Roland Levillain
7606aff18f
Merge "No longer label patchoat binaries in file_contexts." am: bf2ee36db9 am: 5b8a175475
...
am: 8929a3ef7c
2019-03-14 06:43:50 -07:00
Roland Levillain
8929a3ef7c
Merge "No longer label patchoat binaries in file_contexts." am: bf2ee36db9
...
am: 5b8a175475
2019-03-14 06:38:24 -07:00
Roland Levillain
5b8a175475
Merge "No longer label patchoat binaries in file_contexts."
...
am: bf2ee36db9
2019-03-14 06:33:09 -07:00
Roland Levillain
bf2ee36db9
Merge "No longer label patchoat binaries in file_contexts."
2019-03-14 13:19:12 +00:00
Martijn Coenen
fc8de58467
Allow apexd to talk to vold. am: 1f1c4c3fa5 am: e9b10d0efa
...
am: 69e797a9a9
2019-03-14 00:40:45 -07:00
Martijn Coenen
69e797a9a9
Allow apexd to talk to vold. am: 1f1c4c3fa5
...
am: e9b10d0efa
2019-03-14 00:35:40 -07:00
Martijn Coenen
e9b10d0efa
Allow apexd to talk to vold.
...
am: 1f1c4c3fa5
2019-03-14 00:30:36 -07:00
Martijn Coenen
1f1c4c3fa5
Allow apexd to talk to vold.
...
To query filesystem checkpointing state.
Bug: 126740531
Test: no denials
Change-Id: I28a68b9899d7cb42d7e557fb904a2bf8fa4ecf66
2019-03-14 07:23:40 +00:00
Jeff Vander Stoep
45e4d123f6
crash_dump: dontaudit devices passed by exec() am: 1795d0bcfd am: 301e0e366c
...
am: 0bbc83daf2
2019-03-13 23:51:01 -07:00
Jeff Vander Stoep
0bbc83daf2
crash_dump: dontaudit devices passed by exec() am: 1795d0bcfd
...
am: 301e0e366c
2019-03-13 23:45:48 -07:00
Jeff Vander Stoep
301e0e366c
crash_dump: dontaudit devices passed by exec()
...
am: 1795d0bcfd
2019-03-13 23:40:51 -07:00
Jeff Vander Stoep
1795d0bcfd
crash_dump: dontaudit devices passed by exec()
...
avc: denied { read } for comm="crash_dump64" name="v4l-touch22"
dev="tmpfs" ino=18821 scontext=u:r:crash_dump:s0
tcontext=u:object_r:input_device:s0 tclass=chr_file
Test: build
Change-Id: Iac66b77ad255c950b21fd267c88fdbc382be2877
2019-03-13 20:50:25 -07:00
Suren Baghdasaryan
73ec91a17a
Merge "sepolicy: Remove unnecessary psi procfs rules" am: 96cc32b0eb am: 226cbec8c4
...
am: 5335c27df3
2019-03-13 19:01:42 -07:00
Suren Baghdasaryan
5335c27df3
Merge "sepolicy: Remove unnecessary psi procfs rules" am: 96cc32b0eb
...
am: 226cbec8c4
2019-03-13 18:57:35 -07:00
Suren Baghdasaryan
226cbec8c4
Merge "sepolicy: Remove unnecessary psi procfs rules"
...
am: 96cc32b0eb
2019-03-13 18:53:30 -07:00
Suren Baghdasaryan
96cc32b0eb
Merge "sepolicy: Remove unnecessary psi procfs rules"
2019-03-14 01:42:21 +00:00
Tri Vo
daa48f8e20
Allow global read access to /sys/kernel/mm/transparent_hugepage/ am: d6c5ff5f72 am: f59537cd15
...
am: fb81c6462b
2019-03-13 17:06:01 -07:00
Tri Vo
fb81c6462b
Allow global read access to /sys/kernel/mm/transparent_hugepage/ am: d6c5ff5f72
...
am: f59537cd15
2019-03-13 16:59:32 -07:00
Tri Vo
f59537cd15
Allow global read access to /sys/kernel/mm/transparent_hugepage/
...
am: d6c5ff5f72
2019-03-13 16:55:26 -07:00
Tri Vo
d6c5ff5f72
Allow global read access to /sys/kernel/mm/transparent_hugepage/
...
