00

1 2 3 4 5 ...

20431 commits