Commit graph

163 commits

Author SHA1 Message Date
Dan Cashman
ebea2b459c Record netd_stable_secret_prop in compat infra.
Commit: abb1ba6532 added policy for a
new property, which was not present in O.  This policy introduced a
new type.  Record it as such.

Bug: 62573845
Test: None, prebuilt change only.
Change-Id: I7d90cd69a5e6e29677598cc109676d5b1ce5ba05
2017-07-05 09:18:14 -07:00
Dan Cashman
3eed3eacfb Map mediaprovider to priv_app in 26.0 compat mapping
Commit: bde5c8013d added a new type,
mediaprovider, which is being applied to an object (process) formerly
labeled as priv_app. Add the new type to the versioned attribute for
priv_app so that any vendor policy written for interaction with
mediaprovider continues to work.

Bug: 62573845
Test: None.  Prebuilt-only change.
Change-Id: Id98293369401a2af23c2328a1cb4a5bb2258aac8
2017-07-05 09:16:48 -07:00
Dan Cashman
e78e8dcf11 Record timezone_service in compat infra.
Commit: 50889ce0eb added policy for a
new service, which was not present in O.  This policy introduced a
new type.  Record it as such.

Bug: 62573845
Test: None, prebuilt change only.
Change-Id: If9cfaff813c47d3b1c8374e8abfb4aedb902d486
2017-07-05 09:15:21 -07:00
Dan Cashman
b1c4967e8a Record tombstoned_java_trace_socket in compat record.
Commit: 11bfcc1e96 added policy for
a new socket which was not present in O.  This socket has a new
type associated with it.  Record the type as a new type so that
compatibility testing will not complain.

Bug: 62573845
Test: None, prebuilt change only.
Change-Id: I375fc9ca0bd201e277a0302d9b34c0da0eb40fbd
2017-07-05 09:13:50 -07:00
Dan Cashman
f875ee074c Add compat changes for e2fs addition.
Commit 5f573ab2aa added policy for
the additions of upstream fs tools.  Make sure the new types are
denoted as such (no object relabeling needs to be done) and that
objects which are relabeled are.

Bug: 35219933
Bug: 62573845
Test: None. Prebuilt change only.
Change-Id: I6515e05ebc60ca08e98029f471cf2861826036fc
2017-07-05 09:11:28 -07:00
Andreas Gampe
8c7514adb1 Sepolicy: Give asan_extract access to powerctl
rc-style powerctl has beem removed. Accordingly, asan_extract now
needs access to sys.powerctl directly.

(orginally commit: 8267208921)

Bug: 36458146
Bug: 38241921
Test: Builds and boots.
Change-Id: I7d6e583f5e98b671986a2071abf157c86e288a10
2017-06-27 15:38:29 -07:00
Dan Cashman
c10e0e552f Add domain_deprecated to bluetooth domains in 26.0.
domain_deprecated is a private attribute, which means that none of
its rules will be copied to vendor policy.  Unfortunately, this
means that any public type that used the attribute now loses policy
rules on which a vendor may have been relying unknowingly.  Add the
domain back in the compatiblity file so that O vendor policy remains
sufficient.

Bug: 62573845
Test: None, prebuilt change and prebuilt tests not in yet.
Change-Id: I2c4ce00ecb102f087472e183fa52d072fe6eb398
2017-06-27 11:42:40 -07:00
Tom Cherry
cfc625d14a remove /dev/log
This was marked deprecated in 2014 and removed in 2015, let's remove
the sepolicy now too.

(Originally submitted in commit: 8c60f74dcc)

Bug: 38242876
Test: Builds and boots.

Change-Id: I4caa0dbf77956fcbc61a07897242b951c275b502
2017-06-27 10:10:22 -07:00
Josh Gao
3458ec135e Add /dev/kmsg_debug.
Add /dev/kmsg_debug on userdebug devices, to allow crash_dump to log
crashes to dmesg when logd isn't up yet (or is the one crashing).

(Originally commited in a015186fab)
Bug: 36574794
Bug: 62101480
Test: Builds and boots.
Change-Id: I249e11291c58fee77098dec3fd3271ea23363ac9
2017-06-27 07:20:44 -07:00
Dan Cashman
55c7750482 Update sepolicy 26.0 prebuilts again, again.
Bug: 37896931
Test: none, just prebuilt update.
Change-Id: I55b5179f98703026699a59cce4b2e1afb166fd1d
2017-06-22 14:32:21 -07:00
Dan Cashman
148578a623 Update 26.0 SELinux prebuilts.
More changes went into oc-dev after the freeze-date.  Reflect them.

Bug: 37896931
Test: prebuilts - none.
Change-Id: I3300751ea7362d5d96b327138544be65eb9fc483
2017-06-19 11:28:09 -07:00
Dan Cashman
5e4e0d7fba Add mapping compatibility file for sepolicy api lvl 26.0
commit: 5c6a227ebb added the oc-dev
sepolicy prebuilts (api 26.0), but did not include the corresponding
base mapping file, which is to be maintained along with current
platform development in order to ensure backwards compatibility.

Bug: 37896931
Test: none, this just copies the old mapping file to prebuilts.
Change-Id: Ia5c36ddab036352845878178fa9c6a9d649d238f
2017-06-13 08:33:15 -07:00
Dan Cashman
5c6a227ebb Commit oc-dev sepolicy to prebuilts.
Copy the final system sepolicy from oc-dev to its prebuilt dir
corresponding to its version (26.0) so that we can uprev policy and
start maintaining compatibility files, as well as use it for CTS
tests targeting future platforms.

Bug: 37896931
Test: none, this just copies the old policy.
Change-Id: Ib069d505e42595c467e5d1164fb16fcb0286ab93
2017-06-06 10:27:37 -07:00