tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
702 commits 1 branch 0 tags 50 MiB
Commit graph

702 commits

This branch
This branch
All branches
Author SHA1 Message Date
Torne (Richard Coles)
70d4b33b66 Merge "SELinux policy: let adbd drop Linux capabilities." 
Manual merge to get automerger going again.

Conflicts:
	adbd.te

Change-Id: Ibf8db0306b421a3426e925cf9c8f253bbcd500b3
 2013-05-10 11:00:02 +01:00
Geremy Condra
31083f9031 am 1adb7ca3: Merge "SELinux policy: let vold create /data/tmp_mnt" into jb-mr2-dev 
* commit '1adb7ca34f1049e7bac48cf0b24c8320c34b17b6':
  SELinux policy: let vold create /data/tmp_mnt
 2013-05-09 23:40:32 -07:00
Alex Klyubin
dc3853f4bb am 3b9fd5ff: SELinux policy: let adbd drop Linux capabilities. 
* commit '3b9fd5ffcd3badffc08e3e71ba4cc41d3a73c9e4':
  SELinux policy: let adbd drop Linux capabilities.
 2013-05-09 23:40:32 -07:00
Geremy Condra
1adb7ca34f Merge "SELinux policy: let vold create /data/tmp_mnt" into jb-mr2-dev 2013-05-10 00:34:52 +00:00
Alex Klyubin
7de339a16a SELinux policy: let vold create /data/tmp_mnt 
Change-Id: I40f3ccd9813e0a337ced0a44e686ab489277d78b
 2013-05-09 17:33:49 -07:00
Alex Klyubin
3b9fd5ffcd SELinux policy: let adbd drop Linux capabilities. 
Change-Id: Id41891b89c7b067919cbda06ab97d5eff2ad044f
 2013-05-10 00:30:23 +00:00
Alex Klyubin
d050c79b64 SELinux policy: let vold write to device:dir. 
I have no idea what vold is doing when this operation is attempted
(when a full-disk encrypted device is booting up). Thus, I don't know
if there is a better way of restricting the policy.

Change-Id: I537b70b1abb73c36e5abf0357b766292f625e1af
 2013-05-09 17:07:22 -07:00
Alex Klyubin
231f884912 am e5e98aef: resolved conflicts for merge of 77ec892b to jb-mr2-dev-plus-aosp 
* commit 'e5e98aef40f7e721a1c1a65aa4a4c43221c83999':
  SELinux policy for users of libcutils klog_write.
 2013-05-09 15:57:10 -07:00
Alex Klyubin
e5e98aef40 resolved conflicts for merge of 77ec892b to jb-mr2-dev-plus-aosp 
Change-Id: Ia9f34580a35d3f5ff7ea0ac9a3784d2650e61b6a
 2013-05-09 14:05:10 -07:00
Alex Klyubin
77ec892be6 SELinux policy for users of libcutils klog_write. 
klog_write/init create /dev/__kmsg__ backed by a kernel character
device, keep the file descriptor, and then immediately unlink the
file.

Change-Id: I729d224347a003eaca29299d216a53c99cc3197c
 2013-05-09 12:39:32 -07:00
Geremy Condra
521351db86 am 8eb7d672: am 5d54d483: Merge "SELinux policy: let vold setsched of kernel processes." into jb-mr2-dev 
* commit '8eb7d6727b26d85ee4f450b1ce80aca8162321c4':
  SELinux policy: let vold setsched of kernel processes.
 2013-05-09 12:39:20 -07:00
Geremy Condra
8eb7d6727b am 5d54d483: Merge "SELinux policy: let vold setsched of kernel processes." into jb-mr2-dev 
* commit '5d54d483a0f2907e0e32c798c908a4cea4a426eb':
  SELinux policy: let vold setsched of kernel processes.
 2013-05-09 10:53:46 -07:00
Geremy Condra
5d54d483a0 Merge "SELinux policy: let vold setsched of kernel processes." into jb-mr2-dev 2013-05-09 17:49:48 +00:00
Geremy Condra
09a88a633e Merge "Remove sys_boot" 2013-05-09 17:25:16 +00:00
Nick Kralevich
2bfb59df61 Remove sys_boot 
sys_boot is not needed for adb as of system/core commit
ca8e66a8b0f843812014a28d49208f9f6f64ecbc

sys_boot is not needed for system server as of frameworks/base
commit dbcf2d7482562eff45ac727cea799b37a260e399

