tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
44091 commits 1 branch 0 tags 50 MiB
Commit graph

44091 commits

This branch
This branch
All branches
Author SHA1 Message Date
Ahmad Khalil
95ee9ea719 Add fwk_vibrator_control_service 
Convert vibrator_control to a framework service (fwk_vibrator_control_service) in system_server.

Bug: 305961689
Test: N/A
Change-Id: I5f3aba2c58a3166593a11034a8d21dfd12311c2e
 2023-11-21 20:59:48 +00:00
Matías Hernández
e2e44c0156 Merge "Make color_display app_api_service in addition to system_api_service" into main 2023-11-21 19:52:44 +00:00
Eric Laurent
2fc53fec54 Merge "Bluetooth: add system property for HID transport selection" into main 2023-11-21 18:32:07 +00:00
Shikha Panwar
2838e84381 Merge "Secretkeeper/Sepolicy: Create required domains" into main 2023-11-21 17:56:46 +00:00
Matías Hernández
b8762f78b2 Make color_display app_api_service in addition to system_api_service 
This makes the service available for CTS tests (specifically NotificationManagerZenTest).

Test: m -j
Bug: 308673540
Change-Id: I45917abd0c0dd3f2c5365b2780ac3ab5e28f2580
 2023-11-21 18:51:56 +01:00
Shikha Panwar
59c970703b Secretkeeper/Sepolicy: Create required domains 
Add sepolicies rules for Secretkeeper HAL & nonsecure service
implementing the AIDL.

Test: atest VtsHalSkTargetTest & check for Selinux denials
Bug: 293429085
Change-Id: I907cf326e48e4dc180aa0d30e644416d4936ff78
 2023-11-21 12:29:18 +00:00
Treehugger Robot
40552f0902 Merge "Allow shell to set persist.logd.audit.rate" into main 2023-11-21 08:56:43 +00:00
Treehugger Robot
8bb5b294fb Merge "Define ro.llndk.api_level" into main 2023-11-21 06:58:38 +00:00
Thiébaud Weksteen
4adc0c8fca [automerger skipped] Merge "Revert^2 "Add permission for VFIO device binding"" into android14-tests-dev am: 1f621afeeb -s ours 
am skip reason: Merged-In Ie947adff00d138426d4703cbb8e7a8cd429c2272 with SHA-1 901385f711 is already in history. Merged-In was found from reverted change.

Reverted change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2829493

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2839696

Change-Id: I01827ca4d3ce34fc7cc53481cbc31a6a2274dc2c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-21 04:58:19 +00:00
Thiébaud Weksteen
73158ce6a3 [automerger skipped] Revert^2 "Add permission for VFIO device binding" am: fa2999a627 -s ours 
am skip reason: Merged-In Ie947adff00d138426d4703cbb8e7a8cd429c2272 with SHA-1 901385f711 is already in history. Merged-In was found from reverted change.

Reverted change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2829493

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2839696

Change-Id: Ibc9e068f581b31b4b986dc86d48bd08d392d5036
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-21 04:58:15 +00:00
Thiébaud Weksteen
1f621afeeb Merge "Revert^2 "Add permission for VFIO device binding"" into android14-tests-dev 2023-11-21 04:37:46 +00:00
Thiébaud Weksteen
fa2999a627 Revert^2 "Add permission for VFIO device binding" 
This reverts commit c6227550f7.

Reason for revert: Faulty merging paths have been removed

Change-Id: Icf56c2e977c5517af63e206a0090159e43dd71eb
Merged-In: Ie947adff00d138426d4703cbb8e7a8cd429c2272
 2023-11-21 02:18:30 +00:00
Justin Yun
90bee0995e Define ro.llndk.api_level 
ro.llndk.api_level shows the maxium vendor api level that the llndk
in the platform supports.

Bug: 312098788
Test: getprop ro.llndk.api_level
Change-Id: I139524724e458300a3c1430c94595e9fa25a85dd
 2023-11-21 11:13:09 +09:00
Shubang Lu
0d65502e9e Merge "Add SE policy for tv_ad_service" into main 2023-11-20 19:08:50 +00:00
Eric Laurent
255890ef0e Bluetooth: add system property for HID transport selection 
Add property bluetooth.core.le.dsa_transport_preference containing a
list of supported HID transport protocols for IMU data over LE Audio by
order of preference:

Bug: 307588546
Test: make
Change-Id: I7aef404a2c6c8cc872efb994e328a175d5b4efd4
 2023-11-20 16:38:56 +01:00
Ken Chen
9449a6f2ef Merge "Delete mdns_service_fuzzer" into main 2023-11-20 05:28:21 +00:00
Kelvin Zhang
db2d9a23ad Merge "Add sepolicy for ro.virtual_ab.merge_delay_seconds" into main 2023-11-20 02:57:46 +00:00
Treehugger Robot
c8fa84b81f Merge "Fix flagging macros" into main 2023-11-20 01:43:11 +00:00
Jeongik Cha
bfb5615f52 Merge "declare setupwizard_mode_prop as system_vendor_config_prop" into main 2023-11-20 01:22:22 +00:00
Thiébaud Weksteen
1deccbb3f4 Merge "Revert^2 "Introduce sdk_sandbox_audit SELinux domain"" into android14-tests-dev am: 2f98237c4d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2836555