If kernel is built with CONFIG_TRANSPARENT_HUGEPAGE optimization,
libjemalloc5 will attempt to read
/sys/kernel/mm/transparent_hugepage/enabled and hit an SELinux denial.
Various denials similiar to the following are seen on cuttlefish:
avc: denied { open } for comm="surfaceflinger"
path="/sys/kernel/mm/transparent_hugepage/enabled" dev="sysfs" ino=776
scontext=u:r:surfaceflinger:s0 tcontext=u:object_r:sysfs:s0 tclass=file
permissive=1
Bug: 28053261
Test: boot cuttlefish without above denials.
Change-Id: Ic33f12d31aacc42d662a8c5c297fbb5f84d4deea
2019-03-13 23:47:25 +00:00
wenquan.zhang
aaf199d25e
Merge "ODM updates the recovery partition through vendor's materials" am: 058f7f4add am: 46d6f85619
...
am: 5ce8541ac9
2019-03-13 15:43:56 -07:00
wenquan.zhang
5ce8541ac9
Merge "ODM updates the recovery partition through vendor's materials" am: 058f7f4add
...
am: 46d6f85619
2019-03-13 15:34:57 -07:00
wenquan.zhang
46d6f85619
Merge "ODM updates the recovery partition through vendor's materials"
...
am: 058f7f4add
2019-03-13 15:06:11 -07:00
Treehugger Robot
058f7f4add
Merge "ODM updates the recovery partition through vendor's materials"
2019-03-13 21:36:50 +00:00
Suren Baghdasaryan
c45fc50e1f
[automerger skipped] Merge "sepolicy: Allow lmkd access to psi procfs nodes" am: 9902c67cfa am: 19cae23580
...
am: 2212816cdab12d5da665
2019-03-13 14:08:27 -07:00
Tri Vo
f67a5ad2db
Merge "vold: write permission to sysfs_devices_block" am: 3a463e108d am: b02eef7231
...
am: 48879a0dd2
2019-03-13 14:06:39 -07:00
Suren Baghdasaryan
2212816cda
Merge "sepolicy: Allow lmkd access to psi procfs nodes" am: 9902c67cfa
...
am: 19cae23580
2019-03-13 14:00:51 -07:00
Tri Vo
48879a0dd2
Merge "vold: write permission to sysfs_devices_block" am: 3a463e108d
...
am: b02eef7231
2019-03-13 14:00:19 -07:00
Suren Baghdasaryan
19cae23580
Merge "sepolicy: Allow lmkd access to psi procfs nodes"
...
am: 9902c67cfa
2019-03-13 13:56:55 -07:00
Tri Vo
b02eef7231
Merge "vold: write permission to sysfs_devices_block"
...
am: 3a463e108d
2019-03-13 13:54:03 -07:00
Suren Baghdasaryan
f4b7e01c1f
sepolicy: Remove unnecessary psi procfs rules
...
Remove unnecessary rules which will be added from 28.0.cil automatically
by the build process.
Bug: 111308141
Test: builds
Change-Id: I02064785cac1ed6d8b4e462604a1b8db10c1a25a
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
2019-03-13 20:53:55 +00:00
Suren Baghdasaryan
9902c67cfa
Merge "sepolicy: Allow lmkd access to psi procfs nodes"
2019-03-13 20:51:31 +00:00
Tri Vo
3a463e108d
Merge "vold: write permission to sysfs_devices_block"
2019-03-13 20:36:30 +00:00
Roland Levillain
6f314bcd95
No longer label patchoat binaries in file_contexts.
...
The patchoat program has been removed from Android in
https://android-review.googlesource.com/c/platform/art/+/774905 .
