tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
34045 commits 1 branch 0 tags 50 MiB
Commit graph

590 commits

Author SHA1 Message Date
Daniel Norman
7fdcce2f15 Merge "Revert "Revert "Adds a new prop context for choosing between mul..."" am: 0dd5118c74 am: a8570d7e9c am: 8d50c9d1a9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1894203

Change-Id: I7291a7bf46690584bba8a0963399423e51947eee
 2021-11-17 21:48:20 +00:00
Daniel Norman
0dd5118c74 Merge "Revert "Revert "Adds a new prop context for choosing between mul..."" 2021-11-17 21:24:28 +00:00
Daniel Norman
2f8ce0d9c1 Revert "Revert "Adds a new prop context for choosing between mul..." 
Revert "Revert "Adds multi_install_skip_symbol_files field (defa..."

Revert submission 1893459-revert-1869814-vapex-multi-config-VKODFOVCWY

Reason for revert: Fix-forward in https://r.android.com/1894088
Reverted Changes:
I087bfe0dc:Revert "Adds a new prop context for choosing betwe...
I27a498506:Revert "Load persist props before starting apexd."...
Ib5344edc0:Revert "Allow users to choose between multi-instal...
If09bf590e:Revert "Adds multi_install_skip_symbol_files field...
I905dac14c:Revert "Demonstrate multi-installed APEXes."

Change-Id: I03fb124d4e7044f236539a132816fd96cb814775
 2021-11-16 20:28:29 +00:00
Treehugger Robot
edf285ba5a Merge "Add camera.disable_preview_scheduler property" am: a594876cfe am: 1b4714c8e8 am: 1d36f66a48 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1887227

Change-Id: I1141daf446b8205621adb8d8e92a33c8b5850b5f
 2021-11-16 15:55:54 +00:00
Owen Kim
29e1bf186a Merge "Revert "Adds a new prop context for choosing between multi-insta..."" am: 95d7aaa339 am: a6bd8d83f0 am: 755dee1782 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1893458

Change-Id: I49c519594590927e560fc3cdf5b0f0e2e397cd0f
 2021-11-16 09:34:00 +00:00
Owen Kim
95d7aaa339 Merge "Revert "Adds a new prop context for choosing between multi-insta..."" 2021-11-16 08:39:27 +00:00
Owen Kim
780cd02d52 Revert "Adds a new prop context for choosing between multi-insta..." 
Revert "Adds multi_install_skip_symbol_files field (default fals..."

Revert submission 1869814-vapex-multi-config

Bug: 206551398
Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.googleplex.com/builds/tests/view?invocationId=I55600009996329947&testResultId=TR93527797572038984, bug b/206551398
Reverted Changes:
I0cd9d748d:Adds multi_install_skip_symbol_files field (defaul...
I5912a18e3:Demonstrate multi-installed APEXes.
I0e6881e3a:Load persist props before starting apexd.
I932442ade:Adds a new prop context for choosing between multi...
I754ecc3f7:Allow users to choose between multi-installed vend...

Change-Id: I087bfe0dcf8d6ab38d861b82196bac4e9147e8e6
 2021-11-16 07:08:15 +00:00
Daniel Norman
bdb51edfe3 Merge "Adds a new prop context for choosing between multi-installed APEXes." am: 8e276eae6b am: d6746bd67a am: bee9f24f08 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1869814

Change-Id: I65f054653bd0337cd9f3348b9a160c19315ce4a2
 2021-11-16 01:31:11 +00:00
Daniel Norman
8e276eae6b Merge "Adds a new prop context for choosing between multi-installed APEXes." 2021-11-16 00:45:32 +00:00
Daniel Norman
6b0049dcf0 Adds a new prop context for choosing between multi-installed APEXes. 
Bug: 199290365
Test: see https://r.android.com/1872018
Change-Id: I932442adefc7ad10d7cd81e61e95efd41f8cf379
 2021-11-11 19:11:11 +00:00
Shuzhen Wang
73be025636 Add camera.disable_preview_scheduler property 
Test: Build and boot
Bug: 200306379
Change-Id: I7d0b40de33a2d19c88322eacefe9d7342d55a6f4
 2021-11-10 12:22:57 -08:00
Yabin Cui
9119543a23 Merge "Add persist properties for app profiling itself." am: c1a51d1400 am: 4d053aa5b6 am: eb0ea30ebb am: 76bc699869 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1877597