Change-Id: Iffd388a421177b61186f4a7b6e6076313206fd36
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-19 23:51:03 +00:00
Thiébaud Weksteen
2f98237c4d Merge "Revert^2 "Introduce sdk_sandbox_audit SELinux domain"" into android14-tests-dev 2023-11-19 23:34:25 +00:00
Kelvin Zhang
f34d7d238d Add sepolicy for ro.virtual_ab.merge_delay_seconds 
Bug: 311515963
Test: set ro.virtual_ab.merge_delay_seconds by PRODUCT_PROPERTY_OVERRIDES in mk files and run OTA
Change-Id: Ia9bac57879670e0dbd858705bffbb8dea7d58fba
 2023-11-17 12:02:54 +00:00
Sandro Montanari
1e9eb36ad2 Revert^2 "Introduce sdk_sandbox_audit SELinux domain" 
This reverts commit a41bfab758.

Reason for revert: Automerger path causing the regression is no more

Change-Id: I4c9ab6f2e18c9d8157f5667bc98fcce00e78f93d
 2023-11-17 09:54:33 +00:00
Inseob Kim
9868a0ce11 Fix flagging macros 
We should wrap the parameter because it will contain multiple lines of
codes which can probably contain comma.

Bug: 306563735
Test: build and see sepolicy output
Change-Id: I2f56f0a1ec2d5b14570fb9c5bb178d488bc023c9
 2023-11-17 18:07:11 +09:00
Inseob Kim
5b98e30451 Merge "Simplify out path of checked vendor property_contexts" into main 2023-11-17 02:24:33 +00:00
Seungjae Yoo
e95f3f5bd3 Merge "Introduce vendor_microdroid_file for microdroid vendor image" into main 2023-11-17 02:23:30 +00:00
Treehugger Robot
e0289ae802 Merge "Correct path of android.hidl.memory@1.0-impl.so" into main 2023-11-17 02:03:42 +00:00
Kiyoung Kim
6149e5238f Correct path of android.hidl.memory@1.0-impl.so 
Current sepolicy expects the library located under /vendor/lib(64), but
the actual location of the library is /vendor/lib(64)/hw, as it defines
relative path 'hw'. This change corrects location of
android.hidl.memory@1.0-impl.so, so it can be labeled with
same_process_hal_file as expected.

Bug: 311298012
Test: Failing test passed over ABTD
Change-Id: Ib84dbde0742716d399f04ce8ec11a0c4f24be8b0
 2023-11-17 09:41:40 +09:00
Shubang Lu
98dddde9f0 Add SE policy for tv_ad_service 
Bug: 303506816
Bug: 311074646
Test: cuttlefish;
Change-Id: I5dea6d65cf374392bb9b079dda9aa90fb63a4bbd
 2023-11-16 23:10:15 +00:00
Matt Stokes
61ba09b9a8 Merge "Revert "Allow system_server to communicate with virtual_camera"" into main 2023-11-16 18:58:19 +00:00
Matt Stokes
76a62dfb3e Revert "Allow system_server to communicate with virtual_camera" 
This reverts commit 45f1ecee7a.

Reason for revert: <Droid TestMonitor b/311401010>

Change-Id: I82716e9d52a66018c5e7d7d13c8292d7d19f253c
 2023-11-16 17:42:25 +00:00
Luca Stefani
0b2d711423 Simplify out path of checked vendor property_contexts 
Using Join with the fully fledged input path as string
breaks setting a custom $OUT_DIR

Test: export OUT_DIR=`pwd`/out_custom && m nothing
Change-Id: Ie5043c0eb8e5f854be0d0d318008ea24f3d94c09
 2023-11-16 17:50:56 +01:00
Jeongik Cha
6cb91a086e declare setupwizard_mode_prop as system_vendor_config_prop 
1. declare setupwizard_mode_prop for ro.setupwizard.mode
2. that prop could be set during vendor_init, so changed prop type

Bug: 310208141
Test: boot and check if there is no sepolicy issue
Change-Id: I89246ab2c686db139cad48550b860d69a41106ff
 2023-11-17 01:22:37 +09:00
Ján Sebechlebský
4b16e566e1 Merge "Allow system_server to communicate with virtual_camera" into main 2023-11-16 11:20:43 +00:00
Seungjae Yoo
d2a0892121 Introduce vendor_microdroid_file for microdroid vendor image 
In AVF, virtualizationmanager checks the selinux label of given disk
image for proving whether the given image is edited maliciously.
Existing one(vendor_configs_file, /vendor/etc/*) was too wide to use for this purpose.

Bug: 285854379
Test: m
Change-Id: I6c966c92b238a2262d2eb7f41041ed4c359e9e0a
 2023-11-16 16:44:15 +09:00
Jooyung Han
f8c18cb0f2 Add properties for vulkan apex 
ro.vulkan.apex property is added to tell which APEX provides vulkan
driver.

