tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
37047 commits 1 branch 0 tags 50 MiB
Commit graph

37047 commits

This branch
This branch
All branches
Author SHA1 Message Date
Ramji Jiyani
982c6d39a2 Merge "system_dlkm: sepolicy: add system_dlkm_file_type" am: ba8615a186 am: 86cfb85d49 am: b925768cb3 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1978574

Change-Id: I17438ed404b798434e5cee28981ebd2b78b48e98
 2022-02-11 19:24:08 +00:00
Daniel Norman
d309c7225c Merge "Expose the APEX multi-install props to non-root getprop." am: ea98866236 am: 17327ac36a am: 004827ac14 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1965921

Change-Id: Ie247ac133be1573e4d8c3f1978b81e59729b4106
 2022-02-11 19:23:55 +00:00
Ramji Jiyani
b925768cb3 Merge "system_dlkm: sepolicy: add system_dlkm_file_type" am: ba8615a186 am: 86cfb85d49 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1978574

Change-Id: I5ac3fc1d3d4ecba09d26329de54c4f4b950c4b00
 2022-02-11 19:13:53 +00:00
Daniel Norman
004827ac14 Merge "Expose the APEX multi-install props to non-root getprop." am: ea98866236 am: 17327ac36a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1965921

Change-Id: Ibee39c2697d2a5d3cc6180b6a15af964b6fb9842
 2022-02-11 19:12:58 +00:00
Ramji Jiyani
86cfb85d49 Merge "system_dlkm: sepolicy: add system_dlkm_file_type" am: ba8615a186 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1978574

Change-Id: I8c70b7c37e2d5a84b78f4b8862890c4a0d101f1d
 2022-02-11 18:52:59 +00:00
Daniel Norman
17327ac36a Merge "Expose the APEX multi-install props to non-root getprop." am: ea98866236 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1965921

Change-Id: I43a503e66debdf898e7987c9b4ebc9c8709144bb
 2022-02-11 18:52:06 +00:00
Ramji Jiyani
ba8615a186 Merge "system_dlkm: sepolicy: add system_dlkm_file_type" 2022-02-11 18:36:04 +00:00
Daniel Norman
ea98866236 Merge "Expose the APEX multi-install props to non-root getprop." 2022-02-11 18:25:27 +00:00
Keith Mok
0036188cc4 Merge "Update SEPolicy apexd for API 32" am: 9984dcb28e am: 64a1571f5d am: 61220c8175 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1976997

Change-Id: I6989e866921eb81821c6b00a3c2c009f73fdc8bb
 2022-02-11 05:44:29 +00:00
Keith Mok
61220c8175 Merge "Update SEPolicy apexd for API 32" am: 9984dcb28e am: 64a1571f5d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1976997

Change-Id: Ie8074e60e624d10f3b34672246db62e19b4043e6
 2022-02-11 05:34:09 +00:00
Keith Mok
64a1571f5d Merge "Update SEPolicy apexd for API 32" am: 9984dcb28e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1976997

Change-Id: I85bd1c4b700b95d17ff25b73779f5fa7f4d2f8bf
 2022-02-11 05:21:22 +00:00
Keith Mok
9984dcb28e Merge "Update SEPolicy apexd for API 32" 2022-02-11 05:03:20 +00:00
Ramji Jiyani
4a556890f9 system_dlkm: sepolicy: add system_dlkm_file_type 
Add new attribute system_dlkm_file_type for
/system_dlkm partition files.

Bug: 218392646
Bug: 200082547
Test: TH
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: I193c3f1270f7a1b1259bc241def3fe51d77396f3
 2022-02-11 04:19:33 +00:00
Treehugger Robot
37d8455a12 Merge "Add microdroid sepolicy test support" am: 47b3505fbf am: 6fa204250e am: 33b27499a0 am: 7ee5ef3157 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1978387

Change-Id: Id057c15ecaefee6c8d26b2e2c15659b6162a80ab
 2022-02-11 01:12:58 +00:00
Treehugger Robot
7ee5ef3157 Merge "Add microdroid sepolicy test support" am: 47b3505fbf am: 6fa204250e am: 33b27499a0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1978387

