tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
29075 commits 1 branch 0 tags 50 MiB
Commit graph

29075 commits

This branch
This branch
All branches
Author SHA1 Message Date
Gavin Corkery
e118d6bc62 Merge "Add sepolicy for scheduling module data directories" am: 3bb3559e2e am: 682e05c63b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1588354

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Ibb2695a4945b9cac15f28e6066d2827a9c8bf574
 2021-02-18 23:01:06 +00:00
Gavin Corkery
682e05c63b Merge "Add sepolicy for scheduling module data directories" am: 3bb3559e2e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1588354

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Ida3eeeaf76b95862d475a457e70d6cc618931b1d
 2021-02-18 22:25:42 +00:00
Gavin Corkery
3bb3559e2e Merge "Add sepolicy for scheduling module data directories" 2021-02-18 20:51:51 +00:00
Yi Kong
0ed9c9ec77 Allow profcollect to create/rmdir in its own data dir am: e9d2671e10 am: 0b8d954e06 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1593814

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I3262324b7e316ed216fe92dbc9742adfcb8b24ea
 2021-02-18 18:37:31 +00:00
Yi Kong
0b8d954e06 Allow profcollect to create/rmdir in its own data dir am: e9d2671e10 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1593814

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Ieca9f5ca84264c08b989109176547dc655883f4c
 2021-02-18 18:06:16 +00:00
Josh Gao
7581598e19 Merge "Let apps read tombstones given to them." am: b4a8306599 am: e2942c1e08 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1573547

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I287d6e33b1976c1163baf2e0a9c63f85c976c03c
 2021-02-18 10:10:31 +00:00
Josh Gao
e2942c1e08 Merge "Let apps read tombstones given to them." am: b4a8306599 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1573547

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Ica5f3c44a0322ade9f16a4e7ec8f3df19fa10886
 2021-02-18 09:33:38 +00:00
Yi Kong
e9d2671e10 Allow profcollect to create/rmdir in its own data dir 
Test: boot
Bug: 79161490
Change-Id: Iee0ecd4193bddbbefc7b80ef2ef5f37266995283
 2021-02-18 17:20:21 +08:00
Josh Gao
b4a8306599 Merge "Let apps read tombstones given to them." 2021-02-18 08:40:57 +00:00
Tianjie Xu
f7b3870325 Merge "Give ota.other.vbmeta_digest the proper context" am: 4bda81af5d am: 0ced090549 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1593451

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I6091724f90bf3f2f14536c0e71a4bba20ce2c949
 2021-02-18 05:20:42 +00:00
Tianjie Xu
0ced090549 Merge "Give ota.other.vbmeta_digest the proper context" am: 4bda81af5d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1593451

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I2d05b1beb280e0ba5f61a9aa778b67d8f9800b67
 2021-02-18 04:38:46 +00:00
Tianjie Xu
4bda81af5d Merge "Give ota.other.vbmeta_digest the proper context" 2021-02-18 04:10:37 +00:00
Tianjie
63fd05d579 Give ota.other.vbmeta_digest the proper context 
Give it the u:object_r:ota_prop:s0 since the prop is only set
after an update.

Bug: 177625570
Test: boot the device, check the prop is written by update_engine
Change-Id: I4cf21d2a6af2a2083d4a5eba7751011cc6d0c522
 2021-02-17 16:33:52 -08:00
Pavel Grafov
7393dd3191 Merge "Allow wificond access wifi keys in KeyStore2" am: 06f5894936 am: 04ea6ca0b1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1584852

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Id8969e3b4cf6ee7bedb2a1248ff0620f2d0c8ec8
 2021-02-17 22:41:43 +00:00
Treehugger Robot
d3e3c3a5cc Merge "Add sepolicy swcodec native flag namespace." am: ad580990c4 am: 2c5521f535 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1584530

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I59043bd9f5c25d658baefcda49fada04bd44d104
 2021-02-17 22:41:13 +00:00
Pavel Grafov
04ea6ca0b1 Merge "Allow wificond access wifi keys in KeyStore2" am: 06f5894936 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1584852

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I477eb1b63d1fa0295f67bb98e2326370a9bc42a9
 2021-02-17 22:06:04 +00:00
Treehugger Robot
2c5521f535 Merge "Add sepolicy swcodec native flag namespace." am: ad580990c4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1584530

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I1bf02e8505dd61f88793bfdb82842b0f0f915a89
 2021-02-17 22:04:06 +00:00
Pavel Grafov
06f5894936 Merge "Allow wificond access wifi keys in KeyStore2" 2021-02-17 21:53:41 +00:00
Treehugger Robot
ad580990c4 Merge "Add sepolicy swcodec native flag namespace." 2021-02-17 21:30:16 +00:00
Treehugger Robot
6efeb27c1f Merge "Add /data/misc/a11ytrace folder to store accessibility trace files." am: bdfc2c96ce am: dff0472cba 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1580634

