tequilaOS/platform_system_sepolicy

Author	SHA1	Message	Date
Calin Juravle	6d0b0605ab	Merge "Allow system server to record its own profile" am: `6ff840033c` am: `6349325dfc` Change-Id: Id463d93fb7321bebc44495c8f5ebffb0d2aa67f2	2018-05-04 08:20:07 -07:00
Calin Juravle	6349325dfc	Merge "Allow system server to record its own profile" am: `6ff840033c` Change-Id: I7eb20a82994863ff7fd3914082123244f8411f1f	2018-05-04 08:14:33 -07:00
Calin Juravle	6ff840033c	Merge "Allow system server to record its own profile"	2018-05-04 15:06:24 +00:00
Jeffrey Vander Stoep	b8d870c18b	Merge "Revert "FrameworksServicesTests: allow access to test.sys.boot.reason property"" am: `bba94f80bb` am: `cbae15fd69` Change-Id: I5941463f4252da1c6b77e685b5b4bdd13c53dc1b	2018-05-04 07:35:55 -07:00
Jeffrey Vander Stoep	cbae15fd69	Merge "Revert "FrameworksServicesTests: allow access to test.sys.boot.reason property"" am: `bba94f80bb` Change-Id: I55f5df4e69c36ae52096a80c9287fb7f32de6b44	2018-05-04 07:30:53 -07:00
Jeffrey Vander Stoep	bba94f80bb	Merge "Revert "FrameworksServicesTests: allow access to test.sys.boot.reason property""	2018-05-04 14:25:31 +00:00
Jeffrey Vander Stoep	9c6749d772	Revert "FrameworksServicesTests: allow access to test.sys.boot.reason property" This reverts commit `0ab13a8dff`. Reason for revert: broken presubmit tests https://sponge.corp.google.com/target?show=FAILED&sortBy=STATUS&id=83e847b2-8e30-4417-9b15-8e66af4b2bc3&target=DeviceBootTest Change-Id: Id173c8e7fa28ba04070f507098f301f076e4aae7	2018-05-04 06:23:42 +00:00
Calin Juravle	71d8467b75	Allow system server to record its own profile On userdebug builds we can now profile system server without disabling selinux. This is the final piece, and allows the system server to save its own profile. Test: manual, on a device with system server profiling enabled Bug: 73313191 Change-Id: Iaf9575d3cda19ae4c38f1e20a8e1b9288b7abc83	2018-05-03 20:15:18 -07:00
android-build-prod (mdb)	76f59094b9	Merge "FrameworksServicesTests: allow access to test.sys.boot.reason property" am: `0e055173b1` am: `40f6019c7b` Change-Id: I0792ae4deffa2532315673d824502fc8c03e3651	2018-05-03 16:38:34 -07:00
android-build-prod (mdb)	40f6019c7b	Merge "FrameworksServicesTests: allow access to test.sys.boot.reason property" am: `0e055173b1` Change-Id: I24ca0be1e77173d7221f77267af866978c999d31	2018-05-03 16:33:34 -07:00
android-build-prod (mdb)	0e055173b1	Merge "FrameworksServicesTests: allow access to test.sys.boot.reason property"	2018-05-03 23:21:58 +00:00
android-build-prod (mdb)	def10bbc6f	Merge "Sepolicy: Fix system server calling perfprofd" am: `fc9afc4d2b` am: `9938a72f6e` Change-Id: I35335a2d0d767b5cc6b45d3414129ece987bd93c	2018-05-03 13:27:25 -07:00
android-build-prod (mdb)	9938a72f6e	Merge "Sepolicy: Fix system server calling perfprofd" am: `fc9afc4d2b` Change-Id: I424a8e2485355633e933ee88227e56a64d3e3977	2018-05-03 13:21:50 -07:00
android-build-prod (mdb)	fc9afc4d2b	Merge "Sepolicy: Fix system server calling perfprofd"	2018-05-03 20:12:40 +00:00
Tri Vo	bfe1e42143	Merge "SELinux type for vendor public libs." am: `59e9d2d8c9` am: `9d99ee2316` Change-Id: I50978971a2cf6221024d91edde0cb85b9415f7be	2018-05-03 13:11:21 -07:00
Tri Vo	9d99ee2316	Merge "SELinux type for vendor public libs." am: `59e9d2d8c9` Change-Id: I69b0ef3b55645e7bc99aa25c49a0792ad8c8d2fc	2018-05-03 13:06:18 -07:00
Tri Vo	59e9d2d8c9	Merge "SELinux type for vendor public libs."	2018-05-03 19:52:58 +00:00