Change-Id: I24347c205670d1f5834783cc1a0d09d17fb2491e
 2022-02-11 00:58:00 +00:00
Treehugger Robot
33b27499a0 Merge "Add microdroid sepolicy test support" am: 47b3505fbf am: 6fa204250e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1978387

Change-Id: I086792bdc5b5c12b71f6abfca204e226a9b358b7
 2022-02-11 00:48:56 +00:00
Treehugger Robot
6fa204250e Merge "Add microdroid sepolicy test support" am: 47b3505fbf 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1978387

Change-Id: I70801b12abc3d614d503c584ff0451a20d87d285
 2022-02-11 00:37:00 +00:00
Florian Mayer
74f50b8528 Merge "[MTE] Add property to specify default MTE mode for apps." am: 94782041d1 am: 3fc6370375 am: d140ade8cb am: 097e720524 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1976994

Change-Id: I4e7284bd790a22813ce6589611d9dedcbe8a6fed
 2022-02-11 00:29:50 +00:00
Frank Wang
c292da6f76 Merge "Add file contexts for OnDevicePersonalization module." 2022-02-11 00:25:59 +00:00
Treehugger Robot
47b3505fbf Merge "Add microdroid sepolicy test support" 2022-02-11 00:22:27 +00:00
Keith Mok
16c0a350c5 Update SEPolicy apexd for API 32 
The bootchart problem need the selinux policy fix.
But it is missing API 32

Bug: 218729155
Test: Build
Change-Id: Ia011f8bcd52403980c2a6751bb612dd5b770e130
 2022-02-11 00:20:17 +00:00
Florian Mayer
097e720524 Merge "[MTE] Add property to specify default MTE mode for apps." am: 94782041d1 am: 3fc6370375 am: d140ade8cb 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1976994

Change-Id: If739e4162a6bc749e0b9dd5cd2bd2fc4cb5b6226
 2022-02-11 00:17:12 +00:00
Florian Mayer
d140ade8cb Merge "[MTE] Add property to specify default MTE mode for apps." am: 94782041d1 am: 3fc6370375 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1976994

Change-Id: Ic1b595a7c68194f67097afa1f03a09d3c0717990
 2022-02-11 00:00:19 +00:00
Florian Mayer
3fc6370375 Merge "[MTE] Add property to specify default MTE mode for apps." am: 94782041d1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1976994

Change-Id: I32140e8f8e8081a5f91fb09df241ffa8931f5ba6
 2022-02-10 23:48:54 +00:00
Florian Mayer
94782041d1 Merge "[MTE] Add property to specify default MTE mode for apps." 2022-02-10 23:38:23 +00:00
Treehugger Robot
9a24b3f994 Merge "dmesgd: sepolicies" am: f07e7c31a4 am: 5c66bea55b am: 0878e5d007 am: c22334b926 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1968400

Change-Id: I0f649b1e87b152d80cc4617c7fa858c53eb9e595
 2022-02-10 22:06:38 +00:00
Treehugger Robot
a77159c365 Merge changes from topic "revert-1979386-revert-1967140-EVS_sepolicy_updates_T-MBLQTXKQEY-UVTCTRHQWF" am: 48f59f9ec2 am: 33f3804491 am: 35d788475c am: 05ef2c2c88 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1978173

Change-Id: Id411487bab280f9c0e5d5f575ec8d9e3154fd447
 2022-02-10 22:06:17 +00:00
Treehugger Robot
c22334b926 Merge "dmesgd: sepolicies" am: f07e7c31a4 am: 5c66bea55b am: 0878e5d007 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1968400

Change-Id: I81c8795157133bc53ac0d8792bcb0994242cc7cf
 2022-02-10 21:48:23 +00:00
Treehugger Robot
05ef2c2c88 Merge changes from topic "revert-1979386-revert-1967140-EVS_sepolicy_updates_T-MBLQTXKQEY-UVTCTRHQWF" am: 48f59f9ec2 am: 33f3804491 am: 35d788475c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1978173

