tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
31386 commits 1 branch 0 tags 50 MiB
Commit graph

5 commits

Author SHA1 Message Date
Igor Murashkin
e39f8d23ed sepolicy: policies for iorap.inode2filename 
binary transitions are as follows:

iorapd (fork/exec) -> iorap.cmd.compiler (fork/exec) -> iorap.inode2filename

Bug: 117840092
Test: adb shell cmd jobscheduler run -f android 28367305
Change-Id: I4249fcd37d2c8cbdd0ae1a0505983cce9c7fa7c6
 2020-02-20 16:38:17 -08:00
Mathieu Chartier
7bc626ae42 Allow iorapd to access the runtime native boot feature flag properties 
Test: adb shell device_config put runtime_native_boot iorap_perfetto_enable true
Test: inspect lodcat to validate

Bug: 141377208
Change-Id: Iaef1197decff37512f107774ea0f0f09a4dcd72d
 2019-12-04 20:56:54 +00:00
Igor Murashkin
9f74a428c4 sepolicy: Add iorap_prefetcherd rules 
/system/bin/iorapd fork+execs into /system/bin/iorap_prefetcherd during
startup

See also go/android-iorap-security for the design doc

Bug: 137403231
Change-Id: Ie8949c7927a98e0ab757bc46230c589b5a496360
 2019-10-22 12:45:46 -07:00
Jeff Vander Stoep
6742ab4e4e iorapd: add tmpfs type 
Fixes build breakage:
system/sepolicy/private/traced.te:36:ERROR 'unknown type iorapd_tmpfs' at token ';' on line 43166:

Bug: 123445058
Test: build marlin-userdebug
Change-Id: Iefeba03ed2efee92fb0d61214514338c6d999bd1
(cherry picked from commit 426ff11951)
 2019-01-26 12:55:13 -08:00
Igor Murashkin
72a88b194c iorapd: Add new binder service iorapd. 
This daemon is very locked down. Only system_server can access it.

Bug: 72170747
Change-Id: I7b72b9191cb192be96001d84d067c28292c9688f
 2018-10-08 15:00:34 -07:00