tequilaOS/platform_system_sepolicy

Author	SHA1	Message	Date
Dave McCloskey	a7e47db710	SEPolicy changes to support Attestation Verification Service Bug: 201696614 Change-Id: I4a7a830ba809ed59a030a87c4f479199685d8a42 Test: Verify device boots	2021-10-08 14:53:24 -07:00
Andrew Scull	aedd65ac20	Allow vendor_init to read AVF device configs Bug: 192819132 Test: build Change-Id: Iefa4d2d2dc0a13a9a6c95779d6ebde5cb2834295	2021-10-08 14:51:30 +00:00
Treehugger Robot	a5d1958d3e	Merge "Add sepolicy for com.android.car.framework module"	2021-10-08 06:29:28 +00:00
Jooyung Han	1103fb887a	Merge "virtualizationservice to use "staged" apexes"	2021-10-08 00:26:40 +00:00
Xin Li	2b2247f14c	Merge "Merge Android 12"	2021-10-07 23:50:37 +00:00
Treehugger Robot	27d22e670a	Merge "Fix error in systemui when toggling airplane mode"	2021-10-07 16:17:57 +00:00
David Anderson	2c6b2326a7	Merge "allow init to set status on loop device"	2021-10-07 15:49:18 +00:00
Keun young Park	44025b07eb	Add sepolicy for com.android.car.framework module Bug: 192665266 Test: build Change-Id: I69036c20a3bae10e34a3c076eb8e1c7c2f1d2517	2021-10-07 00:45:19 +00:00
Xin Li	ca1bb9d4d0	Merge Android 12 Bug: 202323961 Merged-In: Icd70009f62d023fb68bb1355f804f9489362c0ed Change-Id: I7fbd1b2ee2ba72e90ce098f235f2f7a927898c09	2021-10-06 22:55:14 +00:00
Treehugger Robot	21dac7a746	Merge "Add media.resolution.limit.32bit to media_config_prop" am: `a257817b5d` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1840355 Change-Id: Icd70009f62d023fb68bb1355f804f9489362c0ed	2021-10-05 17:33:32 +00:00
Treehugger Robot	a257817b5d	Merge "Add media.resolution.limit.32bit to media_config_prop"	2021-10-05 17:13:35 +00:00
Nicolas Geoffray	d6d00365f1	Merge "Allow system server to map zygote_tmpfs files." am: `02211e449d` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1844917 Change-Id: I738edf09d8cd58e15ce0e4d987c902ad7b660de9	2021-10-05 16:14:57 +00:00
Nicolas Geoffray	02211e449d	Merge "Allow system server to map zygote_tmpfs files."	2021-10-05 16:02:56 +00:00
Nicolas Geoffray	cd470d1e51	Allow system server to map zygote_tmpfs files. Needed for an ART optimization. Test: build Change-Id: I120cdbe410248ac08f4e56cdeb6588681630a964	2021-10-05 15:03:54 +01:00
Jooyung Han	970166fb4a	virtualizationservice to use "staged" apexes Virtualizationservice queries "package_native" service to get staged apex info and then reads staged apexes to VM. Bug: 199146189 Test: MicrodroidHostTestCases Change-Id: Icbfe5b9a05abc08d3e0270d15969f632b3f57c66	2021-10-05 19:57:20 +09:00
Treehugger Robot	1e04545bb3	Merge "Allow compos_fd_server to signal readiness" am: `a12dc09f78` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1844302 Change-Id: Ia0cd0cbb89675f1de7e4e3e450a5aa6dae2ef2d8	2021-10-05 10:08:17 +00:00
Treehugger Robot	a12dc09f78	Merge "Allow compos_fd_server to signal readiness"	2021-10-05 09:44:27 +00:00
Enrico Granata	393ebdda04	Merge "Introduce ro.boot.hypervisor properties" am: `dd35626853` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1843773 Change-Id: I4ff9a7c008590a5ca17987aac95c5afab441f392	2021-10-04 19:20:47 +00:00
Enrico Granata	dd35626853	Merge "Introduce ro.boot.hypervisor properties"	2021-10-04 19:10:28 +00:00
Treehugger Robot	1ad1e9240e	Merge "Strip excess spaces in build_policy" am: `7ba07be13f` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1842578 Change-Id: I5509e6c9fec808646d0ba38bf94d2d0439243dcf	2021-10-04 18:40:11 +00:00
Treehugger Robot	7ba07be13f	Merge "Strip excess spaces in build_policy"	2021-10-04 18:28:56 +00:00