Change-Id: I61379ea858e05acd239c9b16e4e2bf454af3f51c
 2013-05-09 09:08:25 -07:00
gcondra@google.com
f4ebcd676e am 67476823: am 5a745c89: Merge "Add rules for asec containers." into jb-mr2-dev 
* commit '6747682319d52b2159444acf4122bfc9521bdb33':
  Add rules for asec containers.
 2013-05-08 15:05:22 -07:00
Geremy Condra
b03f510dca am a5550560: am 84beb00a: Merge "SELinux policy granting vold the capability to reboot." into jb-mr2-dev 
* commit 'a55505605e2c69f4b095ef554acea5a5e2800e1c':
  SELinux policy granting vold the capability to reboot.
 2013-05-08 15:04:47 -07:00
gcondra@google.com
194f7c46e9 am e0d8570a: am 2cb928ba: Remove special rules for interacting with sockets from init. 
* commit 'e0d8570a2faa73ad2190302c1bbcb4344cac60d4':
  Remove special rules for interacting with sockets from init.
 2013-05-08 15:04:08 -07:00
gcondra@google.com
3e943aebdf am 1d6c682e: am fb076f8b: Add temporary policy for wpa_supplicant. 
* commit '1d6c682e870aeda3db38d46754d41a7d2a98a16e':
  Add temporary policy for wpa_supplicant.
 2013-05-08 15:03:36 -07:00
Alex Klyubin
c341f23e1c SELinux policy: let vold setsched of kernel processes. 
Change-Id: I2b7bf3037c94de4fecf3c3081497e0ac1dfef8a9
 2013-05-08 14:41:45 -07:00
gcondra@google.com
6747682319 am 5a745c89: Merge "Add rules for asec containers." into jb-mr2-dev 
* commit '5a745c899b16d72411d4a5886108a4483ebeb8e4':
  Add rules for asec containers.
 2013-05-08 14:20:36 -07:00
repo sync
5a745c899b Merge "Add rules for asec containers." into jb-mr2-dev 2013-05-08 21:19:08 +00:00
repo sync
11153ef349 Add rules for asec containers. 
Change-Id: I91f6965dafad54e98e2f7deda956e86acf7d0c96
 2013-05-08 14:18:33 -07:00
Geremy Condra
a55505605e am 84beb00a: Merge "SELinux policy granting vold the capability to reboot." into jb-mr2-dev 
* commit '84beb00a47215805127c13b0bcda6facc8e889bb':
  SELinux policy granting vold the capability to reboot.
 2013-05-08 12:58:11 -07:00
Geremy Condra
84beb00a47 Merge "SELinux policy granting vold the capability to reboot." into jb-mr2-dev 2013-05-08 19:54:16 +00:00
Alex Klyubin
3b5923fe1b SELinux policy granting vold the capability to reboot. 
vold reboots needs to reboot the system when it succeeds or fails to
encrypt partitions.

Change-Id: Ibb1a5378228be60215162ae248e6c1049a16b830
 2013-05-08 12:42:50 -07:00
gcondra@google.com
e0d8570a2f am 2cb928ba: Remove special rules for interacting with sockets from init. 
* commit '2cb928ba4ecc6e267bf88d8f0085b9236f2a151c':
  Remove special rules for interacting with sockets from init.
 2013-05-08 05:17:10 -07:00
repo sync
2cb928ba4e Remove special rules for interacting with sockets from init. 
Change-Id: I544c0c1bbe84834970958a65fcef1d10e7e29047
 2013-05-07 22:12:59 -07:00
gcondra@google.com
1d6c682e87 am fb076f8b: Add temporary policy for wpa_supplicant. 
* commit 'fb076f8b115cf0bb888fcfdef4e9f1e54f101d88':
  Add temporary policy for wpa_supplicant.
 2013-05-07 17:01:29 -07:00
repo sync
fb076f8b11 Add temporary policy for wpa_supplicant. 
This allows wpa_supplicant to interact with the sockets created
for it by init. Eventually we'll want those to be properly
labelled, but allow until then.

