tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
43049 commits 1 branch 0 tags 50 MiB
Commit graph

43049 commits

This branch
This branch
All branches
Author SHA1 Message Date
Pawan Wagh
a4a07e3fb4 Merge "Add media metrics aidl fuzzer to bindings" am: 144cad1b19 am: cf26f9e29b am: 31fe43e0da 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2601825

Change-Id: I070aa4b459e0953e3f502fb0b1daab4e8329aefe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 00:53:20 +00:00
Pawan Wagh
31fe43e0da Merge "Add media metrics aidl fuzzer to bindings" am: 144cad1b19 am: cf26f9e29b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2601825

Change-Id: I133706deb2a3e6336d2f1936a3e01027c1215da9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 00:20:28 +00:00
Pawan Wagh
cf26f9e29b Merge "Add media metrics aidl fuzzer to bindings" am: 144cad1b19 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2601825

Change-Id: Ibe6ec501030cd0999d307a0c3709c46325c6ca9f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 23:39:51 +00:00
Treehugger Robot
64913418e4 Merge "strengthen debugfs neverallows" am: 4f36bd15ac am: 863fea7e62 am: 5a0664065e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2599510

Change-Id: I63a64e70a61d801da240afde6abe14ea7c3f0cc7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 23:16:32 +00:00
Pawan Wagh
144cad1b19 Merge "Add media metrics aidl fuzzer to bindings" 2023-05-24 23:01:42 +00:00
Treehugger Robot
5a0664065e Merge "strengthen debugfs neverallows" am: 4f36bd15ac am: 863fea7e62 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2599510

Change-Id: I9c12dd0e933f6e5c4917db5c1ccdadd985dce7d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 22:25:47 +00:00
Treehugger Robot
863fea7e62 Merge "strengthen debugfs neverallows" am: 4f36bd15ac 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2599510

Change-Id: Iebd1d30d6fd58a68f369d2d25c55038bab32acdc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 21:22:44 +00:00
Treehugger Robot
4f36bd15ac Merge "strengthen debugfs neverallows" 2023-05-24 20:30:34 +00:00
Steven Moreland
0bb95dd4fd Merge "strengthen proc_type neverallows" am: fd92d967ee am: 12523b02c3 am: 79190c4da7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2599509

Change-Id: I210c48f15715cb5c4f808341d39beefc996e30c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 20:14:29 +00:00
Steven Moreland
79190c4da7 Merge "strengthen proc_type neverallows" am: fd92d967ee am: 12523b02c3 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2599509

Change-Id: I3fb3d1eb8ff32705c35dc4e01a818b3382fa8146
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 19:28:17 +00:00
Steven Moreland
12523b02c3 Merge "strengthen proc_type neverallows" am: fd92d967ee 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2599509

Change-Id: Id85e2319971b1be4924dc68b6becfb1c6ceac901
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 18:41:12 +00:00
Steven Moreland
fd92d967ee Merge "strengthen proc_type neverallows" 2023-05-24 18:01:14 +00:00
Jin Jeong
68a7bc07f3 [automerger skipped] Merge "Revert "Fix selinux denial for setupwizard_esim_prop"" am: f21abea1b7 am: 8da5ffe780 am: 5f2f77e4d4 -s ours 
am skip reason: Merged-In I00cac36ac2f2a23d02c99b9ad9df57061d1ae61c with SHA-1 9627dc5c78 is already in history

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2602191

Change-Id: Ib3a2cd802261597abcf7370f619ba93cbd631223
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 10:35:41 +00:00
Jin Jeong
2af1ac3e0c [automerger skipped] Merge "Revert "Add setupwizard_esim_prop to access ro.setupwizard.esim_cid_ignore"" am: d7558db004 am: ce817552f5 am: 456e45136f -s ours 
am skip reason: Merged-In I0c2bfe55987949ad52f62e468c84df954f39a4ad with SHA-1 ec4fe33a6a is already in history

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2588746

Change-Id: If9ae57d0c415fa5255b9ed916c4f218a84e3dd73
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 10:35:37 +00:00
Jin Jeong
5f2f77e4d4 Merge "Revert "Fix selinux denial for setupwizard_esim_prop"" am: f21abea1b7 am: 8da5ffe780 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2602191

Change-Id: Ibd3bce75555e1a8d06520ea494158afb2993ca8d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 09:50:38 +00:00
Jin Jeong
456e45136f Merge "Revert "Add setupwizard_esim_prop to access ro.setupwizard.esim_cid_ignore"" am: d7558db004 am: ce817552f5 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2588746

