tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
43222 commits 1 branch 0 tags 50 MiB
Commit graph

43222 commits

This branch
This branch
All branches
Author SHA1 Message Date
Nikita Ioffe
2db2ef7074 Merge "Reland "Change the stem name to microdroid_precompiled_s..."" am: d16d7d17e5 am: 4eb36f4615 am: c41885d19c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2627369

Change-Id: I71474499b330e978abfd83392a1cfcc02425932c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 13:14:18 +00:00
Nikita Ioffe
c41885d19c Merge "Reland "Change the stem name to microdroid_precompiled_s..."" am: d16d7d17e5 am: 4eb36f4615 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2627369

Change-Id: I2017d5985bfb81918bf4091cecfa4512328c2cd0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 12:25:42 +00:00
Nikita Ioffe
4eb36f4615 Merge "Reland "Change the stem name to microdroid_precompiled_s..."" am: d16d7d17e5 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2627369

Change-Id: I56600eae4e2ba33c56a5d4827db882388cdae97a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 11:45:31 +00:00
Dimitry Ivanov
38986ba77c Merge "Allow app_zygote to map memfd backed memeory as PROT_EXEC" am: c01d3fb36c am: 6c61a71e33 am: 67c9ae04ba 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2623093

Change-Id: Icf8b2ce1f59d6624f1c85aa7ad429d9ee82d72c3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 11:43:40 +00:00
Dimitry Ivanov
67c9ae04ba Merge "Allow app_zygote to map memfd backed memeory as PROT_EXEC" am: c01d3fb36c am: 6c61a71e33 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2623093

Change-Id: Idd9db364d8f6a7f172bda41defe06a2a06a752a7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 10:33:38 +00:00
Nikita Ioffe
d16d7d17e5 Merge "Reland "Change the stem name to microdroid_precompiled_s..."" 2023-06-15 10:27:39 +00:00
Dimitry Ivanov
6c61a71e33 Merge "Allow app_zygote to map memfd backed memeory as PROT_EXEC" am: c01d3fb36c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2623093

Change-Id: I6e6457337d66ba4e7c5590799c565af05b99e363
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 09:51:00 +00:00
Dimitry Ivanov
c01d3fb36c Merge "Allow app_zygote to map memfd backed memeory as PROT_EXEC" 2023-06-15 08:44:16 +00:00
Nikita Ioffe
4e6839e677 Reland "Change the stem name to microdroid_precompiled_s..." 
Bug: 285855150
Test: presubmit
Change-Id: I3343b7cf22165541f880fd1c88b27b0204c94c4b
 2023-06-14 20:31:29 +00:00
Pawan Wagh
bd2b6d181a Merge "Revert "Change the stem name to microdroid_precompiled_sepolicy"" am: 899f6c0537 am: b23a691e10 am: 3d5b12e5e8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2626909

Change-Id: I38d84ca00f8e30e42b4392ed53509040345e84a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 20:05:48 +00:00
Pawan Wagh
9e7493abb8 Merge "Add update service fuzzer to bindings" am: b4f463824c am: 02c84cec70 am: cf602ed963 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2619905

Change-Id: I179defcdef57cb4abe5e02c71e3c1e134bcc0f5f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 20:04:05 +00:00
Pawan Wagh
3d5b12e5e8 Merge "Revert "Change the stem name to microdroid_precompiled_sepolicy"" am: 899f6c0537 am: b23a691e10 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2626909

Change-Id: I0cb302773ae03ac91c4e134d1e8487dbd7192b42
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 18:58:47 +00:00
Pawan Wagh
cf602ed963 Merge "Add update service fuzzer to bindings" am: b4f463824c am: 02c84cec70 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2619905

Change-Id: I5a6dfb0448de6a73711916439e064bd29e4278dc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 18:57:50 +00:00
Pawan Wagh
b23a691e10 Merge "Revert "Change the stem name to microdroid_precompiled_sepolicy"" am: 899f6c0537 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2626909

Change-Id: I69ec0b39693293176b40fb8f9702b8d001c013d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 18:57:21 +00:00
Pawan Wagh
899f6c0537 Merge "Revert "Change the stem name to microdroid_precompiled_sepolicy"" 2023-06-14 18:40:59 +00:00
Pawan Wagh
8f2923421e Revert "Change the stem name to microdroid_precompiled_sepolicy" 
Revert submission 2625691