Change-Id: I1cbf9ece16af9306a5f581db8005d841c1031284
 2021-11-02 20:19:33 +00:00
Yabin Cui
ee7f40a2a2 Add persist properties for app profiling itself. 
Bug: 204601121
Test: build and boot.
Change-Id: If731c77dd6f2b587178b4f6b8a908df2d96e5d9a
 2021-11-01 16:42:08 -07:00
Treehugger Robot
ae198a288a Merge "Add the property context for ro.lmk.use_minfree_levels" am: b754ebe4d9 am: 4b144d6a21 am: f4abed157b am: a718092cd3 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1871573

Change-Id: I66ade200fbbc916629e18e6bceef1ae0e22773e3
 2021-10-28 01:33:02 +00:00
Robin Lee
0b0dd684e7 Add the property context for ro.lmk.use_minfree_levels 
This is not settable by vendor init at the moment, which appears to be a mistake
because it is often used as a board-level configuration.

Change-Id: I7a49d55712e9606446b3e6307627a208657d5da2
Test: adb shell getprop -Z | grep lmk
Bug: 184041905
 2021-10-27 13:17:54 +00:00
Bowgo Tsai
7a7e88bddc Set context for partition.odm.verified[.*] properties. am: ef1f630c69 am: b986f376ce am: 44d3ea4ae9 am: 992f7fbe90 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1864479

Change-Id: I1107a7515d4db25a25f4537053700a88c177c8f9
 2021-10-21 11:22:34 +00:00
Bowgo Tsai
ef1f630c69 Set context for partition.odm.verified[.*] properties. 
Some devices might have the ODM partition so set those properties
as well.

Bug: 203720638
Test: Presubmit
Change-Id: I50ee65e21c471f0691f4c1dfc93be8eb1677ad1b
 2021-10-21 16:38:06 +08:00
Ian Hua
dd33b990cd Update sepolicy for adding nnapi_native namespace. am: 91d153e9b5 am: 45d71cd3fc am: 46d20eaa3a am: 8b42e1fa31 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1844919

Change-Id: I3b28582f6063322f21fc4c3163e3bc365f6b8dae
 2021-10-12 16:45:33 +00:00
Ian Hua
91d153e9b5 Update sepolicy for adding nnapi_native namespace. 
Test: mm
Bug: 201399117
Change-Id: I40a2431b6f5a54deae27fe68f503aff9b99e2793
 2021-10-12 11:50:26 +01:00
Andrew Scull
9e242fb119 Allow vendor_init to read AVF device configs am: aedd65ac20 am: 6b6f64b021 am: 9ae672976a am: d1cf781917 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1849821

Change-Id: Icb3e737ac7fd6bb61b8fbf8ddbf2f66ac07f1cd1
 2021-10-08 21:20:05 +00:00
Andrew Scull
aedd65ac20 Allow vendor_init to read AVF device configs 
Bug: 192819132
Test: build
Change-Id: Iefa4d2d2dc0a13a9a6c95779d6ebde5cb2834295
 2021-10-08 14:51:30 +00:00
Treehugger Robot
52262b0f2a Merge "Add media.resolution.limit.32bit to media_config_prop" am: a257817b5d am: 21dac7a746 am: 52046c257f am: 7175ca9712 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1840355

Change-Id: Icd8abb865cae9378e0478d34c107ca843bcb3ab9
 2021-10-05 23:25:03 +00:00
Treehugger Robot
21dac7a746 Merge "Add media.resolution.limit.32bit to media_config_prop" am: a257817b5d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1840355

Change-Id: Icd70009f62d023fb68bb1355f804f9489362c0ed
 2021-10-05 17:33:32 +00:00
Treehugger Robot
a257817b5d Merge "Add media.resolution.limit.32bit to media_config_prop" 2021-10-05 17:13:35 +00:00
Enrico Granata
1eb92d8726 Merge "Introduce ro.boot.hypervisor properties" am: dd35626853 am: 393ebdda04 am: 73aa6e0429 am: 69c4be40af 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1843773