Change-Id: I46b0be3db08ff209c9b7c7ee127ca9b68f5619a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 09:50:36 +00:00
Jin Jeong
8da5ffe780 Merge "Revert "Fix selinux denial for setupwizard_esim_prop"" am: f21abea1b7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2602191

Change-Id: I5e659ea7ac65f4680cd7702e24236aabcd01bc3a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 09:12:46 +00:00
Jin Jeong
ce817552f5 Merge "Revert "Add setupwizard_esim_prop to access ro.setupwizard.esim_cid_ignore"" am: d7558db004 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2588746

Change-Id: Ic4796f40dfb4e24a726aba37377d2bd6e9e95809
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 09:12:43 +00:00
Jin Jeong
f21abea1b7 Merge "Revert "Fix selinux denial for setupwizard_esim_prop"" 2023-05-24 08:21:54 +00:00
Jin Jeong
d7558db004 Merge "Revert "Add setupwizard_esim_prop to access ro.setupwizard.esim_cid_ignore"" 2023-05-24 08:21:54 +00:00
Jin Jeong
0a9cd6f0e7 Revert "Fix selinux denial for setupwizard_esim_prop" 
This reverts commit 3bb2411564.

Reason for revert:  b/279988311 we rename the vendor.modem property so we don't need to add the new rules

Change-Id: I4a3ed3c4f00e9bee88608e7d393ded204d922ee2
Merged-In: I00cac36ac2f2a23d02c99b9ad9df57061d1ae61c
 2023-05-24 07:08:05 +00:00
Jin Jeong
ae80e8cffa Merge "Revert "Add setupwizard_esim_prop to access ro.setupwizard.esim_..."" into udc-dev am: 7b646790c5 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/23201116

Change-Id: I272af89efc194c111a0cb0c3955e2e37ff82b763
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:42:43 +00:00
Jin Jeong
cec9a99b28 Merge "Revert "Fix selinux denial for setupwizard_esim_prop"" into udc-dev am: a93b7daef3 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/23167567

Change-Id: Ia1cc228b66bea6510ca4b649fa9d4c1adfa0900f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:42:35 +00:00
Jin Jeong
7b646790c5 Merge "Revert "Add setupwizard_esim_prop to access ro.setupwizard.esim_..."" into udc-dev 2023-05-24 01:07:12 +00:00
Jin Jeong
a93b7daef3 Merge "Revert "Fix selinux denial for setupwizard_esim_prop"" into udc-dev 2023-05-24 01:07:12 +00:00
Pawan Wagh
d25d64796d Add media metrics aidl fuzzer to bindings 
Test: m
Bug: 232439428
Change-Id: I6c645bf89fdded1dffdba8d40889eeb20b0734e1
 2023-05-23 22:55:15 +00:00
Steven Moreland
88d6ed95a4 Merge "strengthen vendor_file neverallows" am: e1b3e925c6 am: 0109e51f62 am: 5333cba223 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2594975

Change-Id: Iddbc99105f606ab82df6354412b1bfb904bb9806
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-23 02:07:51 +00:00
Steven Moreland
5333cba223 Merge "strengthen vendor_file neverallows" am: e1b3e925c6 am: 0109e51f62 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2594975

Change-Id: Ib75e67f75d91a8695c42de08eec6404638799128
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-23 01:18:14 +00:00
Steven Moreland
0109e51f62 Merge "strengthen vendor_file neverallows" am: e1b3e925c6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2594975

Change-Id: I364f7f30f34e4dd28085e8ce53b37c1ea282a126
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-23 00:38:11 +00:00
Steven Moreland
e1b3e925c6 Merge "strengthen vendor_file neverallows" 2023-05-22 23:56:11 +00:00
Steven Moreland
b56bf68763 strengthen debugfs neverallows 
The comments here suggest they intended to put stronger
rules in place.

Bug: 281877578
Test: boot
Change-Id: I4c837c2e0f86f648c212fa7915275cd75319e663
 2023-05-22 23:02:24 +00:00
Steven Moreland
8634a88595 strengthen proc_type neverallows 
These were unnecessarily lax. Some additional places
additionally exclude only the generic proc type, but
we don't care about those places.