Bug: 205618237
Test: CtsGraphicsTestCases
Change-Id: Icdf6ee5ede16c08405f48d736ed38ad4117d8e2d
 2023-11-15 13:45:38 +09:00
Jooyung Han
a5463fd4b9 Merge "apex_sepolicy_tests: check apex roots are search-able" into main 2023-11-15 04:36:41 +00:00
Thiébaud Weksteen
db2b83d8c8 [automerger skipped] Merge "Revert "Introduce sdk_sandbox_audit SELinux domain"" into android14-tests-dev am: 3195af1315 -s ours 
am skip reason: Merged-In I9c5873181c925c6b8ebb411328d30aa519053acf with SHA-1 4db0e27a50 is already in history. Merged-In was found from reverted change.

Reverted change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2827450

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2829793

Change-Id: I5da5356a52c8cc132ca175b734c9e6679ef022e0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-15 03:03:01 +00:00
Sandro Montanari
6ed0dd8688 [automerger skipped] Revert "Introduce sdk_sandbox_audit SELinux domain" am: a41bfab758 -s ours 
am skip reason: Merged-In I9c5873181c925c6b8ebb411328d30aa519053acf with SHA-1 4db0e27a50 is already in history. Merged-In was found from reverted change.

Reverted change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2827450

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2829793

Change-Id: I2f00b81a7ba4868c6a6a52d842e143d423cc5ac6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-15 03:02:57 +00:00
Thiébaud Weksteen
c541c1eb80 Revert "Prebuilt updates for aosp/2827450" am: b460885e50 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2830890

Change-Id: Ief55d435dff2e58e463d4498fb3cf5740af8d21d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-15 03:02:23 +00:00
Thiébaud Weksteen
3195af1315 Merge "Revert "Introduce sdk_sandbox_audit SELinux domain"" into android14-tests-dev 2023-11-15 02:51:06 +00:00
Jooyung Han
b9517900e6 apex_sepolicy_tests: check apex roots are search-able 
Narrow down the check for apex roots. It was 'read', but 'search' should
be enough.

Bug: 310528686
Test: m
Change-Id: Ibe5f2e948464580832d87e8d8364c33a437efed2
 2023-11-15 10:45:14 +09:00
Thiébaud Weksteen
b460885e50 Revert "Prebuilt updates for aosp/2827450" 
This reverts commit 74ec7d8343.

Reason for revert: Tests are still failing

Change-Id: Ic7dcd5fb4703cfe476f74835782b99d5848ed738
 2023-11-14 23:37:47 +00:00
Sandro Montanari
20d6a0ec30 Prebuilt updates for aosp/2827450 am: 74ec7d8343 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2828198

Change-Id: Idce3a100d6c6db0d90f21142baf1158185bd97e1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-14 18:16:13 +00:00
Sandro Montanari
74ec7d8343 Prebuilt updates for aosp/2827450 
Bug: 295861450
Test: presubmits

Merged-In: I3d36a17697623f51618913d16ed4d3ea2ccf923b
Change-Id: I3f031449457a7cf8912b17c3eac4b7aa82710d58
 2023-11-14 15:07:54 +00:00
Vadim Caen
45f1ecee7a Allow system_server to communicate with virtual_camera 
and consitently name service and process as "virtual_camera" (with
underscore)

Test: Cts VirtalCameraTest
Bug: 270352264
Change-Id: I2c6c0c03aab47aa1795cbda19af25e6661a0bf4a
 2023-11-14 15:27:57 +01:00
Sandro Montanari
a41bfab758 Revert "Introduce sdk_sandbox_audit SELinux domain" 
This reverts commit 5eb6189fc0.

Reason for revert: breaks build in git_udc-qpr-dev-throttled

Change-Id: I97b5fe5e1db668a33d00b15bd3cb5e663050eba2
 2023-11-14 12:27:39 +00:00
Sandro Montanari
2b00f73b12 [automerger skipped] Merge "Introduce sdk_sandbox_audit SELinux domain" into android14-tests-dev am: 1b612c280c -s ours 
am skip reason: Merged-In I9c5873181c925c6b8ebb411328d30aa519053acf with SHA-1 4db0e27a50 is already in history

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2827450

Change-Id: I408f1d5bec2f00214fc0472e1862a3a435cd055f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-14 09:16:04 +00:00
Sandro Montanari
c503338a3f [automerger skipped] Introduce sdk_sandbox_audit SELinux domain am: 5eb6189fc0 -s ours 
am skip reason: Merged-In I9c5873181c925c6b8ebb411328d30aa519053acf with SHA-1 4db0e27a50 is already in history

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2827450

Change-Id: I6886db030bb1e2d8aa0bb3222c11307c0ccdc01d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-14 09:16:00 +00:00
Inseob Kim
273fd0ab18 [automerger skipped] Revert "Add permission for VFIO device binding" am: c6227550f7 -s ours 
am skip reason: Merged-In Ie947adff00d138426d4703cbb8e7a8cd429c2272 with SHA-1 901385f711 is already in history. Merged-In was found from reverted change.

Reverted change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2825716

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2829493

Change-Id: Idb26e5c857a5ebb9b6d86626fdfc00005e242a4d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-14 09:15:27 +00:00