Change-Id: I4f2a3af3d2f4929658db44a980f65b55edf99236
 2021-10-04 20:01:03 +00:00
Enrico Granata
393ebdda04 Merge "Introduce ro.boot.hypervisor properties" am: dd35626853 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1843773

Change-Id: I4ff9a7c008590a5ca17987aac95c5afab441f392
 2021-10-04 19:20:47 +00:00
Enrico Granata
dd35626853 Merge "Introduce ro.boot.hypervisor properties" 2021-10-04 19:10:28 +00:00
Enrico Granata
645c390d1a Introduce ro.boot.hypervisor properties 
In virtualized deployments of Android, it can be useful to have
access to a description of the hypervisor/host environment being
used to run the guest OS instance.

This is represented by means of a new system property
ro.boot.hypervisor.version, which is meant to convey a
free-form descriptor of the current host/hypervisor version

The property is meant to be provided to Android as androidboot.
by whatever host-specific means are used to supply other boot
properties to the target Android instance. Access could be later
opened to other vendor processes to set if needed for specific
setups where init is not a sufficiently-early stage for
host/guest communication. Such setups are not known at this time.

For a native Android incantation, the property defaults to
being missing

Other properties could later be added to this same namespace
and context if they turn out to be useful in specific scenarios.

Bug: 178749018
Test: build cuttlefish
Change-Id: Id721c14ef1958b525c2866a660dcae8fd176a79d
 2021-10-04 11:14:03 -06:00
Beth Thibodeau
79485f5e45 Merge "make ril.cdma.inecmmode system property internal so that it cannot reveal a system api that requires READ_PRIVILEGED_PHONE_STATE" 2021-10-01 22:58:31 +00:00
Nazanin
b373dd0df2 make ril.cdma.inecmmode system property internal 
so that it cannot reveal a system api that requires
READ_PRIVILEGED_PHONE_STATE

Bug: 183410189
Bug: 197722115
Test: adb shell getprop -Z
Change-Id: I65f4121fc300447af7d516676166bc8b0b53b727
Merged-In: I65f4121fc300447af7d516676166bc8b0b53b727
 2021-10-01 21:36:49 +00:00
Justin Yun
d204e3ff22 Define ro.vendor.api_level am: 785bb7a815 am: 7ad553f5d5 am: 325090e08d am: ac268263ff 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1839637

Change-Id: Ie30064889141e1fb314e7702f1a679a69e403cde
 2021-10-01 04:09:42 +00:00
Justin Yun
7ad553f5d5 Define ro.vendor.api_level am: 785bb7a815 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1839637

Change-Id: I4dbca94dc1f04fac3fdbfd5b69ebd7621e6af93c
 2021-10-01 03:32:50 +00:00
Wonsik Kim
f648327a97 Add media.resolution.limit.32bit to media_config_prop 
Bug: 194771349
Test: cts/media/device-small
Change-Id: I79cb1580604780e8829844cba2502d2196d93f27
 2021-09-30 00:44:58 -07:00
Justin Yun
785bb7a815 Define ro.vendor.api_level 
ro.vendor.api_level will have the api_level that the vendor images
are required to implement based on the various api level properties.

Bug: 200258600
Test: getprop ro.vendor.api_level
Change-Id: Ie4f71ef920f03bdbc0a904936c26f092429fcd7f
 2021-09-29 15:34:19 +09:00
Jiakai Zhang
cfd5f04013 Merge "Remove dalvik.vm.dex2oat-updatable-bcp-packages-file from sepolicy." am: b9443cc3fa am: 20c36de280 am: c90712bb7b am: 8eb0687e1b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1832481

Change-Id: I127d93c5a721f3b02c254979ce001a1c08a876a0
 2021-09-27 12:43:58 +00:00
Jiakai Zhang
20c36de280 Merge "Remove dalvik.vm.dex2oat-updatable-bcp-packages-file from sepolicy." am: b9443cc3fa 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1832481

Change-Id: Idebce55dcf5f6cfe2c7a6eb5e695c9bf4b7018ed
 2021-09-27 11:55:00 +00:00
Jiakai Zhang
e0f7873436 Remove dalvik.vm.dex2oat-updatable-bcp-packages-file from sepolicy. 
This system properly is no longer needed.