Reason for revert: b/287283650

Reverted changes: /q/submissionid:2625691

Change-Id: I775d07a388556796d25b4f5d99135d5878489ce8
 2023-06-14 18:28:17 +00:00
Pawan Wagh
02c84cec70 Merge "Add update service fuzzer to bindings" am: b4f463824c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2619905

Change-Id: I3221bc020b8400a6a1e9f0ccf556527e39e71146
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 18:10:07 +00:00
Pawan Wagh
b4f463824c Merge "Add update service fuzzer to bindings" 2023-06-14 17:33:23 +00:00
Nikita Ioffe
714fc2abf1 Merge "Change the stem name to microdroid_precompiled_sepolicy" am: 437f31c328 am: 789c5a3430 am: 2d78078ee0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2617776

Change-Id: I5f21a403fecf288f36b3f6cbc1234a5834a3c87b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 16:37:50 +00:00
Nikita Ioffe
2d78078ee0 Merge "Change the stem name to microdroid_precompiled_sepolicy" am: 437f31c328 am: 789c5a3430 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2617776

Change-Id: I6d3d6a58e6fd0d8944765fd65037e78470055e08
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 15:50:51 +00:00
Nikita Ioffe
789c5a3430 Merge "Change the stem name to microdroid_precompiled_sepolicy" am: 437f31c328 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2617776

Change-Id: I323e7da1e2a963068e5efbb91fe4372925adaf0f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 15:30:48 +00:00
Nikita Ioffe
437f31c328 Merge "Change the stem name to microdroid_precompiled_sepolicy" 2023-06-14 15:20:18 +00:00
dimitry
97f7775743 Allow app_zygote to map memfd backed memeory as PROT_EXEC 
Binary translation maps these regions to install translated code,
see linked bug for more context.

Bug: http://b/189502716
Test: run cts -m CtsExternalServiceTestCases -t android.externalservice.cts.ExternalServiceTest#testBindExternalServiceWithZygote
      in binary translated enviroment.
Change-Id: I3bc978b9013e9fc5cf700d1efca769331ec395b0
 2023-06-14 12:24:12 +02:00
Eric Biggers
9cb04c4dbc Merge "Allow vold to rename system_data_file directories" am: 8b703551d8 am: 0038d8f822 am: 122d3f0d20 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2619901

Change-Id: I372c6c155928c9772f8d9aa8ba9e82affb12d6cb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 00:08:32 +00:00
Eric Biggers
122d3f0d20 Merge "Allow vold to rename system_data_file directories" am: 8b703551d8 am: 0038d8f822 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2619901

Change-Id: I204d08a73a9a7ca81f042da54bedfa5ee532c77b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-13 23:21:12 +00:00
Eric Biggers
0038d8f822 Merge "Allow vold to rename system_data_file directories" am: 8b703551d8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2619901

Change-Id: I66f26b92e4b1aad9f086d19249f60aa1d596909b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-13 22:40:36 +00:00
Eric Biggers
8b703551d8 Merge "Allow vold to rename system_data_file directories" 2023-06-13 22:11:39 +00:00
Pawan Wagh
01a43aec9b Merge "Add credstore service fuzzer to bindings" am: 767dc6be06 am: e0f268a982 am: 252e98a0dc 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2619904

Change-Id: I6d6397e345bdb94149fd21a343eaa0a58abed686
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-13 18:03:17 +00:00
Pawan Wagh
252e98a0dc Merge "Add credstore service fuzzer to bindings" am: 767dc6be06 am: e0f268a982 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2619904

Change-Id: I19c47420f69c7e078f487918e92fd262211033e4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-13 17:18:48 +00:00
Pawan Wagh
e0f268a982 Merge "Add credstore service fuzzer to bindings" am: 767dc6be06 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2619904

Change-Id: I80ca6ebfadea23dc48a9d018f1efe6adafef5e52
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-13 16:39:25 +00:00
Eric Biggers
95930cf6a7 Allow vold to rename system_data_file directories 
To fully close a race condition where processes can access per-user
directories before an encryption policy has been assigned, vold is going
to start creating these directories under temporary names and moving
them into place once fully prepared.  To make this possible, give vold
permission to rename directories with type system_data_file.