Test: n/a
Bug: 77856493
Change-Id: Icf6ed2e5671d20f57dff94a55bedfb035cfc0ee7
2019-03-13 20:18:57 +00:00
Ben Murdoch
8261b45671
Merge "Allow traced_probes to access power rail data." am: 98de091a4f am: 9ca6038a10
...
am: dea6e19a4e
2019-03-13 13:10:46 -07:00
Ben Murdoch
dea6e19a4e
Merge "Allow traced_probes to access power rail data." am: 98de091a4f
...
am: 9ca6038a10
2019-03-13 13:05:42 -07:00
Ben Murdoch
9ca6038a10
Merge "Allow traced_probes to access power rail data."
...
am: 98de091a4f
2019-03-13 12:56:31 -07:00
Treehugger Robot
98de091a4f
Merge "Allow traced_probes to access power rail data."
2019-03-13 19:47:54 +00:00
Andreas Gampe
2a7c398d1c
Merge "Sepolicy: ART APEX boot integrity" am: 01147a70f4 am: 950d25ccf9
...
am: 089db86c5f
2019-03-13 11:44:28 -07:00
Andreas Gampe
089db86c5f
Merge "Sepolicy: ART APEX boot integrity" am: 01147a70f4
...
am: 950d25ccf9
2019-03-13 11:33:46 -07:00
Andreas Gampe
950d25ccf9
Merge "Sepolicy: ART APEX boot integrity"
...
am: 01147a70f4
2019-03-13 11:29:14 -07:00
Andreas Gampe
01147a70f4
Merge "Sepolicy: ART APEX boot integrity"
2019-03-13 18:19:03 +00:00
Victor Hsieh
6d40292b8e
Merge "Allow mini-keyctl to setattr for restricting keyring" am: e5667b30d5 am: ac0a689cb4
...
am: f89f5d9c67
2019-03-13 11:05:12 -07:00
Victor Hsieh
f89f5d9c67
Merge "Allow mini-keyctl to setattr for restricting keyring" am: e5667b30d5
...
am: ac0a689cb4
2019-03-13 10:52:03 -07:00
Victor Hsieh
ac0a689cb4
Merge "Allow mini-keyctl to setattr for restricting keyring"
...
am: e5667b30d5
2019-03-13 10:39:57 -07:00
Treehugger Robot
e5667b30d5
Merge "Allow mini-keyctl to setattr for restricting keyring"
2019-03-13 17:30:22 +00:00
Ben Murdoch
f948ea58c7
Allow traced_probes to access power rail data.
...
Allows power rail data to be logged in the trace, allowing
high fidelity attribution of battery power use.
Matching feature CL: aosp/891533
SELinux denials that lead to this:
avc: denied { call } for scontext=u:r:traced_probes:s0 tcontext=u:r:hal_power_stats_default:s0 tclass=binder
Test: checked data in a trace
Bug: 122584217
Change-Id: I7e0f4e825be3f54bc78d91da1cb85c2f61465a44
2019-03-13 17:11:31 +00:00
Suren Baghdasaryan
53065d6aa8
sepolicy: Allow lmkd access to psi procfs nodes
...
Lmkd needs read access to /proc/pressure/memory, proc/pressure/cpu
and proc/pressure/io nodes to read current psi levels.
Lmkd needs write access to /proc/pressure/memory to set psi monitor
triggers.
Bug: 111308141
Test: modified lmkd to use PSI and tested using lmkd_unit_test
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Merged-In: I9efd60c7fbb89cc08938fa5119b13d794813b52b
Change-Id: I9efd60c7fbb89cc08938fa5119b13d794813b52b
2019-03-13 10:00:37 -07:00
Andreas Gampe
ef971ba9ea
Merge "Sepolicy: Give sys_admin for relabel" am: 20fe557ec5 am: b329558180
...
am: 5d764f6ede
2019-03-13 08:46:48 -07:00
Andreas Gampe
5d764f6ede
Merge "Sepolicy: Give sys_admin for relabel" am: 20fe557ec5
...
am: b329558180
2019-03-13 08:30:00 -07:00
