tequilaOS/platform_system_sepolicy

Author	SHA1	Message	Date
Sal Savage	45b7782c2b	Merge "Add sepolicy for Battery Service client role sysprop"	2022-03-15 01:31:07 +00:00
Sal Savage	73fdf668af	Add sepolicy for Battery Service client role sysprop Bug: 224176587 Test: Build, this change only defines the sysprop policy Change-Id: I27fe872955e45e241948e966b3b10834cfd36135	2022-03-12 15:10:48 -08:00
Xin Li	631f68045e	Merge "Merge Android 12L"	2022-03-08 06:53:24 +00:00
Evan Rosky	5cfdf2bd6e	Add a persist.wm.debug property type and associated permissions This is intended for wm properties related to wmshell/sysui. Using this context allows sysui to manipulate these properties in debug builds. Bug: 219067621 Test: manual Change-Id: I5808bf92dbba37e9e6da5559f8e0a5fdac016bf3	2022-03-07 19:44:59 +00:00
Treehugger Robot	27553e2b3e	Merge "Add ro.lmk.stall_limit_critical property policies" am: `ffad0ee0e1` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1992292 Change-Id: Ie94a54c2fcd4f206fde3a840ab5c448725e4430a	2022-02-22 11:19:32 +00:00
Suren Baghdasaryan	e121dc5ae2	Add ro.lmk.stall_limit_critical property policies Add policies to control ro.lmk.stall_limit_critical lmkd property. Bug: 205182133 Signed-off-by: Suren Baghdasaryan <surenb@google.com> Change-Id: Ie5e68dc358c1657501cb59afaba0385697210ccf	2022-02-18 13:39:28 -08:00
Xin Li	77c821174e	Merge sc-v2-dev-plus-aosp-without-vendor@8084891 Bug: 214455710 Merged-In: I129b5cb74259c9c028483e84c9b2ac3597c24701 Change-Id: I47ca55be668b9b2aabf86963b65b1403130ab802	2022-02-11 06:58:07 +00:00
Florian Mayer	94782041d1	Merge "[MTE] Add property to specify default MTE mode for apps."	2022-02-10 23:38:23 +00:00
Alexander Potapenko	0a64d100b8	dmesgd: sepolicies dmesgd is a daemon that collects kernel memory error reports. When system_server notices that a kernel error occured, it sets the dmesgd.start system property to 1, which results in init starting dmesgd. Once that happens, dmesgd runs `dmesg` and parses its output to collect the last error report. That report, together with the headers containing device- and build-specific information is stored in Dropbox. Empirically, dmesgd needs the following permissions: - execute shell (for popen()) and toolbox (for dmesg), read system_log (for dmesg) - read /proc/version (to generate headers) - perform Binder calls to servicemanager and system_server, find dropbox_service (for dropbox) - create files in /data/misc/dmesgd (to store persistent state) Bug: 215095687 Test: run dmesgd on a user device with injected KFENCE bugs Change-Id: Iff21a2ffd99fc31b89a58ac774299b5e922721ea	2022-02-10 17:42:52 +00:00
Florian Mayer	360ddf5583	[MTE] Add property to specify default MTE mode for apps. Bug: 216305376 Change-Id: I9374c8681510037279deaf3e5ae011e8f9111f17	2022-02-09 22:13:59 +00:00
Steven Moreland	c27d24c37c	Allow BPF programs from vendor. Who needs all those context switches? bpfloader controls which types of vendor programs can be used. Bug: 140330870 Bug: 162057235 Test: successfully load bpf programs from vendor Change-Id: I36e4f6550da33fea5bad509470dfd39f301f13c8	2022-02-08 22:46:54 +00:00
Florian Mayer	6020c42f2b	Rename property for default MTE mode. This was requested in aosp/1959650. Change-Id: I96f8771a39606b0934e4455991a6a34aea40235b	2022-02-07 11:27:20 -08:00
Treehugger Robot	7b7a42e6cf	Merge "bluetooth.device.class_of_device should be type string"	2022-02-04 00:38:52 +00:00
