396 commits

Author	SHA1	Message	Date
Shubang Lu	69a7983d31	Merge "Add SE policy for tv_iapp"	2021-10-29 19:44:18 +00:00
Yifan Hong	388bbbccb3	Add health AIDL HAL. ... Test: pass Bug: 177269435 Change-Id: I755d5158715b38a89a28af753ad4c27cdfa93546	2021-10-26 19:34:34 -07:00
shubang	9fa7dc9c7b	Add SE policy for tv_iapp ... Bug: 203730671 Test: cuttlefish; Change-Id: I533f2004343aafe5660e4018e73111880dfa647f	2021-10-22 00:02:05 -07:00
Ady Abraham	7ed18e6d66	Composer stable AIDL HAL sepolicy ... Test: build + presubmit Bug: 198690444 Change-Id: I6a26823c4ad363d137526c96580b05363d0ac894	2021-10-20 02:58:20 +00:00
Ady Abraham	df28371462	Remove vrflinger ... Not used anymore. Test: build + presubmit Bug: 170681929 Change-Id: I3ac9b842f89acf620e9f08516e44977d83064f2f	2021-10-20 02:02:57 +00:00
Maurice Lam	1517644d4d	SELinux rules for virtual device ... Bug: 194949534 Test: Manual Change-Id: I5fcc83e313ce464e4a855b24d32fc2d82ee0b07e	2021-10-15 18:16:01 -07:00
Arthur Ishiguro	29dc02c044	Sensors stable AIDL HAL sepolicy ... Bug: 195593357 Test: TreeHugger Change-Id: I02b88a93d829654a1ce946681b59e648b2cd7550	2021-10-15 17:39:56 +00:00
Dave McCloskey	a7e47db710	SEPolicy changes to support Attestation Verification Service ... Bug: 201696614 Change-Id: I4a7a830ba809ed59a030a87c4f479199685d8a42 Test: Verify device boots	2021-10-08 14:53:24 -07:00
Treehugger Robot	62858f1178	Merge "Initial sepolicy for composd" am: 0bbfc68a49 ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1824054 Change-Id: I52b316146c7c3c9ee234fcd11f2a80b5abada3ad	2021-09-13 11:59:14 +00:00
Alan Stokes	d376e2041f	Initial sepolicy for composd ... Add what we need to allow composd to run and expose an AIDL service. Also delete the policy for compsvc; we never access it in the host now, and the real policy is in microdroid. Retain the compos_exec type, since it is referenced in the APEX sepolicy. Bug: 186126194 Test: adb shell cmd -w android.system.composd; no denials. Change-Id: I5f06b2b01852cdebd2d67009b363ec08b17ce33a	2021-09-13 10:33:53 +01:00
Ankita Vyas	e0d6c3604f	Merge "Add selinux changes for Locale Manager Service" am: 7ac013be94 ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1810459 Change-Id: Idd51d097ffd18b7e0f4c47e4e83221d24b787b94	2021-08-27 04:13:38 +00:00
Ankita Vyas	7ac013be94	Merge "Add selinux changes for Locale Manager Service"	2021-08-27 03:59:42 +00:00
Treehugger Robot	209b78ab83	Merge "sepolicy: Change UWB HAL from HIDL to versioned AIDL" am: d7fc7bd30b ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1809163 Change-Id: I423431ce2bee07fd3c2a968f4c59799b17fa71c6	2021-08-27 01:55:54 +00:00
Roshan Pius	cd8333b53a	sepolicy: Change UWB HAL from HIDL to versioned AIDL ... No new HIDL HAL's are allowed in Android T. UWB HAL converted to versioned AIDL interface to be compliant. Bug: 195308730 Test: Compiles Change-Id: I35cf8edd244baa02778ee8eff46840ae26424869	2021-08-27 00:28:56 +00:00
“Ankita	623ece0386	Add selinux changes for Locale Manager Service ... Test: build and booted device Bug: 194094788 Change-Id: Ic3c1f135985a5003ed07a8da9dbd7a3f8b61ae71	2021-08-26 14:33:24 +00:00
