tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
47880 commits 1 branch 0 tags 50 MiB
Commit graph

47880 commits

This branch
This branch
All branches
Author SHA1 Message Date
Treehugger Robot
64a23c81f3 Merge "add compaction_proactiveness type" into main 2024-04-10 23:24:33 +00:00
Ted Bauer
6dc4160bc5 Merge "Let system server set permissions on marker file" into main am: ba5998d7a2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3025525

Change-Id: I53485c292d2118b625bf73ea3affd06ab3467d64
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-10 21:24:12 +00:00
Ted Bauer
ba5998d7a2 Merge "Let system server set permissions on marker file" into main 2024-04-10 21:16:43 +00:00
Song Chun Fan
840041d5d2 Revert "Add pm.archiving.enabled system property" 
This reverts commit 32ab868eac.

Reason for revert: no longer needed

Change-Id: I2ce46773503d39f843038fca3bb8527eb5bb53eb
BUG: 331165939
 2024-04-10 17:39:43 +00:00
Ted Bauer
86405531d5 Let system server set permissions on marker file 
System server needs to create a file in /metadata/aconfig, and set its
permissions.

Bug: 328444881
Test: m
Change-Id: I30aa576e46d8963e78ff21ad328160a99bd5d523
 2024-04-10 15:26:01 +00:00
Martin Liu
f7396914b0 add compaction_proactiveness type 
Bug: 332916849
Test: boot
Change-Id: I41c0da22ed5ad738c75fb00e2ac8a22c35dff2d3
Signed-off-by: Martin Liu <liumartin@google.com>
 2024-04-10 13:48:15 +00:00
Vikram Gaur
283a790759 Merge "Add remote_provisioning.connect_timeout_millis as sysprop" into main am: d51e54db82 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3020727

Change-Id: I57e6db3ea5c1d066fab1bf83fd77ca07eb9e40cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-10 00:12:48 +00:00
Vikram Gaur
d51e54db82 Merge "Add remote_provisioning.connect_timeout_millis as sysprop" into main 2024-04-09 23:55:00 +00:00
Vikram Gaur
3999879dde Add remote_provisioning.connect_timeout_millis as sysprop 
Allow some services to control connection_timeout for testing purposes.

Test: atest RkpdAppUnitTests
Change-Id: Id70ed60c4f67e8f7910870a0b28a2b409fe97f62
 2024-04-09 22:20:48 +00:00
Treehugger Robot
adda6cf543 Merge "Introduce vmlauncher_app domain" into main am: 5752116370 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3031325

Change-Id: I04c698bb0f40546c00e50222b41e0fef75d3f2a9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-09 14:23:49 +00:00
Treehugger Robot
5752116370 Merge "Introduce vmlauncher_app domain" into main 2024-04-09 14:04:38 +00:00
Jeongik Cha
77a3ca6b4c Introduce vmlauncher_app domain 
Bug: 333485208
Test: check display
Change-Id: I64c09f09615e89cf24398c01b8f87b0136be0a7f
 2024-04-09 22:01:06 +09:00
Treehugger Robot
1ad6056584 Merge "Fix docs in seapp_contexts to point to right file" into main am: 015384b110 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3031726

Change-Id: I8e11706365608410bc0206d5f09ac927397aee29
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-09 08:23:49 +00:00
Treehugger Robot
015384b110 Merge "Fix docs in seapp_contexts to point to right file" into main 2024-04-09 07:53:17 +00:00
Nikolay Elenkov
5eb5e47827 Merge "Allow system_server to call ISecretKeeper.deleteAll()" into main am: c9d42b5533 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3009933

Change-Id: Ic04b9832911015d578e37a304ef5a2e19d7ef927
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-09 02:11:32 +00:00
Nikolay Elenkov
c9d42b5533 Merge "Allow system_server to call ISecretKeeper.deleteAll()" into main 2024-04-09 01:59:35 +00:00
Ellen Arteca
3315a90858 Fix docs in seapp_contexts to point to right file 
Fixes a typo in the docs of seapp_contexts: previously they
referenced the wrong file for the order in which input selectors
are compared.