Sal Savage	724381a97a	bluetooth.device.class_of_device should be type string Bug: 217452259 Test: Manual, set property in system.prop, build, flash, make sure value is reflected in getprop \| grep bluetooth.device Change-Id: Id4bfebb4da5bcd64ea4bac8e3c9e9754c96256c6	2022-02-02 14:13:41 -08:00
Andrew Scull	87ac3c3f80	Tag new hypervisor properties The properties that report hypervisor capabilities are grouped with the other hypervisor properties for sepolicy. Bug: 216639283 Test: buid Change-Id: I013894de637bb7e40a450df6439ebbd5cba28c2b	2022-02-01 18:17:10 +00:00
Etienne Ruffieux	cdd0c11743	Bluetooth boot time start service Added new sysprops to retrieve Bluetooth configs Tag: #feature Test: manual Bug: 216497194 Change-Id: I94c771f87fdeb5497b81d2098193b4cd230654b6	2022-01-28 14:44:15 +00:00
Sal Savage	568662f953	Add sepolicy for new bluetooth device/profile sysprops Bug: 215225542 Test: make -j; atest BluetoothInstrumentationTests Change-Id: Ia532eca413a778b46ea392586d7affc2fd43b90b	2022-01-26 13:09:17 -08:00
Florian Mayer	0f30f3d8ff	Merge "[mte] add property to globally enable mte."	2022-01-25 23:59:01 +00:00
Florian Mayer	be3197c996	[mte] add property to globally enable mte. Bug: 216305376 Change-Id: I25d0b3c9d0e7e6bba14eedf9b833c5e07786ec71	2022-01-25 17:21:58 +00:00
Etienne Ruffieux	bde2fc6c48	Added new context declaration for Bluetooth configs As we need to create new sysprops for Bluetooth mainline configs, we need to have a property context available to vendors and be able to access configs from other packages. Tag: #feature Bug: 211570675 Test: Added overlays and logs Change-Id: If9c61f251578b61c070619069519e0aa563a9573	2022-01-25 01:18:05 +00:00
Akilesh Kailash	20cc7e22c7	Merge "New property to control Async I/O for snapuserd" am: `9de6ad61ff` am: `f3262f89ef` am: `5a333c328c` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1936919 Change-Id: Iafd1a572298d93c5c050d1a1ccfd2e2cc986f81d	2022-01-14 00:58:34 +00:00
Akilesh Kailash	5c5fd255d2	New property to control Async I/O for snapuserd io_uring_setup() system call requires ipc_lock. (avc: denied { ipc_lock } for comm="snapuserd" capability=14 scontext=u:r:snapuserd:s0 tcontext=u:r:snapuserd:s0 tclass=capability permissive=0) Add selinux policy. Bug: 202784286 Test: OTA tests Signed-off-by: Akilesh Kailash <akailash@google.com> Change-Id: I806714c7ade0a5d4821b061396c9f064ee5ed8b6	2022-01-13 06:27:46 +00:00
Treehugger Robot	01aca6282a	Merge "Add apexd_payload_metadata_prop" am: `a6d6b6aee8` am: `a4e0ed83dc` am: `ebd1ff5b25` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1885013 Change-Id: I04921eee21ea7a5f1020c83ed560dd811d0562d4	2021-12-16 20:46:04 +00:00
Richard Fung	0c7c2679b0	Add apexd_payload_metadata_prop This should be read-only and corresponds to apexd.payload_metadata.path Bug: 191097666 Test: android-sh -c 'setprop apexd.payload_metadata.path' See permission denied atest MicrodroidHostTestCases Change-Id: Ifcb7da1266769895974d4fef86139bad5891a4ec	2021-12-16 03:00:06 +00:00
Etienne Ruffieux	6b40b2a548	Merge "Adding Bluetooth module sysprop" am: `ac45ef86f5` am: `b24560a1a3` am: `409e13a954` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1924341 Change-Id: I90173e9518b4c9ca9197e943bad3d97fd6604798	2021-12-15 20:33:32 +00:00
Etienne Ruffieux	ac45ef86f5	Merge "Adding Bluetooth module sysprop"	2021-12-15 19:14:41 +00:00