Arthur Ishiguro	cfa6d86d50	Context Hub stable AIDL sepolicy am: e1ced2f4d8 am: 779c996ebd ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1792668 Change-Id: Icdfb36f33e59953f6f13eb9901803ff61d2d4c90	2021-08-11 03:28:18 +00:00
Arthur Ishiguro	e1ced2f4d8	Context Hub stable AIDL sepolicy ... Bug: 194285834 Test: TreeHugger Change-Id: I88675f7f61821619abbff87fa5ee321836745324	2021-08-10 22:06:43 +00:00
Linzhao Ye	b2abee1922	Merge "Add SeLinux policy for hostapd AIDL service." am: f023c126fc am: ded1063fd2 ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1781487 Change-Id: Id5fd54b83225a7e7caa5d3c102dff6a68753cdbd	2021-07-29 16:42:16 +00:00
Chris Ye	b7bb89b551	Add SeLinux policy for hostapd AIDL service. ... Bug: 194806512 Test: Manual test wifi hotspot. Change-Id: I12b3e93650fcc6f2ea8794970fa8cf62c0a82475	2021-07-28 23:37:46 -07:00
Hongguang	e6b51cec20	Allow Tuner AIDL sample HAL. am: 2179e112e1 am: cc12e7bf00 ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1760683 Change-Id: I66bb1ec1efe05f6e0725fb25c09984cbc33c7bd7	2021-07-26 22:17:05 +00:00
Hongguang	2179e112e1	Allow Tuner AIDL sample HAL. ... Bug: 191825295 Test: tuner HAL can run Change-Id: I069da68cb4fec535c6549a9a0f89202eb17ef003	2021-07-26 11:35:18 -07:00
Kalesh Singh	21baa7a9cd	sepolicy: Serve suspend AIDL hal from system_suspend am: 0e903620a5 am: 599387666b ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1772908 Change-Id: I4d55e0a02f283fd1405d406cddf0a967fd5d4528	2021-07-23 21:25:40 +00:00
Kalesh Singh	599387666b	sepolicy: Serve suspend AIDL hal from system_suspend am: 0e903620a5 ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1772908 Change-Id: If424997bdb78a1b14b78b6ffcaf0d7f3cc2c8380	2021-07-23 20:56:44 +00:00
Amos Bianchi	0cdd444e78	SELinux policy for lazy AIDL/HIDL testing services. am: 6c40bac3d4 ... Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/15363837 Change-Id: Id573a6821822dd63ddffcc22d41f28f3f4316501	2021-07-23 18:17:37 +00:00
Kalesh Singh	792d519b56	Merge changes from topic "suspend-aidl-1" ... * changes: sepolicy: Update wakelock_use macro sepolicy: Serve suspend AIDL hal from system_suspend	2021-07-23 17:16:28 +00:00
Amos Bianchi	6c40bac3d4	SELinux policy for lazy AIDL/HIDL testing services. ... These services are used for running tests on Cuttlefish. Bug: 191781736 Test: atest aidl_lazy_test Test: atest hidl_lazy_test Ignore-AOSP-First: already in AOSP, automerger issue workaround Change-Id: Iec43c3d19ba5072dbfa6573a6d74106672f94972	2021-07-22 22:09:37 +00:00
Amos Bianchi	f778a0bd89	SELinux policy for lazy AIDL/HIDL testing services. ... These services are used for running tests on Cuttlefish. Bug: 191781736 Test: atest aidl_lazy_test Test: atest hidl_lazy_test Change-Id: Iec43c3d19ba5072dbfa6573a6d74106672f94972	2021-07-21 12:24:43 -07:00
Kalesh Singh	0e903620a5	sepolicy: Serve suspend AIDL hal from system_suspend ... Allow system_suspend to server the suspend AIDL hal service. Bug: 170260236 Test: Check logcat for supend avc denials Change-Id: Ie4c07e2e8d75fd4b12e55db15511060e09be59cf	2021-07-20 18:54:55 +00:00
