tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
33036 commits 1 branch 0 tags 50 MiB
Commit graph

33036 commits

This branch
This branch
All branches
Author SHA1 Message Date
Andrew Scull
aedd65ac20 Allow vendor_init to read AVF device configs 
Bug: 192819132
Test: build
Change-Id: Iefa4d2d2dc0a13a9a6c95779d6ebde5cb2834295
 2021-10-08 14:51:30 +00:00
Treehugger Robot
a5d1958d3e Merge "Add sepolicy for com.android.car.framework module" 2021-10-08 06:29:28 +00:00
Jooyung Han
1103fb887a Merge "virtualizationservice to use "staged" apexes" 2021-10-08 00:26:40 +00:00
Xin Li
2b2247f14c Merge "Merge Android 12" 2021-10-07 23:50:37 +00:00
Treehugger Robot
27d22e670a Merge "Fix error in systemui when toggling airplane mode" 2021-10-07 16:17:57 +00:00
David Anderson
2c6b2326a7 Merge "allow init to set status on loop device" 2021-10-07 15:49:18 +00:00
Keun young Park
44025b07eb Add sepolicy for com.android.car.framework module 
Bug: 192665266
Test: build
Change-Id: I69036c20a3bae10e34a3c076eb8e1c7c2f1d2517
 2021-10-07 00:45:19 +00:00
Xin Li
ca1bb9d4d0 Merge Android 12 
Bug: 202323961
Merged-In: Icd70009f62d023fb68bb1355f804f9489362c0ed
Change-Id: I7fbd1b2ee2ba72e90ce098f235f2f7a927898c09
 2021-10-06 22:55:14 +00:00
Treehugger Robot
21dac7a746 Merge "Add media.resolution.limit.32bit to media_config_prop" am: a257817b5d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1840355

Change-Id: Icd70009f62d023fb68bb1355f804f9489362c0ed
 2021-10-05 17:33:32 +00:00
Treehugger Robot
a257817b5d Merge "Add media.resolution.limit.32bit to media_config_prop" 2021-10-05 17:13:35 +00:00
Nicolas Geoffray
d6d00365f1 Merge "Allow system server to map zygote_tmpfs files." am: 02211e449d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1844917

Change-Id: I738edf09d8cd58e15ce0e4d987c902ad7b660de9
 2021-10-05 16:14:57 +00:00
Nicolas Geoffray
02211e449d Merge "Allow system server to map zygote_tmpfs files." 2021-10-05 16:02:56 +00:00
Nicolas Geoffray
cd470d1e51 Allow system server to map zygote_tmpfs files. 
Needed for an ART optimization.

Test: build
Change-Id: I120cdbe410248ac08f4e56cdeb6588681630a964
 2021-10-05 15:03:54 +01:00
Jooyung Han
970166fb4a virtualizationservice to use "staged" apexes 
Virtualizationservice queries "package_native" service to get staged
apex info and then reads staged apexes to VM.

Bug: 199146189
Test: MicrodroidHostTestCases
Change-Id: Icbfe5b9a05abc08d3e0270d15969f632b3f57c66
 2021-10-05 19:57:20 +09:00
Treehugger Robot
1e04545bb3 Merge "Allow compos_fd_server to signal readiness" am: a12dc09f78 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1844302

Change-Id: Ia0cd0cbb89675f1de7e4e3e450a5aa6dae2ef2d8
 2021-10-05 10:08:17 +00:00
Treehugger Robot
a12dc09f78 Merge "Allow compos_fd_server to signal readiness" 2021-10-05 09:44:27 +00:00
Enrico Granata
393ebdda04 Merge "Introduce ro.boot.hypervisor properties" am: dd35626853 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1843773

Change-Id: I4ff9a7c008590a5ca17987aac95c5afab441f392
 2021-10-04 19:20:47 +00:00
Enrico Granata
dd35626853 Merge "Introduce ro.boot.hypervisor properties" 2021-10-04 19:10:28 +00:00
Treehugger Robot
1ad1e9240e Merge "Strip excess spaces in build_policy" am: 7ba07be13f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1842578

Change-Id: I5509e6c9fec808646d0ba38bf94d2d0439243dcf
 2021-10-04 18:40:11 +00:00
Treehugger Robot
7ba07be13f Merge "Strip excess spaces in build_policy" 2021-10-04 18:28:56 +00:00
Enrico Granata
645c390d1a Introduce ro.boot.hypervisor properties 
In virtualized deployments of Android, it can be useful to have
access to a description of the hypervisor/host environment being
used to run the guest OS instance.