Etienne Ruffieux	9203c915d1	Adding Bluetooth module sysprop Added Bluetooth sysprop to be able to remove calls to SystemProperty.set in Bluetooth module. Tag: #feature Bug: 197210455 Test: set/get sysprop with SystemProperties Merged-In: I8070a493fa082ddaa16cd793ed25ad99971950c0 Change-Id: Ia390bd8b3bb064fcae252edb6307e26f07bd53e7	2021-12-15 13:44:33 +00:00
Treehugger Robot	497884ce80	Merge "Add rule for new gesture_prop." am: `ac9f469ff0` am: `29be9a0edf` am: `f3ece72da2` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1918579 Change-Id: I95521666de397326e70f296aa8abaf71ba77d388	2021-12-15 05:53:21 +00:00
Super Liu	078141a921	Add rule for new gesture_prop. Bug: 209713977 Bug: 193467627 Test: local build and manual check. Signed-off-by: Super Liu <supercjliu@google.com> Change-Id: Ib1d2d6dcc7d6ddc6243c806a883d9252d7c081af	2021-12-15 09:32:01 +08:00
Navinprashath	98e74881cf	sepolicy: Add badge for gsm properties am: `d35bd44109` am: `f924bd13f9` am: `c8f99840b8` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1901412 Change-Id: I12da2746152a44f133f4aaca79642f0cd5fca847	2021-11-24 11:59:41 +00:00
Navinprashath	d35bd44109	sepolicy: Add badge for gsm properties Add badge for gsm.operator.iso-country and gsm.sim.operator.iso-country. Test: Manual test Bug: 205807505 Change-Id: If4f399cd97b2297094ef9431450f29e0a91e5300	2021-11-24 16:46:55 +08:00
Akilesh Kailash	fb1cf1f0c1	Merge "New property to control virtual a/b user-space snapshots" am: `b295d44694` am: `ec750298c3` am: `328ce9cccb` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1885106 Change-Id: Ib77dd526257fa5b399adeaccd3cc412e916a36c6	2021-11-22 20:59:46 +00:00
Akilesh Kailash	8a9ec2a496	New property to control virtual a/b user-space snapshots Bug: 193863443 Test: OTA on pixel Signed-off-by: Akilesh Kailash <akailash@google.com> Change-Id: I89e5d105071c2529c9ceb661c04588ff88ffdd76	2021-11-19 23:35:32 +00:00
Daniel Norman	7fdcce2f15	Merge "Revert "Revert "Adds a new prop context for choosing between mul..."" am: `0dd5118c74` am: `a8570d7e9c` am: `8d50c9d1a9` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1894203 Change-Id: I7291a7bf46690584bba8a0963399423e51947eee	2021-11-17 21:48:20 +00:00
Daniel Norman	0dd5118c74	Merge "Revert "Revert "Adds a new prop context for choosing between mul...""	2021-11-17 21:24:28 +00:00
Daniel Norman	2f8ce0d9c1	Revert "Revert "Adds a new prop context for choosing between mul..." Revert "Revert "Adds multi_install_skip_symbol_files field (defa..." Revert submission 1893459-revert-1869814-vapex-multi-config-VKODFOVCWY Reason for revert: Fix-forward in https://r.android.com/1894088 Reverted Changes: I087bfe0dc:Revert "Adds a new prop context for choosing betwe... I27a498506:Revert "Load persist props before starting apexd."... Ib5344edc0:Revert "Allow users to choose between multi-instal... If09bf590e:Revert "Adds multi_install_skip_symbol_files field... I905dac14c:Revert "Demonstrate multi-installed APEXes." Change-Id: I03fb124d4e7044f236539a132816fd96cb814775	2021-11-16 20:28:29 +00:00
Treehugger Robot	edf285ba5a	Merge "Add camera.disable_preview_scheduler property" am: `a594876cfe` am: `1b4714c8e8` am: `1d36f66a48` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1887227 Change-Id: I1141daf446b8205621adb8d8e92a33c8b5850b5f	2021-11-16 15:55:54 +00:00
Owen Kim	29e1bf186a	Merge "Revert "Adds a new prop context for choosing between multi-insta..."" am: `95d7aaa339` am: `a6bd8d83f0` am: `755dee1782` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1893458 Change-Id: I49c519594590927e560fc3cdf5b0f0e2e397cd0f	2021-11-16 09:34:00 +00:00