Treehugger Robot	ce3a4de8d8	Merge "Add TARE service to SE policy." am: 9daeadb31e am: ba23828e12 ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1766506 Change-Id: I7498a860b4dae6e1f5c4e4b4cd38fe700794558b	2021-07-17 02:03:39 +00:00
Kweku Adams	988d073012	Add TARE service to SE policy. ... Bug: 158300259 Test: adb shell dumpsys tare Change-Id: I30c11631110d6bc4f291357dda639449aa9c39d3	2021-07-14 10:25:14 -07:00
Hasini Gunasinghe	4334d35f01	Add keystore permission for metrics re-routing. ... Keystore2 atoms need to be rounted to statsd via a proxy. The proxy needs to have this permission in order to pull metrics from keystore. Ignore-AOSP-First: No mergepath to AOSP. Bug: 188590587 Test: Statsd Testdrive script Change-Id: Ic94f4bb19a08b6300cfd2d3ed09b31d5b7081bfd Merged-In: Ic94f4bb19a08b6300cfd2d3ed09b31d5b7081bfd (cherry picked from commit 61d07e7ce0)	2021-06-30 17:02:14 -07:00
Janis Danisevskis	e1a289b66f	Merge "Rename vpnprofilestore to legacykeystore." into sc-dev am: adb49d3df6 ... Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/14981212 Change-Id: Ie341418b9491cd93e2af1ebe354f943e8ff85499	2021-06-30 19:57:20 +00:00
Janis Danisevskis	4678660d83	Rename vpnprofilestore to legacykeystore. ... Bug: 191373871 Test: N/A Merged-In: I3f11827909bd37a2127069de82670776a8e192b3 Change-Id: I3f11827909bd37a2127069de82670776a8e192b3	2021-06-30 12:40:39 -07:00
Janis Danisevskis	ab433c765b	Rename vpnprofilestore to legacykeystore. ... Ignore-AOSP-First: No mergepath from AOSP. Bug: 191373871 Test: N/A Change-Id: I3f11827909bd37a2127069de82670776a8e192b3	2021-06-30 09:36:30 -07:00
Hasini Gunasinghe	7611870f49	Merge "Add keystore permission for metrics re-routing." into sc-dev am: 898fc5b39b ... Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/14937250 Change-Id: I881b239515d17f81099ed16d519e1071e80c68ea	2021-06-30 13:32:33 +00:00
Hasini Gunasinghe	61d07e7ce0	Add keystore permission for metrics re-routing. ... Keystore2 atoms need to be rounted to statsd via a proxy. The proxy needs to have this permission in order to pull metrics from keystore. Ignore-AOSP-First: No mergepath to AOSP. Bug: 188590587 Test: Statsd Testdrive script Change-Id: Ic94f4bb19a08b6300cfd2d3ed09b31d5b7081bfd	2021-06-15 22:19:39 +00:00
Joanne Chung	a6657178f4	[Sepolicy] Change sepolicy name back to formal name. ... The feature is public, we can change the fake name to formal name. Bug: 185550380 Test: build pass and can run service correctly Merged-In: I956d916077f9a71cdf1df2f0be6f83e6f1f30a98 Change-Id: Idc29942eee6c2fd7658beb69ba62a70397176a66	2021-06-10 11:02:27 +00:00
Andrew Walbran	591726e719	Merge "Rename VirtManager to VirtualizationService." am: 04e6256c94 am: 899b1fe7d7 ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1715889 Change-Id: I240395c0c2309009bb26cf5859670d10a5b109df	2021-05-26 22:21:31 +00:00
Andrew Walbran	4b80a3fc3d	Rename VirtManager to VirtualizationService. ... Bug: 188042280 Test: atest VirtualizationTestCases Change-Id: Ia46a0dda923cb30382cbcba64aeb569685041d2b	2021-05-21 14:47:30 +00:00
