Commit graph

7 commits

Author SHA1 Message Date
Nicolas Geoffray
6a311471a6 Allow boot animation to update boot status.
This CL was missed from the topic:
https://android-review.googlesource.com/q/topic:bootanim-percent

Test: update ART module, see animation go to 100%
Bug: 184881321
Change-Id: I59706718af11751a7e1f4b5ab1ff2793f554fb19
2021-04-28 15:17:09 +01:00
Robert Horvath
8504938690 Add bootanim property context, ro.bootanim.quiescent.enabled property
Add property & property context to configure whether the bootanimation
should be played in a quiescent boot.

Bug: 185118020
Test: Set property through PRODUCT_PRODUCT_PROPERTIES
Test: Read property from bootanimation process
Change-Id: Ib9e88444da7f5e8000d7367199f5230f1e4d26d9
2021-04-15 14:56:17 +00:00
Jeff Vander Stoep
67896eef07 Reduce graphics logspam
There is no change in behavior. These denials were already
being blocked.

Bug: 79617173
Test: build
Change-Id: Iffd1e5ba42854615eeea9490fe9150678ac98796
2020-04-02 13:43:26 +02:00
Inseob Kim
55e5c9b513 Move system property rules to private
public/property split is landed to selectively export public types to
vendors. So rules happening within system should be in private. This
introduces private/property.te and moves all allow and neverallow rules
from any coredomains to system defiend properties.

Bug: 150331497
Test: system/sepolicy/tools/build_policies.sh
Change-Id: I0d929024ae9f4ae3830d4bf3d59e999febb22cbe
Merged-In: I0d929024ae9f4ae3830d4bf3d59e999febb22cbe
(cherry picked from commit 42c7d8966c)
2020-03-18 16:46:04 +00:00
Joel Galenson
f7ec413844 Dontaudit denials caused by race with labeling.
These denials seem to be caused by a race with the process that labels
the files.  While we work on fixing them, hide the denials.

Bug: 68864350
Bug: 70180742
Test: Built policy.
Change-Id: I58a32e38e6384ca55e865e9575dcfe7c46b2ed3c
2018-02-14 17:07:13 -08:00
Alex Klyubin
f5446eb148 Vendor domains must not use Binder
On PRODUCT_FULL_TREBLE devices, non-vendor domains (except vendor
apps) are not permitted to use Binder. This commit thus:
* groups non-vendor domains using the new "coredomain" attribute,
* adds neverallow rules restricting Binder use to coredomain and
  appdomain only, and
* temporarily exempts the domains which are currently violating this
  rule from this restriction. These domains are grouped using the new
  "binder_in_vendor_violators" attribute. The attribute is needed
  because the types corresponding to violators are not exposed to the
  public policy where the neverallow rules are.

Test: mmm system/sepolicy
Test: Device boots, no new denials
Test: In Chrome, navigate to ip6.me, play a YouTube video
Test: YouTube: play a video
Test: Netflix: play a movie
Test: Google Camera: take a photo, take an HDR+ photo, record video with
      sound, record slow motion video with sound. Confirm videos play
      back fine and with sound.
Bug: 35870313
Change-Id: I0cd1a80b60bcbde358ce0f7a47b90f4435a45c95
2017-03-24 07:54:00 -07:00
dcashman
cc39f63773 Split general policy into public and private components.
Divide policy into public and private components.  This is the first
step in splitting the policy creation for platform and non-platform
policies.  The policy in the public directory will be exported for use
in non-platform policy creation.  Backwards compatibility with it will
be achieved by converting the exported policy into attribute-based
policy when included as part of the non-platform policy and a mapping
file will be maintained to be included with the platform policy that
maps exported attributes of previous versions to the current platform
version.

Eventually we would like to create a clear interface between the
platform and non-platform device components so that the exported policy,
and the need for attributes is minimal.  For now, almost all types and
avrules are left in public.

Test: Tested by building policy and running on device.

Change-Id: Idef796c9ec169259787c3f9d8f423edf4ce27f8c
2016-10-06 13:09:06 -07:00