Bug: 200241946
Test: Presubmits
Change-Id: I82258d7ccf125fd30655873a1b15582654dafac3
 2021-09-27 09:15:17 +00:00
Jean-Michel Trivi
27871845ab Spatial audio: add property for spatializer effect am: 2abed0062f 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/15883632

Change-Id: Ib46c6571acb05c922fd7dad83d77be8ce5080cd5
 2021-09-22 08:13:06 +00:00
Jean-Michel Trivi
2abed0062f Spatial audio: add property for spatializer effect 
Ignore-AOSP-First: confidential feature

Add a property to be read by system_server's AudioService that
indicates whether a spatializer effect is available on the device.
If true, spatialization functionality will be initialized.

Bug: 188502620
Test: adb shell dumpsys audio | grep -A 4 Spatial
Change-Id: I759e2fb32087b6e8e2a578b6ec804fb7c4f1d4f1
 2021-09-21 23:16:11 -07:00
Jiyong Park
a0bac44805 Add virtualizationservice.state.last_cid am: b804de2943 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1827500

Change-Id: I007226b8d1a64f162f65bf49eb929b7dc7ed1658
 2021-09-17 09:14:09 +00:00
Jiyong Park
b804de2943 Add virtualizationservice.state.last_cid 
It is a system property that keeps the last CID used by the
virtualizationservice. Although the information is local to the
process, a new system property is justified because the information has
to be kept across multiple runs of the process. A file however is not
desirable because the information shouldn't be persisted.

Bug: 196015427
Test: atest MicrodroidHostTestCases
Change-Id: If8ca4b6ad8d9c8cb3bb33dc9ef45de0ae6481d15
 2021-09-17 09:35:58 +09:00
Suren Baghdasaryan
0e0d0ad652 sepolicy updates for adding native flag namespace for lmkd 
sepolicy updates for running lmkd experiments.

Bug: 194316048
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I21df3b76cce925639385111bd23adf419f026a65
Merged-In: I21df3b76cce925639385111bd23adf419f026a65
 2021-09-08 21:12:09 +00:00
Tianjie Xu
60587b5246 Merge "Set context for partition.*.verified.root_digest properties." am: e4623f3219 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1814306

Change-Id: Ifeafda46ef76a11118efa5b0094fc5453331d384
 2021-09-01 17:59:03 +00:00
TreeHugger Robot
842d75a7e6 Merge "Revert "Reland: Add ro.vendor.build.dont_use_vabc to property_contexts"" into sc-dev 2021-08-31 17:22:23 +00:00
Tianjie
ade005f8dd Set context for partition.*.verified.root_digest properties. 
This is requested by the partner engineer team to uniquely identify
a partition.

Bug: 197973981
Test: boot the device
Change-Id: Id0393698d730391eb8e438e424e527451f54d4ea
 2021-08-30 17:13:51 -07:00
Kelvin Zhang
e52b7716cb Revert "Reland: Add ro.vendor.build.dont_use_vabc to property_contexts" 
This reverts commit 2e7abeb570.

Reason for revert: b/197917451

Bug: 197917451

Change-Id: I570fe494976b3676074a9b8794859db75b827120
 2021-08-30 16:26:48 +00:00
Treehugger Robot
28515dd083 Merge "sepolicy: Add new crypto type ro.crypto.type=managed" am: aedbe31acb 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1802147

Change-Id: I0e8e1faed5cc0cb92a4cae6debeb6d67a7430049
 2021-08-26 04:51:40 +00:00
Treehugger Robot
aedbe31acb Merge "sepolicy: Add new crypto type ro.crypto.type=managed" 2021-08-26 04:37:37 +00:00
Satoshi Niwa
dd9d2871d8 sepolicy: Add new crypto type ro.crypto.type=managed 
This type is used when device encryption is managed by the host system.
(e.g. ARC++)
Please see b/136127632#comment10 for the reason why we introduce this.

Bug: 169207445
Test: m
Change-Id: I8c4eaa57389e591b2c520b59bb95408d43daf22c
 2021-08-25 10:40:57 +09:00
Paul Crowley
f87e5bafb5 Merge "Revert^2 "Allow vold to deleteAllKeys in Keystore"" into sc-dev 2021-08-13 02:33:43 +00:00