tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
41306 commits 1 branch 0 tags 50 MiB
Commit graph

41306 commits

This branch
This branch
All branches
Author SHA1 Message Date
Andy Hung
789c2937a5 sepolicy: Add spatial audio tuning properties. am: 574369e474 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/22241161

Change-Id: I00a6e7937068ee8a3006223ba6d320c90a73321e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 04:22:53 +00:00
Andy Hung
19a6c09576 [automerger skipped] Merge "sepolicy: Add spatial audio configuration properties" am: 2e206f8cc9 am: ea5100f1ad -s ours 
am skip reason: Merged-In I190644e88a520cf13ee2b56066d5afd258460b9e with SHA-1 3b7b6c3b30 is already in history

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2501016

Change-Id: Ib913959a4c3ed95e2e689dce8bb5c7c28493caf8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 01:40:18 +00:00
Andy Hung
ea5100f1ad Merge "sepolicy: Add spatial audio configuration properties" am: 2e206f8cc9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2501016

Change-Id: I61805a44c4f3d91d7921c8d48617915f498247fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 01:16:44 +00:00
Andy Hung
574369e474 sepolicy: Add spatial audio tuning properties. 
audio.spatializer.pose_predictor_type
audio.spatializer.prediction_duration_ms

Ignore-AOSP-First: will land in AOSP later.
Test: compiles
Test: adb shell setprop with invalid enum fails.
Bug: 274849680
Change-Id: Ie7e656acbdd3fe101ecbd2cc9dfb6c8a440a6a8b
 2023-03-23 18:01:42 -07:00
Andy Hung
2e206f8cc9 Merge "sepolicy: Add spatial audio configuration properties" 2023-03-24 00:41:02 +00:00
Satoshi Niwa
dcbde45b66 sepolicy: Add apex/com.android.tethering.inprocess-file_contexts am: 80cd0acd64 am: 6fa337fef5 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2504898

Change-Id: I299e97e89c38500e6804589e50c57045443e1fea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 08:03:53 +00:00
Satoshi Niwa
6fa337fef5 sepolicy: Add apex/com.android.tethering.inprocess-file_contexts am: 80cd0acd64 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2504898

Change-Id: I285ec1c77b57652e4ae18b12a93e90000362b21c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 07:27:20 +00:00
Satoshi Niwa
80cd0acd64 sepolicy: Add apex/com.android.tethering.inprocess-file_contexts 
Needed when using com.android.tethering.inprocess with
flattened APEX.

Bug: 273821347
Test: trybot
Change-Id: Iae6d9547922575398c634433dc07b2e46fbffd8e
 2023-03-23 12:43:48 +09:00
Charles Chen
c038c59be9 Merge "Compliance test added for isolated_app_all" am: 3e86cee7c4 am: 3503d2ade9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2491881

Change-Id: I2a83d707a87dc78cb9b761ee000db729f87b9c66
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 23:39:33 +00:00
Charles Chen
3503d2ade9 Merge "Compliance test added for isolated_app_all" am: 3e86cee7c4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2491881

Change-Id: I9278d595f044acf390aea9b3f9bc8cdf835e8239
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 22:40:19 +00:00
Charles Chen
3e86cee7c4 Merge "Compliance test added for isolated_app_all" 2023-03-22 21:55:49 +00:00
Charles Chen
dc184e9aed Compliance test added for isolated_app_all 
Compliance test is added to analyzes all members of isolated_app_all
and only allows them to have specific differences. Currently only
certain targets and classes are permitted based on the usecase of such
member classses. The list could be expanded based on future requirement
of more functionality yet the change won't be huge to ensure the
properties of sandbox.

Bug: 255597123
Test: m && presubmit
Change-Id: Id579223c585759ab5f6fbd531583d002eb2b14a5
 2023-03-22 20:14:11 +00:00
Devin Moore
caabc471f4 Merge "Allow dumpstate to dump /proc/bootconfig" am: 9a3f429b00 am: db5b68a58e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2498305

Change-Id: Id31e8f6410f3f41aa30bfe6ba7625fac3469c347
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 17:48:30 +00:00
Devin Moore
db5b68a58e Merge "Allow dumpstate to dump /proc/bootconfig" am: 9a3f429b00 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2498305

Change-Id: I3a0a5089a45b972b34698c8fa212b37078b2bee2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 17:04:47 +00:00
Devin Moore
9a3f429b00 Merge "Allow dumpstate to dump /proc/bootconfig" 2023-03-22 16:11:44 +00:00
Andy Hung
64a1d36e3d Merge "sepolicy: Add spatial audio configuration properties" into tm-qpr-dev am: 816d7372d3 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/22142639