Change-Id: Ib0190154fcd41e2ec7ec3ebeac85a38adc04ca1e
 2022-02-10 21:48:02 +00:00
Treehugger Robot
0878e5d007 Merge "dmesgd: sepolicies" am: f07e7c31a4 am: 5c66bea55b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1968400

Change-Id: I9e2b52c64c88450db675ceab33e78b870e8fc182
 2022-02-10 21:23:59 +00:00
Treehugger Robot
35d788475c Merge changes from topic "revert-1979386-revert-1967140-EVS_sepolicy_updates_T-MBLQTXKQEY-UVTCTRHQWF" am: 48f59f9ec2 am: 33f3804491 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1978173

Change-Id: Ie8e1b9eefc611f62d6ec196563d3b3fdcf816236
 2022-02-10 21:23:41 +00:00
Treehugger Robot
5c66bea55b Merge "dmesgd: sepolicies" am: f07e7c31a4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1968400

Change-Id: I0afd007ea41fc82aa0887368bc2e84c94bf358d8
 2022-02-10 21:04:30 +00:00
Treehugger Robot
33f3804491 Merge changes from topic "revert-1979386-revert-1967140-EVS_sepolicy_updates_T-MBLQTXKQEY-UVTCTRHQWF" am: 48f59f9ec2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1978173

Change-Id: I82c6ff9bf4bcc3a572013b5afefb0123daaef7a3
 2022-02-10 21:03:47 +00:00
Treehugger Robot
f07e7c31a4 Merge "dmesgd: sepolicies" 2022-02-10 21:00:56 +00:00
Treehugger Robot
48f59f9ec2 Merge changes from topic "revert-1979386-revert-1967140-EVS_sepolicy_updates_T-MBLQTXKQEY-UVTCTRHQWF" 
* changes:
  Revert^2 "Updates sepolicy for EVS HAL"
  Revert^2 "Adds a sepolicy for EVS manager service"
 2022-02-10 20:50:42 +00:00
Kevin Jeon
8a5912e6d3 [automerger skipped] Merge "Make Traceur seapp_context reflect platform status" am: 25dfbfec14 am: b476cc1f23 am: 99769850b9 am: 26c5f8baf7 -s ours 
am skip reason: Merged-In Ibe7881d48798e3b71bb40e566fa8243cbb630b04 with SHA-1 4241e001e2 is already in history

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1962019

Change-Id: Ic0d11fe75179959e1b66eb67c17f00fb88f025e9
 2022-02-10 20:33:28 +00:00
Kevin Jeon
26c5f8baf7 Merge "Make Traceur seapp_context reflect platform status" am: 25dfbfec14 am: b476cc1f23 am: 99769850b9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1962019

Change-Id: Ia0d9cfd02f2176fea8583a53453b135adb1994a9
 2022-02-10 20:16:24 +00:00
Kevin Jeon
99769850b9 Merge "Make Traceur seapp_context reflect platform status" am: 25dfbfec14 am: b476cc1f23 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1962019

Change-Id: I6c6b17a755393b90032dc76294c66c1441d29d5f
 2022-02-10 19:40:35 +00:00
Kevin Jeon
b476cc1f23 Merge "Make Traceur seapp_context reflect platform status" am: 25dfbfec14 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1962019

Change-Id: I9a8a640707d12580a9144418e64d4868aa56d651
 2022-02-10 19:24:58 +00:00
Keith Mok
63289fe1e4 [automerger skipped] Merge changes from topic "presubmit-am-d8a266d181114de9a5d613d7185609ce" into sc-v2-dev-plus-aosp am: 0a9589cc7d -s ours 
am skip reason: Merged-In Ia7d166605cd0b58849cb44d9a16dc3c73e1d4353 with SHA-1 d338d0ef55 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/16829091

Change-Id: I92eef2c1dd18570752c35ed537cea42aa86b40d1
 2022-02-10 19:10:01 +00:00
Kevin Jeon
25dfbfec14 Merge "Make Traceur seapp_context reflect platform status" 2022-02-10 19:09:45 +00:00
Keith Mok
0a9589cc7d Merge changes from topic "presubmit-am-d8a266d181114de9a5d613d7185609ce" into sc-v2-dev-plus-aosp 
* changes:
  [automerged blank] Fix bootchart on android12 2p: 1b3278b2da
  Fix bootchart on android12
 2022-02-10 18:51:48 +00:00
Kevin Jeon
9118e3a5ca Make Traceur seapp_context reflect platform status 
Because Traceur is being signed with the platform key in aosp/1961100,
the platform seinfo identifier is being added to Traceur so that SELinux
will correctly identify it as a platform app.