Change-Id: I33fcd22173a8d47bbc4ada8d6aa62b4d159cbb15
 2013-05-07 16:58:01 -07:00
Geremy Condra
816cf987a1 am a1890d1f: am 59e40a04: Merge "SELinux policy that separates "init_shell" from "shell"." into jb-mr2-dev 
* commit 'a1890d1f427046ccc127884a3804f86916212b18':
  SELinux policy that separates "init_shell" from "shell".
 2013-05-07 10:01:35 -07:00
Jon Larimer
23d0568f8b am 3cbc06c2: am c65b2ba3: Update wpa_supplicant policy 
* commit '3cbc06c2e3ed6cc858f46b9b5b379ae0276035ce':
  Update wpa_supplicant policy
 2013-05-07 10:01:34 -07:00
Alex Klyubin
f164843fa1 am b2aea99f: am 3123b1ee: SELinux policy for Bluetooth properties. 
* commit 'b2aea99ffd8111536264e2f04867297876a3e769':
  SELinux policy for Bluetooth properties.
 2013-05-06 16:20:38 -07:00
Geremy Condra
a1890d1f42 am 59e40a04: Merge "SELinux policy that separates "init_shell" from "shell"." into jb-mr2-dev 
* commit '59e40a04e2aa5b8e0dff9942cde04704d2ce3524':
  SELinux policy that separates "init_shell" from "shell".
 2013-05-06 15:53:39 -07:00
Geremy Condra
59e40a04e2 Merge "SELinux policy that separates "init_shell" from "shell"." into jb-mr2-dev 2013-05-06 22:51:51 +00:00
Jon Larimer
3cbc06c2e3 am c65b2ba3: Update wpa_supplicant policy 
* commit 'c65b2ba33871da9b241473b6f1a64775c9c49603':
  Update wpa_supplicant policy
 2013-05-06 15:43:58 -07:00
Alex Klyubin
8199123c8d SELinux policy that separates "init_shell" from "shell". 
"init_shell" is used for shell processes spawned by init.

Change-Id: I9e35d485bac91f3d0e4f3704acdbb9af7d617173
 2013-05-06 14:42:56 -07:00
Jon Larimer
c65b2ba338 Update wpa_supplicant policy 
Change-Id: I9b05f0f2ce6c6c52b4207cac3120f06565b7da30
 2013-05-06 16:29:42 -04:00
Alex Klyubin
b2aea99ffd am 3123b1ee: SELinux policy for Bluetooth properties. 
* commit '3123b1eef7c15dee0b0df72c6a3017f1797a278d':
  SELinux policy for Bluetooth properties.
 2013-05-06 11:12:06 -07:00
Alex Klyubin
3123b1eef7 SELinux policy for Bluetooth properties. 
Properties under bluetooth. and persist.service.bdroid. are
considered Bluetooth-related properties.

Change-Id: Iee937d9a1184c2494deec46f9ed7090c643acda7
 2013-05-06 10:18:27 -07:00
Geremy Condra
ea2df95653 am c6bd976c: am a3c29c5f: Merge "Expand permissions for 3 existing allow policies for rild and a new one for rild." into jb-mr2-dev 
* commit 'c6bd976cd354634863c7b99b6a0bb0a94433142a':
  Expand permissions for 3 existing allow policies for rild and a new one for rild.
 2013-05-03 11:20:38 -07:00
Geremy Condra
c6bd976cd3 am a3c29c5f: Merge "Expand permissions for 3 existing allow policies for rild and a new one for rild." into jb-mr2-dev 
* commit 'a3c29c5fe0b398fa560e6636c8eeff88d1c21f72':
  Expand permissions for 3 existing allow policies for rild and a new one for rild.
 2013-05-03 11:18:54 -07:00
Geremy Condra
ad81e75acb am e4c23f09: am 97ff811c: Merge "Add non_system_app_set" 
* commit 'e4c23f096b6b21b247df2710ff8449afa921d56e':
  Add non_system_app_set
 2013-05-03 10:51:05 -07:00
Geremy Condra
e4c23f096b am 97ff811c: Merge "Add non_system_app_set" 
* commit '97ff811c0b4bfb18cd012587b7f8519e910920b0':
  Add non_system_app_set
 2013-05-03 10:50:04 -07:00
Geremy Condra
97ff811c0b Merge "Add non_system_app_set" 2013-05-03 17:38:44 +00:00
Geremy Condra
a3c29c5fe0 Merge "Expand permissions for 3 existing allow policies for rild and a new one for rild." into jb-mr2-dev 2013-05-03 00:58:30 +00:00
William Luh
b4ab72d52a Expand permissions for 3 existing allow policies for rild and a new one for rild. 
Change-Id: Iafe68ac1b742e40c1a23a2f6cfd6373ea89cc07b
 2013-05-02 17:57:14 -07:00
gcondra@google.com
cd308f8c1b am b40d5972: am ca326e2c: Add policy for ping. 
* commit 'b40d5972a1354acf77c33de6e7e67c5789dda67b':
  Add policy for ping.
 2013-05-02 14:40:48 -07:00
gcondra@google.com
b40d5972a1 am ca326e2c: Add policy for ping. 
* commit 'ca326e2c64f2e3ea0e68809bba9d53cd9627d971':
  Add policy for ping.
 2013-05-02 14:38:50 -07:00
repo sync
ca326e2c64 Add policy for ping. 
Change-Id: I168f681d8c67f470b6e639f0b1bf39346c4eb396
 2013-05-02 14:35:41 -07:00