Change-Id: I0f164623b16f992ca90a10c07d86781934b29775
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 12:55:52 +00:00
Thiébaud Weksteen
141b573253 Merge "Remove netd entries in bug_map" am: a5f87e47b6 am: f035715cfd 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2498219

Change-Id: I7ad738767924840b12866e181562e8cc8eac5126
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 09:17:18 +00:00
Thiébaud Weksteen
f035715cfd Merge "Remove netd entries in bug_map" am: a5f87e47b6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2498219

Change-Id: Iceb48f2fd1ba612039e1f105b2ebf0fcf436f54d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 08:42:41 +00:00
Thiébaud Weksteen
a5f87e47b6 Merge "Remove netd entries in bug_map" 2023-03-22 08:04:46 +00:00
Thiébaud Weksteen
3eaa53e552 Remove netd entries in bug_map 
These have been replaced with a dontaudit rule in netd.te in
commit e49acfa.

Bug: 77870037
Test: TH
Change-Id: I1fc9996141419ec3a6194f97c4c42062cbeb4754
 2023-03-22 10:02:37 +11:00
Andy Hung
03c348df74 sepolicy: Add spatial audio configuration properties 
Controls default enable or disable for binaural and transaural.

Test: see bug
Bug: 270980127
Merged-In: I190644e88a520cf13ee2b56066d5afd258460b9e
Change-Id: I190644e88a520cf13ee2b56066d5afd258460b9e
 2023-03-21 15:08:27 -07:00
Shikha Panwar
71e6ad2e2b Merge "Microdroid sepolicy changes to handle crash export" am: 9d34facd25 am: 5517c11a15 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422867

Change-Id: I23cdd6a88b3b7d579adbf421e6ddf8743ca37786
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 18:50:08 +00:00
Shikha Panwar
5517c11a15 Merge "Microdroid sepolicy changes to handle crash export" am: 9d34facd25 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422867

Change-Id: I758d1fe5523d0b8af3c0db3eb4cd35867c4722a0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 18:26:25 +00:00
Shikha Panwar
9d34facd25 Merge "Microdroid sepolicy changes to handle crash export" 2023-03-21 18:14:12 +00:00
Devin Moore
5b38a8187b Merge changes I4128f428,I8c796dfe am: ce04629db7 am: 99c0909aae 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2494537

Change-Id: Iefc2d4bdc9160c349d8a5c68c73e894d5ad25f8d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 18:04:03 +00:00
Andy Hung
816d7372d3 Merge "sepolicy: Add spatial audio configuration properties" into tm-qpr-dev 2023-03-21 17:53:50 +00:00
Devin Moore
99c0909aae Merge changes I4128f428,I8c796dfe am: ce04629db7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2494537

Change-Id: I8cde9bb11b8c01f6a187e2dbc8efc3bae24f91fc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 16:49:07 +00:00
Devin Moore
19bc295bb1 Allow dumpstate to dump /proc/bootconfig 
Test: adb shell dumpstate
Bug: 274528501
Change-Id: I0a4663a742e82d571811cb3fa9c15b8baaeeb847
 2023-03-21 16:27:13 +00:00
Devin Moore
ce04629db7 Merge changes I4128f428,I8c796dfe 
* changes:
  Add permissions for dumpstate to dump more hals
  Give dumpstate permissions to dump the sensor HAL
 2023-03-21 16:05:54 +00:00
David Drysdale
6777609a64 Merge "Don't emit audit logs for dumpstate->keystore" am: 4199df3d48 am: 86305146a1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2495878

Change-Id: I2d82b5b2e5c7724b728307ad26dac2df4be25861
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 13:33:09 +00:00
David Drysdale
86305146a1 Merge "Don't emit audit logs for dumpstate->keystore" am: 4199df3d48 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2495878

Change-Id: I9e11ab351b06c0330da1afd33dda6e789edfa991
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 12:56:47 +00:00
David Drysdale
4199df3d48 Merge "Don't emit audit logs for dumpstate->keystore" 2023-03-21 11:54:58 +00:00
David Drysdale
e1075f7c0c Don't emit audit logs for dumpstate->keystore 
aosp/1696825 added the ability for dumpstate to signal Keystore on
debuggable builds, but this means that there will be an audit denial
message on non-debuggable builds.  Suppress this, in particular so that
the test mentioned below can pass on -user builds.