Enrico Granata	645c390d1a	Introduce ro.boot.hypervisor properties In virtualized deployments of Android, it can be useful to have access to a description of the hypervisor/host environment being used to run the guest OS instance. This is represented by means of a new system property ro.boot.hypervisor.version, which is meant to convey a free-form descriptor of the current host/hypervisor version The property is meant to be provided to Android as androidboot. by whatever host-specific means are used to supply other boot properties to the target Android instance. Access could be later opened to other vendor processes to set if needed for specific setups where init is not a sufficiently-early stage for host/guest communication. Such setups are not known at this time. For a native Android incantation, the property defaults to being missing Other properties could later be added to this same namespace and context if they turn out to be useful in specific scenarios. Bug: 178749018 Test: build cuttlefish Change-Id: Id721c14ef1958b525c2866a660dcae8fd176a79d	2021-10-04 11:14:03 -06:00
Beth Thibodeau	a279bdba64	Fix error in systemui when toggling airplane mode Fixes: 197722115 Test: manual - toggle, no avc: denied message Change-Id: I17929f7cb77a4ba4f9720783c9913243f74db080	2021-10-04 15:34:19 +00:00
Daniele Di Proietto	43ace3bad3	Merge "Allow init to run perfetto" am: `6634fe524e` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1842419 Change-Id: If4405103e120e70b7dc6035d24261d35bc4a31ca	2021-10-04 13:38:30 +00:00
Daniele Di Proietto	6634fe524e	Merge "Allow init to run perfetto"	2021-10-04 13:20:48 +00:00
Alan Stokes	ad6e12644c	Allow compos_fd_server to signal readiness We pass the write end of a pipe to fd_server which it uses to signal when it is ready to serve. Bug: 201764092 Test: atest ComposTestCase Change-Id: Id952e953e79f6cef9c8f0c847a303a3a854f2248	2021-10-04 14:12:02 +01:00
Beth Thibodeau	4390433734	[automerger skipped] Merge "make ril.cdma.inecmmode system property internal so that it cannot reveal a system api that requires READ_PRIVILEGED_PHONE_STATE" am: `79485f5e45` -s ours am skip reason: Merged-In I65f4121fc300447af7d516676166bc8b0b53b727 with SHA-1 `d65a7bf37e` is already in history Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1843853 Change-Id: Ia6a50fef401234131965a98953646b0ce163ad2c	2021-10-01 23:12:56 +00:00
Beth Thibodeau	79485f5e45	Merge "make ril.cdma.inecmmode system property internal so that it cannot reveal a system api that requires READ_PRIVILEGED_PHONE_STATE"	2021-10-01 22:58:31 +00:00
Nazanin	b373dd0df2	make ril.cdma.inecmmode system property internal so that it cannot reveal a system api that requires READ_PRIVILEGED_PHONE_STATE Bug: 183410189 Bug: 197722115 Test: adb shell getprop -Z Change-Id: I65f4121fc300447af7d516676166bc8b0b53b727 Merged-In: I65f4121fc300447af7d516676166bc8b0b53b727	2021-10-01 21:36:49 +00:00
Justin Yun	7ad553f5d5	Define ro.vendor.api_level am: `785bb7a815` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1839637 Change-Id: I4dbca94dc1f04fac3fdbfd5b69ebd7621e6af93c	2021-10-01 03:32:50 +00:00
Liangcai Fan	486be79cb7	allow init to set status on loop device Bug: 200904398 Change-Id: I02b0a4edcd47e325da7ec8200d5167485e4084c9 Signed-off-by: Liangcai Fan <liangcai.fan@unisoc.com>	2021-10-01 10:49:40 +08:00
Cole Faust	087d527fd3	Strip excess spaces in build_policy build_policy gathers a list of files for a given set of folders and filenames. It's possible that a certain folder doesn't have a certain filename, in which case the $(wildcard) command will resolve to an empty string, and there will be sections of many contiguous spaces in the resulting list of files. These contiguous spaces can show up in the build.ninja files. When using a starlark-based device configuration, the number of spaces is slightly different. $(strip) not only removes spaces from the beginning/end of text, but it also deduplicates any spaces in the middle. Use it to get rid of the extra spaces so we have more consistent build.ninja files. Bug: 201700692 Test: ./build/bazel/ci/rbc_product_config.sh aosp_arm64-userdebug with board config changes patched in Change-Id: I4f458e7805588072ec55be324ece6d2faca4cdd6	2021-09-30 15:48:34 -07:00