Owen Kim	95d7aaa339	Merge "Revert "Adds a new prop context for choosing between multi-insta...""	2021-11-16 08:39:27 +00:00
Owen Kim	780cd02d52	Revert "Adds a new prop context for choosing between multi-insta..." Revert "Adds multi_install_skip_symbol_files field (default fals..." Revert submission 1869814-vapex-multi-config Bug: 206551398 Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.googleplex.com/builds/tests/view?invocationId=I55600009996329947&testResultId=TR93527797572038984, bug b/206551398 Reverted Changes: I0cd9d748d:Adds multi_install_skip_symbol_files field (defaul... I5912a18e3:Demonstrate multi-installed APEXes. I0e6881e3a:Load persist props before starting apexd. I932442ade:Adds a new prop context for choosing between multi... I754ecc3f7:Allow users to choose between multi-installed vend... Change-Id: I087bfe0dcf8d6ab38d861b82196bac4e9147e8e6	2021-11-16 07:08:15 +00:00
Daniel Norman	bdb51edfe3	Merge "Adds a new prop context for choosing between multi-installed APEXes." am: `8e276eae6b` am: `d6746bd67a` am: `bee9f24f08` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1869814 Change-Id: I65f054653bd0337cd9f3348b9a160c19315ce4a2	2021-11-16 01:31:11 +00:00
Daniel Norman	8e276eae6b	Merge "Adds a new prop context for choosing between multi-installed APEXes."	2021-11-16 00:45:32 +00:00
Daniel Norman	6b0049dcf0	Adds a new prop context for choosing between multi-installed APEXes. Bug: 199290365 Test: see https://r.android.com/1872018 Change-Id: I932442adefc7ad10d7cd81e61e95efd41f8cf379	2021-11-11 19:11:11 +00:00
Shuzhen Wang	73be025636	Add camera.disable_preview_scheduler property Test: Build and boot Bug: 200306379 Change-Id: I7d0b40de33a2d19c88322eacefe9d7342d55a6f4	2021-11-10 12:22:57 -08:00
Yabin Cui	9119543a23	Merge "Add persist properties for app profiling itself." am: `c1a51d1400` am: `4d053aa5b6` am: `eb0ea30ebb` am: `76bc699869` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1877597 Change-Id: I1cbf9ece16af9306a5f581db8005d841c1031284	2021-11-02 20:19:33 +00:00
Yabin Cui	ee7f40a2a2	Add persist properties for app profiling itself. Bug: 204601121 Test: build and boot. Change-Id: If731c77dd6f2b587178b4f6b8a908df2d96e5d9a	2021-11-01 16:42:08 -07:00
Treehugger Robot	ae198a288a	Merge "Add the property context for ro.lmk.use_minfree_levels" am: `b754ebe4d9` am: `4b144d6a21` am: `f4abed157b` am: `a718092cd3` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1871573 Change-Id: I66ade200fbbc916629e18e6bceef1ae0e22773e3	2021-10-28 01:33:02 +00:00
Robin Lee	0b0dd684e7	Add the property context for ro.lmk.use_minfree_levels This is not settable by vendor init at the moment, which appears to be a mistake because it is often used as a board-level configuration. Change-Id: I7a49d55712e9606446b3e6307627a208657d5da2 Test: adb shell getprop -Z \| grep lmk Bug: 184041905	2021-10-27 13:17:54 +00:00
Bowgo Tsai	7a7e88bddc	Set context for partition.odm.verified[.*] properties. am: `ef1f630c69` am: `b986f376ce` am: `44d3ea4ae9` am: `992f7fbe90` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1864479 Change-Id: I1107a7515d4db25a25f4537053700a88c177c8f9	2021-10-21 11:22:34 +00:00
Bowgo Tsai	ef1f630c69	Set context for partition.odm.verified[.*] properties. Some devices might have the ODM partition so set those properties as well. Bug: 203720638 Test: Presubmit Change-Id: I50ee65e21c471f0691f4c1dfc93be8eb1677ad1b	2021-10-21 16:38:06 +08:00

1 2 3 4 5 ...

623 commits