Bug: 269672964
Test: CtsSecurityHostTestCases:android.security.cts.SELinuxHostTest#testNoBugreportDenial
Change-Id: I68a41f6b94d615f80e4d1490ec4159436693dce2
 2023-03-21 09:16:47 +00:00
Ioannis Ilkos
865d0883ac Merge changes from topic "tm-qpr-oome-perfetto" into tm-qpr-dev am: 37883b47f8 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/21986580

Change-Id: I66f23e61f789b8a18f44f6a68af9f399e9d06be0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 11:02:24 +00:00
Ioannis Ilkos
59ff4cbc51 [automerger skipped] Fix incorrect domain used in system_server.te am: 900d221a1f -s ours 
am skip reason: Merged-In I78d5fa62a2e112d3bf363b8d96348a645ef4caaa with SHA-1 0e978ba9f1 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/21986579

Change-Id: I200e0aa430f6ef4272ba4f8a22eb5ce50da49b10
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 11:02:22 +00:00
Ioannis Ilkos
ad1c3e4200 Merge changes from topic "tm-qpr-syssrv-perfetto" into tm-qpr-dev am: a6494f6163 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/21986577

Change-Id: I37e9725ed27177234f34357ebacd27e1c648dfec
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 11:01:53 +00:00
Ryan Savitski
fce5dfad47 [automerger skipped] tm-qpr backport: allow perfetto profiling of system_server and sys/platform apps am: b2fecc3954 -s ours 
am skip reason: Merged-In I792ec1812d94b4fa9a8688ed74f2f62f6a7f33a6 with SHA-1 941ba723ba is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/21986575

Change-Id: I60f5522549eed817778718cc34a1d09226be25b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 11:01:48 +00:00
Ioannis Ilkos
37883b47f8 Merge changes from topic "tm-qpr-oome-perfetto" into tm-qpr-dev 
* changes:
  update api=33 sepolicy prebuilts for perfetto oome heap dumps
  Fix incorrect domain used in system_server.te
  Sysprop for the count of active OOME tracing sessions
 2023-03-20 10:35:12 +00:00
Ioannis Ilkos
a6494f6163 Merge changes from topic "tm-qpr-syssrv-perfetto" into tm-qpr-dev 
* changes:
  update api=33 sepolicy prebuilts for perfetto profiling of system_server and sys/platform apps
  tm-qpr backport: allow perfetto profiling of system_server and sys/platform apps
 2023-03-20 10:31:50 +00:00
Andy Hung
3b7b6c3b30 sepolicy: Add spatial audio configuration properties 
Controls default enable or disable for binaural and transaural.

Ignore-AOSP-First: will land in AOSP afterwards
Test: see bug
Bug: 270980127
Change-Id: I190644e88a520cf13ee2b56066d5afd258460b9e
 2023-03-17 14:58:36 -07:00
Tri Vo
ddc3df3035 Merge "Remove RemoteProvisioner and remoteprovisioning services" am: 0099ba37f3 am: 45734ff4a7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2488295

Change-Id: Iffabeb7cb8cdc23b53dc6cf42743e1da44c20554
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-17 18:26:13 +00:00
Tri Vo
45734ff4a7 Merge "Remove RemoteProvisioner and remoteprovisioning services" am: 0099ba37f3 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2488295

Change-Id: I2dc33e9abbce089d7333aefcd87705ec51756160
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-17 17:49:49 +00:00
Tri Vo
0099ba37f3 Merge "Remove RemoteProvisioner and remoteprovisioning services" 2023-03-17 17:18:01 +00:00
Alan Stokes
2ff7e61834 Merge "Add label for charger property" am: 533c29fe34 am: 5fed924d3c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2411334

Change-Id: I6ceb34cef286a430b85d14d159f98a5a7ed67700
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-17 15:19:33 +00:00
Alan Stokes
5fed924d3c Merge "Add label for charger property" am: 533c29fe34 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2411334

Change-Id: Ie7896d816dc27422457b45a8d75a998578af0874
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-17 14:43:01 +00:00
Alan Stokes
533c29fe34 Merge "Add label for charger property" 2023-03-17 14:04:28 +00:00
Nathan Huckleberry
7878f968fe Allow vold to use FS_IOC_GET_ENCRYPTION_KEY_STATUS am: 7bedb9d1a0 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/21649283

Change-Id: I553546da822bb3880b3b325382409f63f5e47b85
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-17 00:26:48 +00:00
Maciej Żenczykowski
6ce3db1f77 Merge "clatd.te - no longer need netlink" am: 47675624b5 am: f34d3cae4a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2492264

Change-Id: I837a42ac145d73b669d537677563e6847d3a054a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-17 00:25:36 +00:00
Maciej Żenczykowski
f34d3cae4a Merge "clatd.te - no longer need netlink" am: 47675624b5 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2492264

Change-Id: Idf645b7f8f1fc64c0e73b6204f87f750c4cb115f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 23:48:55 +00:00
Maciej Żenczykowski
47675624b5 Merge "clatd.te - no longer need netlink" 2023-03-16 23:18:42 +00:00