Daniele Di Proietto	dbbe5c034e	Allow init to run perfetto Bug: 201387964 Change-Id: I20bb6cd32b9b7d6e0be1ca1fef2bff6f9165bb04	2021-09-30 18:19:19 +01:00
Wonsik Kim	f648327a97	Add media.resolution.limit.32bit to media_config_prop Bug: 194771349 Test: cts/media/device-small Change-Id: I79cb1580604780e8829844cba2502d2196d93f27	2021-09-30 00:44:58 -07:00
Justin Yun	785bb7a815	Define ro.vendor.api_level ro.vendor.api_level will have the api_level that the vendor images are required to implement based on the various api level properties. Bug: 200258600 Test: getprop ro.vendor.api_level Change-Id: Ie4f71ef920f03bdbc0a904936c26f092429fcd7f	2021-09-29 15:34:19 +09:00
Xin Li	b658c31c68	Merge "Merge SP1A.210812.016" into stage-aosp-master	2021-09-29 05:32:39 +00:00
Treehugger Robot	adfb381f7e	Merge changes from topic "se_policy_binary" am: `f958c5ca73` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1837474 Change-Id: I70a3778766efdc978af7ea3a9caf8538d03f62b6	2021-09-29 04:10:28 +00:00
Inseob Kim	4a498796f6	Add se_policy_binary module am: `b9d0511de4` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1837473 Change-Id: Ib2b75caa402dc85b4584bf9ce43008c0f3bae61d	2021-09-29 04:10:26 +00:00
Treehugger Robot	f958c5ca73	Merge changes from topic "se_policy_binary" * changes: Migrate system sepolicy binaries to Soong Add se_policy_binary module	2021-09-29 03:52:48 +00:00
Xin Li	e69c4ae635	Merge SP1A.210812.016 Merged-In: I7dec0a3d82c82b5dea4b5f3f38d9170bb1f40840 Change-Id: Idf4f6bebc2c849811bac8f6df34d1cd997978bb8	2021-09-28 19:55:59 +00:00
Xin Li	9c9f88950e	DO NOT MERGE - Empty merge to indicate SP1A.210812.001 is already merged Merged-In: I32d5f01284c3622f9528d49cbee88049cb9e2a7f Change-Id: I8722b68f836a019a71282c68edc4bd1a59246807	2021-09-28 07:55:10 +00:00
Yifan Hong	fb6d9ed006	Merge "/*_dlkm/etc is vendor_configs_file." am: `a07b83c1c6` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1838053 Change-Id: I06e95120d8643e276da8cd74c31ad645da118e49	2021-09-28 05:50:02 +00:00
Yifan Hong	a07b83c1c6	Merge "/*_dlkm/etc is vendor_configs_file."	2021-09-28 05:37:47 +00:00
Inseob Kim	4d90b7e78b	Migrate system sepolicy binaries to Soong Bug: 33691272 Test: m selinux_policy Test: boot microdroid Change-Id: I9210be15b06e0dba01677d5bfe7b27a0ec21eb11	2021-09-28 01:21:39 +00:00
Yifan Hong	0f4fb284d1	/*_dlkm/etc is vendor_configs_file. For e.g. /vendor_dlkm/etc/NOTICE.xml.gz Test: pass Fixes: 201090220 Change-Id: I56e2bec26cad11e9919729410c7ee08683ea2f01	2021-09-27 13:33:22 -07:00
Nikita Ioffe	719dcf8a6d	Merge "Cleanup sepolicy related to APEX pre/post-install hooks" am: `8d003bc3c0` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1830234 Change-Id: Ie36d5a58c783962b93436b60605ea7f838735931	2021-09-27 20:33:01 +00:00
Nikita Ioffe	8d003bc3c0	Merge "Cleanup sepolicy related to APEX pre/post-install hooks"	2021-09-27 20:16:54 +00:00
Inseob Kim	b9d0511de4	Add se_policy_binary module se_policy_binary module compiles cil files to sepolicy binary file. Bug: 33691272 Test: build Change-Id: Id20183d0ac797fc68356feaad9df0d0bccc81c14	2021-09-27 13:13:46 +00:00
Jiakai Zhang	20c36de280	Merge "Remove dalvik.vm.dex2oat-updatable-bcp-packages-file from sepolicy." am: `b9443cc3fa` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1832481 Change-Id: Idebce55dcf5f6cfe2c7a6eb5e695c9bf4b7018ed	2021-09-27 11:55:00 +00:00
Jiakai Zhang	b9443cc3fa	Merge "Remove dalvik.vm.dex2oat-updatable-bcp-packages-file from sepolicy."	2021-09-27 11:38:26 +00:00

1 2 3 4 5 ...

32837 commits