Andreas Gampe	986b9af4fa	Sepolicy: Fix system server calling perfprofd Give all the right permissions to find and send a message to perfprofd from the system server. Bug: 73175642 Test: m Test: manual Change-Id: I82b63ec097dcd445d9e8169fe0df4398d62ac184	2018-05-03 10:57:30 -07:00
android-build-team Robot	3a020d74b3	[automerger skipped] Merge "Allow wpa_supplicant to write to files in /proc/net." into pi-dev am: `fa3934c96d` -s ours Change-Id: Ibba3e143d6b81285071ca46d809e0559b8bd00ec	2018-05-03 10:18:07 -07:00
Pavel Maltsev	25444a2252	Merge "Allow auto HAL clients to access hw services" into pi-dev am: `53c6578ff2` Change-Id: Iae7cf1baecc889cbb2c621be279cd9b40ffa852b	2018-05-03 10:13:52 -07:00
android-build-team Robot	fa3934c96d	Merge "Allow wpa_supplicant to write to files in /proc/net." into pi-dev	2018-05-03 17:11:37 +00:00
Pavel Maltsev	53c6578ff2	Merge "Allow auto HAL clients to access hw services" into pi-dev	2018-05-03 16:58:58 +00:00
Mark Salyzyn	0ab13a8dff	FrameworksServicesTests: allow access to test.sys.boot.reason property com.android.server.power.PowerManagerServiceTest#testGetLastShutdownReasonInternal due to "RuntimeException: failed to set system property" W/roidJUnitRunner: type=1400 audit(0.0:6): avc: denied { write } for name="property_service" dev="tmpfs" ino=13178 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0 W/libc : Unable to set property "test.sys.boot.reason" to "shutdown,thermal": connection failed; errno=13 (Permission denied) Test: compile Bug: 78245377 Change-Id: Id21436d281bab27823969a9f7e92318d70b5a2d6	2018-05-03 16:45:36 +00:00
Alan Stokes	2818b902dc	Allow wpa_supplicant to write to files in /proc/net. This is needed for interface configuration - see e.g. nl80211_configure_data_frame_filters. Bug: 77903086 Test: Device boots, denial not seen, wifi works (cherry picked from commit `72ed615228`) Change-Id: Ia781e7c56f6e8e77e654cd28ca34de09180e2213 Merged-In: Ia55c4af1fcee75ada0e67a162fdb92ecc0089312	2018-05-03 15:28:48 +00:00
android-build-team Robot	4a4411782a	Merge "Never expand proc_type attribute" into pi-dev am: `d8d7a3f7cc` Change-Id: Ibd8dc38bf69f85a9ef05ee1eee668a11c6262657	2018-05-03 07:47:03 -07:00
android-build-team Robot	d8d7a3f7cc	Merge "Never expand proc_type attribute" into pi-dev	2018-05-03 14:29:48 +00:00
Jeff Vander Stoep	db6218417c	Never expand proc_type attribute It's used in build-time tests and in CTS. Bug: 78898770 Test: build user-build Change-Id: I254bf4d7ed0c0cb029b55110ceec982b84e4a91b (cherry picked from commit beeb122405070a5b4cee326a0cdae92a1a791fbc)	2018-05-02 15:00:55 -07:00
android-build-prod (mdb)	fd0ac5d6ac	Merge "tombstoned: allow linking tombstones." am: `c4ec97ab1f` am: `aadd0e99a6` Change-Id: Ic2318d08722a078eb78692a3f3d404b1b460cd99	2018-05-02 14:56:46 -07:00
Tri Vo	29497b623e	SELinux type for vendor public libs. Vendor public libs are exposed to apps (not system), and their ABI stability is guaranteed by vendor. Introducing new selinux type so that we don't conflate concepts of same-process HAL and vendor public lib. The former is exposed to all domains, while the latter should only be acessible by apps. Bug: 76413554 Test: build-only change, policy builds Change-Id: I89dad351374f46c7fe2726991eb4c05064c37ed5	2018-05-02 14:51:05 -07:00
android-build-prod (mdb)	aadd0e99a6	Merge "tombstoned: allow linking tombstones." am: `c4ec97ab1f` Change-Id: Ibfb1e1525bbb566b183150f2817a545a27c54b85	2018-05-02 14:50:00 -07:00