This is represented by means of a new system property
ro.boot.hypervisor.version, which is meant to convey a
free-form descriptor of the current host/hypervisor version

The property is meant to be provided to Android as androidboot.
by whatever host-specific means are used to supply other boot
properties to the target Android instance. Access could be later
opened to other vendor processes to set if needed for specific
setups where init is not a sufficiently-early stage for
host/guest communication. Such setups are not known at this time.

For a native Android incantation, the property defaults to
being missing

Other properties could later be added to this same namespace
and context if they turn out to be useful in specific scenarios.

Bug: 178749018
Test: build cuttlefish
Change-Id: Id721c14ef1958b525c2866a660dcae8fd176a79d
 2021-10-04 11:14:03 -06:00
Beth Thibodeau
a279bdba64 Fix error in systemui when toggling airplane mode 
Fixes: 197722115
Test: manual - toggle, no avc: denied message
Change-Id: I17929f7cb77a4ba4f9720783c9913243f74db080
 2021-10-04 15:34:19 +00:00
Daniele Di Proietto
43ace3bad3 Merge "Allow init to run perfetto" am: 6634fe524e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1842419

Change-Id: If4405103e120e70b7dc6035d24261d35bc4a31ca
 2021-10-04 13:38:30 +00:00
Daniele Di Proietto
6634fe524e Merge "Allow init to run perfetto" 2021-10-04 13:20:48 +00:00
Alan Stokes
ad6e12644c Allow compos_fd_server to signal readiness 
We pass the write end of a pipe to fd_server which it uses to signal
when it is ready to serve.

Bug: 201764092
Test: atest ComposTestCase
Change-Id: Id952e953e79f6cef9c8f0c847a303a3a854f2248
 2021-10-04 14:12:02 +01:00
Beth Thibodeau
4390433734 [automerger skipped] Merge "make ril.cdma.inecmmode system property internal so that it cannot reveal a system api that requires READ_PRIVILEGED_PHONE_STATE" am: 79485f5e45 -s ours 
am skip reason: Merged-In I65f4121fc300447af7d516676166bc8b0b53b727 with SHA-1 d65a7bf37e is already in history

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1843853

Change-Id: Ia6a50fef401234131965a98953646b0ce163ad2c
 2021-10-01 23:12:56 +00:00
Beth Thibodeau
79485f5e45 Merge "make ril.cdma.inecmmode system property internal so that it cannot reveal a system api that requires READ_PRIVILEGED_PHONE_STATE" 2021-10-01 22:58:31 +00:00
Nazanin
b373dd0df2 make ril.cdma.inecmmode system property internal 
so that it cannot reveal a system api that requires
READ_PRIVILEGED_PHONE_STATE

Bug: 183410189
Bug: 197722115
Test: adb shell getprop -Z
Change-Id: I65f4121fc300447af7d516676166bc8b0b53b727
Merged-In: I65f4121fc300447af7d516676166bc8b0b53b727
 2021-10-01 21:36:49 +00:00
Justin Yun
7ad553f5d5 Define ro.vendor.api_level am: 785bb7a815 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1839637

Change-Id: I4dbca94dc1f04fac3fdbfd5b69ebd7621e6af93c
 2021-10-01 03:32:50 +00:00
Liangcai Fan
486be79cb7 allow init to set status on loop device 
Bug: 200904398

Change-Id: I02b0a4edcd47e325da7ec8200d5167485e4084c9
Signed-off-by: Liangcai Fan <liangcai.fan@unisoc.com>
 2021-10-01 10:49:40 +08:00
Cole Faust
087d527fd3 Strip excess spaces in build_policy 
build_policy gathers a list of files for a given set of folders and
filenames. It's possible that a certain folder doesn't have a certain
filename, in which case the $(wildcard) command will resolve to an
empty string, and there will be sections of many contiguous spaces
in the resulting list of files.

These contiguous spaces can show up in the build.ninja files.
When using a starlark-based device configuration, the number of spaces
is slightly different.

$(strip) not only removes spaces from the beginning/end of text, but
it also deduplicates any spaces in the middle. Use it to get rid
of the extra spaces so we have more consistent build.ninja files.

Bug: 201700692
Test: ./build/bazel/ci/rbc_product_config.sh aosp_arm64-userdebug
      with board config changes patched in
Change-Id: I4f458e7805588072ec55be324ece6d2faca4cdd6
 2021-09-30 15:48:34 -07:00
Daniele Di Proietto
dbbe5c034e Allow init to run perfetto 
Bug: 201387964
Change-Id: I20bb6cd32b9b7d6e0be1ca1fef2bff6f9165bb04
 2021-09-30 18:19:19 +01:00
Wonsik Kim
f648327a97 Add media.resolution.limit.32bit to media_config_prop 
Bug: 194771349
Test: cts/media/device-small
Change-Id: I79cb1580604780e8829844cba2502d2196d93f27
 2021-09-30 00:44:58 -07:00
Justin Yun
785bb7a815 Define ro.vendor.api_level 
ro.vendor.api_level will have the api_level that the vendor images
are required to implement based on the various api level properties.

