tequilaOS/platform_system_sepolicy

Fork 0

Commit graph

Author	SHA1	Message	Date
Inseob Kim	75806ef3c5	Minimize public policy Ideally, public should only contain APIs (types / attributes) for vendor. The other statements like allow/neverallow/typeattributes are regarded as implementation detail for platform and should be in private. Bug: 232023812 Test: m selinux_policy Test: diff <(git diff --staged \| grep "^-" \| cut -b2- \| sort) \ <(git diff --staged \| grep "^+" \| cut -b2- \| sort) Test: remove comments on plat_sepolicy.cil, replace base_typeattr_* to base_typeattr and then compare old and new plat_sepolicy.cil Change-Id: I5e7d2da4465ab0216de6bacdf03077d37f6ffe12	2024-03-28 00:33:46 +00:00
Suren Baghdasaryan	9fdb29826f	Add policies for ro.kernel.watermark_scale_factor property New ro.kernel.watermark_scale_factor property is used to store the original value read from /proc/sys/vm/watermark_scale_factor before extra_free_kbytes.sh changes it. The original value is necessary to use the same reference point in case the script is invoked multiple times. The property is set by init the first time script is invoked and should never be changed afterwards. Bug: 242837506 Signed-off-by: Suren Baghdasaryan <surenb@google.com> Change-Id: I7760484854a41394a2efda9445cff8cb61587514	2022-09-08 19:35:34 +00:00
Suren Baghdasaryan	6988677f22	Allow init to execute extra_free_kbytes.sh script extra_free_kbytes.sh is used by init to set /sys/vm/watermark_scale_factor value. Allow init to execute extra_free_kbytes.sh and the script to access /proc/sys/vm/watermark_scale_factor and /proc/sys/vm/extra_free_kbytes files. Bug: 109664768 Signed-off-by: Suren Baghdasaryan <surenb@google.com> Change-Id: I55ec07e12a1cc5322cfdd4a48d0bdc607f45d832	2021-08-17 17:02:38 +00:00

Author

SHA1

Message

Date

Inseob Kim

75806ef3c5

Minimize public policy

Ideally, public should only contain APIs (types / attributes) for
vendor. The other statements like allow/neverallow/typeattributes are
regarded as implementation detail for platform and should be in private.

Bug: 232023812
Test: m selinux_policy
Test: diff <(git diff --staged | grep "^-" | cut -b2- | sort) \
           <(git diff --staged | grep "^+" | cut -b2- | sort)
Test: remove comments on plat_sepolicy.cil, replace base_typeattr_*
      to base_typeattr and then compare old and new plat_sepolicy.cil
Change-Id: I5e7d2da4465ab0216de6bacdf03077d37f6ffe12

2024-03-28 00:33:46 +00:00

Suren Baghdasaryan

9fdb29826f

Add policies for ro.kernel.watermark_scale_factor property

New ro.kernel.watermark_scale_factor property is used to store the
original value read from /proc/sys/vm/watermark_scale_factor before
extra_free_kbytes.sh changes it. The original value is necessary to
use the same reference point in case the script is invoked multiple
times. The property is set by init the first time script is invoked
and should never be changed afterwards.

Bug: 242837506
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I7760484854a41394a2efda9445cff8cb61587514

2022-09-08 19:35:34 +00:00

Suren Baghdasaryan

6988677f22

Allow init to execute extra_free_kbytes.sh script

extra_free_kbytes.sh is used by init to set /sys/vm/watermark_scale_factor
value. Allow init to execute extra_free_kbytes.sh and the script to access
/proc/sys/vm/watermark_scale_factor and /proc/sys/vm/extra_free_kbytes
files.

Bug: 109664768
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I55ec07e12a1cc5322cfdd4a48d0bdc607f45d832

2021-08-17 17:02:38 +00:00

3 commits