android-build-prod (mdb)	c4ec97ab1f	Merge "tombstoned: allow linking tombstones."	2018-05-02 21:43:03 +00:00
Andrew Sapperstein	2ed7ba3d44	Merge "Add ro.oem.key1 to SELinux policy." into pi-dev am: `b12ca61e9c` Change-Id: Ib7b77f1e82e5d653a9cf54d7f52a284f6491be72	2018-05-02 14:24:53 -07:00
Andrew Sapperstein	b12ca61e9c	Merge "Add ro.oem.key1 to SELinux policy." into pi-dev	2018-05-02 21:10:41 +00:00
android-build-team Robot	4695d8de9d	Merge changes Ic3f85992,I33f47db7 into pi-dev am: `9d4573c448` Change-Id: I0c684c03b2f6d4262ccca5ab97fe6d5b19500334	2018-05-02 12:02:20 -07:00
Andreas Gampe	66b292ede6	[automerger skipped] Sepolicy: Modify postinstall_dexopt am: `b5c927184f` -s ours Change-Id: Ica799e01c950aedbc36e3f8b374150544e71dd0d	2018-05-02 12:02:08 -07:00
android-build-team Robot	9d4573c448	Merge changes Ic3f85992,I33f47db7 into pi-dev * changes: Sepolicy: Modify postinstall_dexopt Sepolicy: Modify postinstall_dexopt	2018-05-02 18:52:02 +00:00
Andrew Sapperstein	99bfd8efdf	Add ro.oem.key1 to SELinux policy. vendor-init-settable\|public-readable Change-Id: I8262cc03150931080c0982350cd990ee8f5422bc Fixes: 78636965 Test: adb shell getprop ro.oem.key1	2018-05-02 11:48:30 -07:00
Tri Vo	7db0bddbd1	Merge "init: restrict setattr perms to /proc." am: `4bb33bc38f` am: `12a0f7b922` Change-Id: Ifea0a56a82106e88159b319ec2317566a9d088e5	2018-05-02 11:31:29 -07:00
Tri Vo	12a0f7b922	Merge "init: restrict setattr perms to /proc." am: `4bb33bc38f` Change-Id: Ifea809aaf162a77888844ab3944ecd531f0a1d01	2018-05-02 11:26:56 -07:00
Tri Vo	4bb33bc38f	Merge "init: restrict setattr perms to /proc."	2018-05-02 18:18:49 +00:00
Pavel Maltsev	368ae61fc7	Allow auto HAL clients to access hw services Bug: 70637118 Test: m && emulator ; also verified on bat_land Change-Id: I39dd17d20acc8d380f36e207679b8b1eba63a72e	2018-05-02 09:54:40 -07:00
android-build-prod (mdb)	5afce15046	Merge "Audit generic debugfs access for removal" am: `65352c904a` am: `810ad5f27b` Change-Id: I8e5cf7eaf9eb290090adfb5c2821a7efdd9e1acf	2018-05-01 23:11:36 -07:00
Jaekyun Seok	2b151c77d2	Update prebuilts/api/28.0/public/property_contexts am: `21b1015db3` Change-Id: I5cd8f975710427ad0730d7ad2342e9bbf65072e3	2018-05-01 23:06:10 -07:00
android-build-prod (mdb)	810ad5f27b	Merge "Audit generic debugfs access for removal" am: `65352c904a` Change-Id: I86811ccd2e68cdd4f64a250e9b79f3386a9eebc4	2018-05-01 23:06:04 -07:00
Jaekyun Seok	be1bbc0d5c	[automerger skipped] Allow vendor-init-settable for properties used in Android TV am: `d097ff9516` -s ours Change-Id: I8290eefd8641950e9c6d46073d56ea4594469f7a	2018-05-01 23:06:02 -07:00
android-build-prod (mdb)	65352c904a	Merge "Audit generic debugfs access for removal"	2018-05-02 06:00:04 +00:00
Jaekyun Seok	21b1015db3	Update prebuilts/api/28.0/public/property_contexts Bug: 78205669 Bug: 78430613 Test: succeeded building Change-Id: Ie098b839a050058424673f0d8961b7a194a2caab	2018-05-02 09:08:13 +09:00
Jeff Vander Stoep	2fbb456418	adbd: dontaudit sys_resource denials am: `621668568a` am: `19e74c5686` Change-Id: I63873f2ef53e0cf99186029dc702cc2eca78ad54	2018-05-01 16:49:55 -07:00
android-build-prod (mdb)	73d7cabfb9	Merge "Only installd and init may relabel app_data_file." am: `577b7a5d7b` am: `8f867acb4a` Change-Id: I3071aeb263d81cd27d8a8ba8897d6ca1e4193887	2018-05-01 16:45:14 -07:00
Jeff Vander Stoep	19e74c5686	adbd: dontaudit sys_resource denials am: `621668568a` Change-Id: Ic4b747132562879ba4c4a27dda4f9e2a369808f9	2018-05-01 16:45:11 -07:00

1 2 3 4 5 ...

15584 commits