Change-Id: I5e7ca126cdc8b557d5e590eb863bdf4300ec1a18
 2024-04-09 01:32:41 +00:00
Nikita Ioffe
7949bcab3c Merge "Add sepolicy rules for microdroid_resources_file" into main am: 5cc6dff1d8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3002036

Change-Id: I84b2e556cb4947ddc00c973af08ed83e507f6151
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-08 11:24:31 +00:00
Nikita Ioffe
5cc6dff1d8 Merge "Add sepolicy rules for microdroid_resources_file" into main 2024-04-08 11:20:39 +00:00
Treehugger Robot
5f0743b1df Merge "Remove sepolicy for viewcompiler" into main am: bc71c77f94 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2794724

Change-Id: I84734ff504fa289704ac31c3dd898bf17708e520
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-06 00:38:51 +00:00
Treehugger Robot
bc71c77f94 Merge "Remove sepolicy for viewcompiler" into main 2024-04-06 00:14:25 +00:00
Treehugger Robot
755584f003 Merge "Install cil_compat_map module's output" into main am: 1c6d3054bb 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3029284

Change-Id: I42c3d42e25355706b44c5a53eafe7f76f420e8e2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-05 16:36:10 +00:00
Treehugger Robot
1c6d3054bb Merge "Install cil_compat_map module's output" into main 2024-04-05 16:22:17 +00:00
Inseob Kim
a9d412d373 Install cil_compat_map module's output 
... so it can be packaged as PackagingSpecs

Bug: 329208946
Test: m aosp_cf_system_x86_64
Change-Id: I6298a3e99e74c38befb3a3565e4c638e1558114d
 2024-04-05 23:45:23 +09:00
Suren Baghdasaryan
97e01157f6 Merge "lmkd: Add ro.lmkd.swap_compression_ratio property policies" into main am: dcd387eedb 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3015099

Change-Id: I7f024811ee901c1721af4a1d13873823d318bc29
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-05 05:05:02 +00:00
Suren Baghdasaryan
dcd387eedb Merge "lmkd: Add ro.lmkd.swap_compression_ratio property policies" into main 2024-04-05 04:38:11 +00:00
Jeongik Cha
ec30d892f6 Merge "Sepolicy for crosvm to show display" into main am: bc287fb76a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3016811

Change-Id: Id224061409a141f8c77734a4726190bb9a6bcaaf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-05 03:54:19 +00:00
Jeongik Cha
bc287fb76a Merge "Sepolicy for crosvm to show display" into main 2024-04-05 03:31:18 +00:00
Suren Baghdasaryan
5a528b4e93 lmkd: Add ro.lmkd.swap_compression_ratio property policies 
Add policies to control ro.lmkd.swap_compression_ratio lmkd property.

Test: m
Bug: 285854307
Bug: 327561101
Change-Id: I68eccd2a5a0198248c2c9703f0d1b3bf685aa543
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
 2024-04-04 23:27:17 +00:00
Jared Duke
abf12e1e9b Remove sepolicy for viewcompiler 
This tool has been removed, so remove the associated sepolicy config.

Bug: 158121974
Test: m
Change-Id: I7fe3a731fe5680d192bae640b6fc3ccdacbc60d3
 2024-04-04 23:23:10 +00:00
Steven Terrell
4e757ba586 Merge "Changes to allow trace redactor to run" into main am: 996a899051 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3020231

Change-Id: I126a7272bbac9dc0a8b294d52f6824eccd54f1f6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-04 15:23:21 +00:00
Steven Terrell
996a899051 Merge "Changes to allow trace redactor to run" into main 2024-04-04 15:08:37 +00:00
Nikita Ioffe
f1d47f78d2 Add sepolicy rules for microdroid_resources_file 
Bug: 287593065
Test: run microdroid with vendor VM
Test: builds
Change-Id: I8c8fe90a0ed14d6af430206fe947a0f4ce4f68e5
 2024-04-04 13:05:34 +00:00
Jeongik Cha
f09f43c4fd Sepolicy for crosvm to show display 
They are under RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES

Bug: 331708504
Test: check if the display shows
Change-Id: I06859493c995e384e1f30554a6a12b9cd3636f30
 2024-04-04 16:52:33 +09:00
Steven Terrell
c5401edfb4 Changes to allow trace redactor to run 
Updates to allow profiling module to run new trace_redactor binary.
Allow the trace_redactor binary to read the input trace file and write
the output file.