Bug: 156305599
Bug: 285239971
Change-Id: Iae2c8f7d2dc343e7d177e6fb2e893ecca1796f7f
 2023-06-13 16:22:03 +00:00
Pawan Wagh
767dc6be06 Merge "Add credstore service fuzzer to bindings" 2023-06-13 15:30:53 +00:00
Treehugger Robot
64044e42c4 Merge "Allow app_process to link /data/asan/system_ext/lib/*" am: 06d79cdc4e am: 53931795c0 am: 3f9b4ba712 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2620909

Change-Id: Ifdbbad34ee9a65c69cce5b7dce58ed1918d0df02
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 13:02:56 +00:00
Treehugger Robot
3f9b4ba712 Merge "Allow app_process to link /data/asan/system_ext/lib/*" am: 06d79cdc4e am: 53931795c0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2620909

Change-Id: Iddb01049e1fda78da7432538a4bbf986357ea342
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 12:17:08 +00:00
Treehugger Robot
53931795c0 Merge "Allow app_process to link /data/asan/system_ext/lib/*" am: 06d79cdc4e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2620909

Change-Id: I54cc818c3cbd8318dbd23c7ac57c358803f8ac5a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 11:37:15 +00:00
Treehugger Robot
06d79cdc4e Merge "Allow app_process to link /data/asan/system_ext/lib/*" 2023-06-12 10:54:27 +00:00
Jeff Pu
5129ddefdc Merge "Allow hal_fingerprint_default to have pipe read access" am: f19025e663 am: 80dec42b4b am: caaf7885f8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2605987

Change-Id: Ifd30e8837ca67fea19dc44f3a2b4824e0d0ad6a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 21:12:30 +00:00
Jeff Pu
caaf7885f8 Merge "Allow hal_fingerprint_default to have pipe read access" am: f19025e663 am: 80dec42b4b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2605987

Change-Id: I8c8f0f266b033ca17114d18fb87cce0fbcd74e74
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 20:26:25 +00:00
Jeff Pu
80dec42b4b Merge "Allow hal_fingerprint_default to have pipe read access" am: f19025e663 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2605987

Change-Id: I25ce105f8eeaa2b6199c7e7f017fd6f93620b413
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 19:42:10 +00:00
Jeff Pu
f19025e663 Merge "Allow hal_fingerprint_default to have pipe read access" 2023-06-09 19:09:58 +00:00
Jeff Pu
1e09f2ebf7 Allow hal_fingerprint_default to have pipe read access 
Bug: 284488745
Test: atest BiometricsE2eTests:BiometricPromptAuthSuccessTest
Change-Id: Ie69193964232b1a6b97877c650182fcdcd5b2cea
 2023-06-09 13:56:28 +00:00
Treehugger Robot
409639ad09 Merge "Allow VMs to log to shell pts" am: 550f10eaeb am: 0fa23e0be1 am: c538798bb0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2617777

Change-Id: I8571475bb6e8484c27dc1c6f21f84377136deb09
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 11:01:11 +00:00
Treehugger Robot
c538798bb0 Merge "Allow VMs to log to shell pts" am: 550f10eaeb am: 0fa23e0be1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2617777

Change-Id: I2eb821ffa291f44e8c4511eee134cf395b381fba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 10:11:13 +00:00
Treehugger Robot
0fa23e0be1 Merge "Allow VMs to log to shell pts" am: 550f10eaeb 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2617777

Change-Id: I9737b5d4a1ca946b6aed006dfb5a14dcb472b2b1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 09:29:49 +00:00
Treehugger Robot
550f10eaeb Merge "Allow VMs to log to shell pts" 2023-06-09 09:03:29 +00:00
Jooyung Han
2b60a575e1 Merge "Allow vendor_overlay_file from vendor apex" am: ad08877b4d am: cef75edc33 am: a34197f152 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2618632

Change-Id: If0392eee00457c2e41d3f2c214405c8ca12f9f04
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 08:02:14 +00:00
Jooyung Han
a34197f152 Merge "Allow vendor_overlay_file from vendor apex" am: ad08877b4d am: cef75edc33 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2618632

Change-Id: I7263e36b7f522de5d35b634dead192d3f1fa1da2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 07:13:03 +00:00
Inseob Kim
367845c850 Add missing properties to microdroid am: deaa8b9f4a am: 20a9d569d2 am: 54ba7286ca 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2106044

Change-Id: If9cedd91479d5ea33bb986dd880d42f11bf8f7ff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 06:32:49 +00:00
Jooyung Han
cef75edc33 Merge "Allow vendor_overlay_file from vendor apex" am: ad08877b4d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2618632

Change-Id: I762e8a8848868268804b2d9d2012246e5fcc0707
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 06:31:34 +00:00
Jooyung Han
ad08877b4d Merge "Allow vendor_overlay_file from vendor apex" 2023-06-09 05:56:20 +00:00