Bug: 281877578
Test: boot
Change-Id: I9ebf410c12a41888ab1f5ecc21c95c34fc36c0d0
 2023-05-22 22:59:08 +00:00
Anoush Khazeni
15875fa311 Merge "Adding a property entry for the assistant volume." into udc-dev am: 1e1a425a9b 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/23214185

Change-Id: Ib3a830112f4b6cdd2c3e346443bbdf0fdf324699
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 19:00:54 +00:00
Treehugger Robot
a251f9a6bb Merge "Parallelize singleton execution." am: bcb0e13831 am: ff97fdff7e am: 6ec2ab500f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2593085

Change-Id: I629bb1e0770857d15d8a8febee705a5131ef08cc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 19:00:24 +00:00
Anoush Khazeni
1e1a425a9b Merge "Adding a property entry for the assistant volume." into udc-dev 2023-05-22 18:58:43 +00:00
Treehugger Robot
6ec2ab500f Merge "Parallelize singleton execution." am: bcb0e13831 am: ff97fdff7e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2593085

Change-Id: Ia607cabf1b4cb3cfdad016e470d6c379cd40d032
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 18:14:06 +00:00
Treehugger Robot
ff97fdff7e Merge "Parallelize singleton execution." am: bcb0e13831 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2593085

Change-Id: I18a98d9c720e8a5c4b98a8dccd878e3dd55158bd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 17:11:27 +00:00
Treehugger Robot
bcb0e13831 Merge "Parallelize singleton execution." 2023-05-22 16:40:16 +00:00
Suren Baghdasaryan
1d56c09faf [automerger skipped] allow modprobe to load modules from /system/lib/modules/ am: 8a6f45d363 -s ours 
am skip reason: Merged-In I8a8205e50aa00686f478aba5336299e03490bbb5 with SHA-1 9c23982a48 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/23351624

Change-Id: I46b23214be5a6f26fdaec5bd61f2158eac5e0c03
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 02:57:15 +00:00
Steven Moreland
c17369ecc7 Merge "strengthen system_file neverallows" am: 9a184232d7 am: 3bf96325d7 am: 679e6f2992 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2594974

Change-Id: I3417d75fce4e26efa69b7b2a56855b6ccfa15c1f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 22:44:35 +00:00
Steven Moreland
679e6f2992 Merge "strengthen system_file neverallows" am: 9a184232d7 am: 3bf96325d7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2594974

Change-Id: I442caec45ae002f3f2a6212a5987579b39b0e57f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 22:22:51 +00:00
Steven Moreland
3bf96325d7 Merge "strengthen system_file neverallows" am: 9a184232d7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2594974

Change-Id: Icdba587658c91e27f35f6862869c45d1f74ddec9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 21:57:55 +00:00
Steven Moreland
9a184232d7 Merge "strengthen system_file neverallows" 2023-05-19 21:37:26 +00:00
David Anderson
465859abb7 Merge "Allow ueventd to access device-mapper." am: 73d18c2bfe am: 5f2482d0dd am: d223637c8a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2591728

Change-Id: I76ff312e6d37a2abaf5b5144a6d13fcfc9c9421a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 21:34:43 +00:00
David Anderson
d223637c8a Merge "Allow ueventd to access device-mapper." am: 73d18c2bfe am: 5f2482d0dd 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2591728

Change-Id: Ic8e174ee884e6544b2c547d74bd6da160194b5f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 21:12:25 +00:00
David Anderson
5f2482d0dd Merge "Allow ueventd to access device-mapper." am: 73d18c2bfe 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2591728

Change-Id: Id226615d89272ce3a09db194464f8bbd3d33cdd8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 20:29:14 +00:00
David Anderson
73d18c2bfe Merge "Allow ueventd to access device-mapper." 2023-05-19 19:43:21 +00:00
Treehugger Robot
7337112178 Merge "Add installd service fuzzer to bindings" am: ae5be3dd8e am: a310d36da8 am: 6dc5922c2a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2595030

Change-Id: I939b50cc2db4f7ee42a3fe8c7a8c1c6abcbfe1a0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 19:27:33 +00:00
Suren Baghdasaryan
8a6f45d363 allow modprobe to load modules from /system/lib/modules/ 
This is needed to load GKI leaf modules like zram.ko.

Bug: 279227085
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I8a8205e50aa00686f478aba5336299e03490bbb5
Merged-In: I8a8205e50aa00686f478aba5336299e03490bbb5
 2023-05-19 19:03:17 +00:00
Treehugger Robot
6dc5922c2a Merge "Add installd service fuzzer to bindings" am: ae5be3dd8e am: a310d36da8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2595030

Change-Id: Ib06e6714e9e6527cbb7465fc25197ebab6ddfb23
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 18:44:09 +00:00