Bug: 327423523
Test: build/flash and
      atest CtsProfilingModuleTests#testRequestSystemTraceSuccess
Change-Id: Id6684d8a9891e9ed42fe115066e41a89a7e8a097
 2024-04-03 23:35:36 +00:00
Devin Moore
7b18caffc3 Merge "Allow system_server to read binderfs state file" into main am: dfc018f886 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2940865

Change-Id: Ie260c9dc0679f7843733cd3e627fd7b8dcc37ac9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-02 22:22:24 +00:00
Devin Moore
dfc018f886 Merge "Allow system_server to read binderfs state file" into main 2024-04-02 22:04:34 +00:00
Inseob Kim
8be48d0175 Fix treble sepolicy tests and combine_maps script am: b30e2f05f7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3019087

Change-Id: I5fe8fe5751e20423b89057e6749828fc37f6f6e2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-29 13:17:53 +00:00
Inseob Kim
b30e2f05f7 Fix treble sepolicy tests and combine_maps script 
* Since vFRC there are no more minor version, so combine_maps.py is
  fixed to correctly handle both vFRC version and prior V.v version.

* treble_sepolicy_tests_for_release.mk uses incorrect variable
  SYSTEM_EXT_PREBUILT_POLICY and PRODUCT_PREBUILT_POLICY, so fixing
  them.

Bug: 331866470
Test: m selinux_policy
Change-Id: I7a3ab7cf3abf2155c1998e1972adee1202af8dff
 2024-03-29 17:31:51 +09:00
Devin Moore
9645657201 Allow system_server to read binderfs state file 
This is for more information on binder threads during ANRs.

Test: adb shell am hang
Bug: 316970771
Change-Id: I905c8b605540aabb7463cb0e1b3a9a8b07f8d5cb
 2024-03-29 00:30:19 +00:00
Treehugger Robot
2facbf937a Merge "Minimize microdroid public policy" into main am: 7b6ce3bf13 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3016458

Change-Id: I0e73c5e743afeaabdc758b6fc9b6461ad45c63a0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-28 08:05:44 +00:00
Treehugger Robot
7b6ce3bf13 Merge "Minimize microdroid public policy" into main 2024-03-28 07:47:50 +00:00
Treehugger Robot
46a7263ae6 Merge "Add "DO NOT ADD statements" comments to public" into main am: f02575f27f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3016798

Change-Id: I23357274ce5a9f056563279c4d37addbb6b6c5ac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-28 06:44:30 +00:00
Inseob Kim
9bad60cb1f Minimize microdroid public policy 
Like core sepolicy.

Bug: 232023812
Test: atest MicrodroidHostTests MicrodroidTests
Change-Id: I704f8da4656d3bacf327792a2445d15aba8ecf2a
 2024-03-28 15:23:18 +09:00
Treehugger Robot
f02575f27f Merge "Add "DO NOT ADD statements" comments to public" into main 2024-03-28 06:22:32 +00:00
Treehugger Robot
587ea974bd Merge "Make enable_16k_pages_prop readable by vendor" into main am: 350ddbb9dc 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3017680

Change-Id: Ie74f090da7da360f9dca553fdc6e10115a3c20a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-28 03:40:48 +00:00
Treehugger Robot
350ddbb9dc Merge "Make enable_16k_pages_prop readable by vendor" into main 2024-03-28 03:26:30 +00:00
Inseob Kim
09b27c7109 Add "DO NOT ADD statements" comments to public 
For visibility

Bug: 232023812
Test: N/A
Change-Id: I0bc6dc568210b81ba1f52acb18afd4bcc454ea1c
 2024-03-28 11:27:43 +09:00
Inseob Kim
4dd91f965f Merge "Minimize public policy" into main am: 5769fd90f2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3015034

Change-Id: I92bc74ac3bf97e500bcaa81220955f0ea4d0a451
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-28 01:25:59 +00:00
Inseob Kim
5769fd90f2 Merge "Minimize public policy" into main 2024-03-28 01:14:45 +00:00