Bug: 209476712
Test: - Checked that Traceur can still take normal and long traces on
        AOSP userdebug and internal user/userdebug.
      - Checked that the Traceur app is now located in /system/app/
	instead of /system/priv-app/.
Change-Id: Ibe7881d48798e3b71bb40e566fa8243cbb630b04
Merged-In: Ibe7881d48798e3b71bb40e566fa8243cbb630b04
 2022-02-10 17:51:28 +00:00
Alexander Potapenko
0a64d100b8 dmesgd: sepolicies 
dmesgd is a daemon that collects kernel memory error reports.

When system_server notices that a kernel error occured, it sets the
dmesgd.start system property to 1, which results in init starting
dmesgd.

Once that happens, dmesgd runs `dmesg` and parses its output to collect
the last error report. That report, together with the headers containing
device- and build-specific information is stored in Dropbox.

Empirically, dmesgd needs the following permissions:
- execute shell (for popen()) and toolbox (for dmesg),
  read system_log (for dmesg)
- read /proc/version (to generate headers)
- perform Binder calls to servicemanager and system_server,
  find dropbox_service (for dropbox)
- create files in /data/misc/dmesgd (to store persistent state)

Bug: 215095687
Test: run dmesgd on a user device with injected KFENCE bugs
Change-Id: Iff21a2ffd99fc31b89a58ac774299b5e922721ea
 2022-02-10 17:42:52 +00:00
Changyeon Jo
eacb1095a8 Revert^2 "Updates sepolicy for EVS HAL" 
418f41ad13

Bug: 216727303
Test: m -j selinux_policy on failed targets reported
      in b/218802298
Change-Id: Iec8fd2a1e9073bf3dc679e308407572a8fcf44d9
 2022-02-10 17:21:54 +00:00
Changyeon Jo
8c12609bce Revert^2 "Adds a sepolicy for EVS manager service" 
0137c98b90

Bug: 216727303
Test: m -j selinux_policy on failed targets reported
      in b/218802298
Change-Id: I2ae2fc85a4055f2cb7d19ff70b120e7b7ff0957d
 2022-02-10 17:21:14 +00:00
Frank Wang
41d3e030ed Add file contexts for OnDevicePersonalization module. 
Test: Build
Bug: b/218749359
Ignore-AOSP-First: this feature is still under development.
Change-Id: Ib69e8e7098913e14b9973c65b37c88daa98b4e06
 2022-02-10 17:02:21 +00:00
Treehugger Robot
7b232c9429 Merge "Support legacy apexdata labels" am: 605715d665 am: 1d087ac705 am: 62853dbe2d am: 6cc4be77ad 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1977066

Change-Id: Ib5c699e15ab8669f4893a0248483cceb11f35a0f
 2022-02-10 12:33:08 +00:00
Mohammed Rashidy
1ea99c86e9 Merge changes from topic "revert-1967140-EVS_sepolicy_updates_T-MBLQTXKQEY" am: 7f1eaf1b45 am: aa0cb606c3 am: 3bed79292e am: f1ea833625 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1979387

Change-Id: I8ad7455e22999359816e3e47dfcb5b95845a63e4
 2022-02-10 12:32:56 +00:00
Mohammed Rashidy
5e3beea9bc Revert "Updates sepolicy for EVS HAL" am: 418f41ad13 am: 4d67e0d02b am: a46cbab128 am: 7f9b355e86 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1979386

Change-Id: I6e704950a709e76c8e2c5fdb3829487a4012f887
 2022-02-10 12:32:54 +00:00