Bug: 200258600
Test: getprop ro.vendor.api_level
Change-Id: Ie4f71ef920f03bdbc0a904936c26f092429fcd7f
 2021-09-29 15:34:19 +09:00
Xin Li
b658c31c68 Merge "Merge SP1A.210812.016" into stage-aosp-master 2021-09-29 05:32:39 +00:00
Treehugger Robot
adfb381f7e Merge changes from topic "se_policy_binary" am: f958c5ca73 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1837474

Change-Id: I70a3778766efdc978af7ea3a9caf8538d03f62b6
 2021-09-29 04:10:28 +00:00
Inseob Kim
4a498796f6 Add se_policy_binary module am: b9d0511de4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1837473

Change-Id: Ib2b75caa402dc85b4584bf9ce43008c0f3bae61d
 2021-09-29 04:10:26 +00:00
Treehugger Robot
f958c5ca73 Merge changes from topic "se_policy_binary" 
* changes:
  Migrate system sepolicy binaries to Soong
  Add se_policy_binary module
 2021-09-29 03:52:48 +00:00
Xin Li
e69c4ae635 Merge SP1A.210812.016 
Merged-In: I7dec0a3d82c82b5dea4b5f3f38d9170bb1f40840
Change-Id: Idf4f6bebc2c849811bac8f6df34d1cd997978bb8
 2021-09-28 19:55:59 +00:00
Xin Li
9c9f88950e DO NOT MERGE - Empty merge to indicate SP1A.210812.001 is already merged 
Merged-In: I32d5f01284c3622f9528d49cbee88049cb9e2a7f
Change-Id: I8722b68f836a019a71282c68edc4bd1a59246807
 2021-09-28 07:55:10 +00:00
Yifan Hong
fb6d9ed006 Merge "/*_dlkm/etc is vendor_configs_file." am: a07b83c1c6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1838053

Change-Id: I06e95120d8643e276da8cd74c31ad645da118e49
 2021-09-28 05:50:02 +00:00
Yifan Hong
a07b83c1c6 Merge "/*_dlkm/etc is vendor_configs_file." 2021-09-28 05:37:47 +00:00
Inseob Kim
4d90b7e78b Migrate system sepolicy binaries to Soong 
Bug: 33691272
Test: m selinux_policy
Test: boot microdroid
Change-Id: I9210be15b06e0dba01677d5bfe7b27a0ec21eb11
 2021-09-28 01:21:39 +00:00
Yifan Hong
0f4fb284d1 /*_dlkm/etc is vendor_configs_file. 
For e.g. /vendor_dlkm/etc/NOTICE.xml.gz

Test: pass
Fixes: 201090220
Change-Id: I56e2bec26cad11e9919729410c7ee08683ea2f01
 2021-09-27 13:33:22 -07:00
Nikita Ioffe
719dcf8a6d Merge "Cleanup sepolicy related to APEX pre/post-install hooks" am: 8d003bc3c0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1830234

Change-Id: Ie36d5a58c783962b93436b60605ea7f838735931
 2021-09-27 20:33:01 +00:00
Nikita Ioffe
8d003bc3c0 Merge "Cleanup sepolicy related to APEX pre/post-install hooks" 2021-09-27 20:16:54 +00:00
Inseob Kim
b9d0511de4 Add se_policy_binary module 
se_policy_binary module compiles cil files to sepolicy binary file.

Bug: 33691272
Test: build
Change-Id: Id20183d0ac797fc68356feaad9df0d0bccc81c14
 2021-09-27 13:13:46 +00:00
Jiakai Zhang
20c36de280 Merge "Remove dalvik.vm.dex2oat-updatable-bcp-packages-file from sepolicy." am: b9443cc3fa 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1832481

Change-Id: Idebce55dcf5f6cfe2c7a6eb5e695c9bf4b7018ed
 2021-09-27 11:55:00 +00:00
Jiakai Zhang
b9443cc3fa Merge "Remove dalvik.vm.dex2oat-updatable-bcp-packages-file from sepolicy." 2021-09-27 11:38:26 +00:00
Treehugger Robot
a478889019 Merge "Migrate freeze test to Soong" am: dc4ea6a681 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1826064

Change-Id: I465a29b20a654393f2ed064e57e66c8ce0b62246
 2021-09-27 11:20:39 +00:00