Chris Wailes	27cc792529	RESTRICT AUTOMERGE: Revert "Add SELinux properties for artd" ... This reverts commit 467d8a80ea. Test: m Bug: 184281926 Change-Id: Ie95c5f65645d8d372bae9e7ebc325a42b777c1e8	2021-05-19 19:28:39 +00:00
Christian Wailes	6de8e5debe	Merge "Add SELinux properties for artd" am: 6553a8dbe6 am: b9502c818f am: b921e1dac4 ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1663786 Change-Id: Ie4bd8ae58edc80993c56ba3cf806135c716526fc	2021-04-28 20:23:52 +00:00
Chris Wailes	467d8a80ea	Add SELinux properties for artd ... Test: boot device and check for artd process Change-Id: I2a161701102ecbde3e293af0346d1db0b11d4aab	2021-04-27 14:49:13 -07:00
Treehugger Robot	f4014837fa	Merge "Add permission checker service" am: 644639584b am: e8a381e3e4 am: 82d927bad8 ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1678585 Change-Id: I85473ed47a9ad47ba1356149644464821bd84a25	2021-04-19 19:35:30 +00:00
Svet Ganov	214a65213a	Add permission checker service ... bug: 158792096 Test: atest CtsPermission5TestCases Change-Id: I9dbbf2fe84131ba38ac70e7171e3bd826c150640	2021-04-17 23:41:50 +00:00
Joanne Chung	685748706d	[Sepolicy] Change sepolicy name back to formal name. ... We use a fake name to prevent feature leak, we should change it back before API freeze. We will update the AOSP when our feature is public released. Bug: 181179744 Test: build pass and can run service correctly Ignore-AOSP-First: to prevent new feature leak. Test: atest CtsTranslationTestCases Change-Id: I956d916077f9a71cdf1df2f0be6f83e6f1f30a98	2021-04-14 14:48:28 +00:00
Roshan Pius	34f5268532	Merge "Uwb: Create a new Uwb system service" am: 0b8eafb54b am: 4b47c80944 am: f5a723a306 ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1673587 Change-Id: Iae266dda5077f501918f61d2ea7da7cd23f8ae9f	2021-04-14 03:00:57 +00:00
Roshan Pius	2a1610b4e0	Uwb: Create a new Uwb system service ... This service will intercept all UwbManager API calls and then perform necessary permission checks before forwarding the call to the vendor UWB service. Adding sepolicy permissions for exposing the service that handles all public API's. Bug: 183904955 Test: atest android.uwb.cts.UwbManagerTest Change-Id: Icce4d2f586926421c06e8902a91533002c380b8d	2021-04-12 10:26:24 -07:00
Wei Wang	f03a24ef9d	Merge "Rename hint service into performance_hint service" am: 4ea9b0b9df am: c8ee9a85e9 am: 77e2c3841e ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1672505 Change-Id: Idf37a4be53029a6565dab626502136ab6d6dfbac	2021-04-10 02:05:28 +00:00
Wei Wang	7b039717a9	Rename hint service into performance_hint service ... Bug: 158791282 Test: Compiles, boots Signed-off-by: Wei Wang <wvw@google.com> Change-Id: I1bd2757f90c040353a176f2dfd0142222753cf8f	2021-04-09 12:35:10 -07:00
Wei Wang	a9a100fc1a	Merge "Add SEpolicy for HintManagerService" am: a02227bd7a am: 9d42156d64 am: 415e3e994d ... Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1664996 Change-Id: I3c120ca74f9cf8b301ab923f0e5411c1da6bd796	2021-04-06 18:23:57 +00:00