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I6389d6b4602418a992f97587627d12bcda6e73af
 2021-02-17 14:13:22 +00:00
Treehugger Robot
dff0472cba Merge "Add /data/misc/a11ytrace folder to store accessibility trace files." am: bdfc2c96ce 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1580634

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Ibd585373539bc476f2345f283fea6cf53e1a7907
 2021-02-17 13:37:09 +00:00
Treehugger Robot
bdfc2c96ce Merge "Add /data/misc/a11ytrace folder to store accessibility trace files." 2021-02-17 13:02:34 +00:00
Treehugger Robot
c9399aee97 Merge "Check vendor_property_contexts namespaces" am: e91790707a am: b4eb963fe4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1532995

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I4d07031e20c98c6db4f11cd88ee2d711f5981397
 2021-02-17 08:17:38 +00:00
Treehugger Robot
b4eb963fe4 Merge "Check vendor_property_contexts namespaces" am: e91790707a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1532995

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I47576e9ee3737716a683a092d4f984474b6c3246
 2021-02-17 07:47:15 +00:00
Treehugger Robot
e91790707a Merge "Check vendor_property_contexts namespaces" 2021-02-17 07:12:30 +00:00
Inseob Kim
2bcc045724 Check vendor_property_contexts namespaces 
For devices launching with Android Q or later, vendor_property_contexts
and odm_property_contexts should only contain vendor and odm properties.
This checks property_contexts files in build time.

To temporarily disable this check, users can set
BUILD_BROKEN_VENDOR_PROPERTY_NAMESPACE := true in BoardConfig.mk. But
VTS is still enforced, so users will have to fix the violations anyway.

Bug: 175526482
Test: m vendor_property_contexts after making violations
Change-Id: I99d6fff9033d78e1d276eed2682a2719dab84ae2
 2021-02-17 12:41:38 +09:00
Treehugger Robot
610171470c Merge "Add CEC HAL 1.1" am: 9c26e0265d am: 1091c5cf7c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1588313

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I524382662b0aafc8f4cd799ce3b6a029bbabb5f8
 2021-02-17 00:56:04 +00:00
Treehugger Robot
1091c5cf7c Merge "Add CEC HAL 1.1" am: 9c26e0265d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1588313

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Id054c116eaea9823f3116e6f3e1401e088f2770b
 2021-02-17 00:42:09 +00:00
Treehugger Robot
621d0198c5 Merge "Adding SEPolicy for IRemotelyProvisionedComponent" am: 5ace493461 am: d074d435c8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1569961

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I1cb03d7d9efe2109690fc7c972f6abe74cb39455
 2021-02-17 00:41:46 +00:00
Treehugger Robot
9c26e0265d Merge "Add CEC HAL 1.1" 2021-02-17 00:17:54 +00:00
Treehugger Robot
d074d435c8 Merge "Adding SEPolicy for IRemotelyProvisionedComponent" am: 5ace493461 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1569961

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I4cf7e4a8c094891d374766766434978e2e59e446
 2021-02-17 00:10:04 +00:00
Treehugger Robot
5ace493461 Merge "Adding SEPolicy for IRemotelyProvisionedComponent" 2021-02-16 23:48:44 +00:00
Treehugger Robot
6007da11b6 Merge "Allow third-party apps to access tuner hal fd" am: 01a9e4de24 am: cfbb43120d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1587542

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I3fa5bb3e1f225174e6a5e2200eca44375cf67462
 2021-02-16 23:14:04 +00:00
Treehugger Robot
cfbb43120d Merge "Allow third-party apps to access tuner hal fd" am: 01a9e4de24 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1587542

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I36900a4e59d8e7de6ce8f7cd79e1a7c6f4ca5a2b
 2021-02-16 22:56:39 +00:00
Treehugger Robot
01a9e4de24 Merge "Allow third-party apps to access tuner hal fd" 2021-02-16 22:25:18 +00:00
Elliott Hughes
77d6174b3c Merge "init/ueventd and system_server no longer need access to /dev/hw_random." am: adaf4fe7a9 am: dbcd3b6d9c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1580967

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Ic89e82bd098ad997c50cc68b53f150b0bbcdedfb
 2021-02-16 21:00:57 +00:00
Elliott Hughes
dbcd3b6d9c Merge "init/ueventd and system_server no longer need access to /dev/hw_random." am: adaf4fe7a9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1580967

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I250e585dba494335017001e72fb33fbb399db8b6
 2021-02-16 20:40:17 +00:00
Elliott Hughes
adaf4fe7a9 Merge "init/ueventd and system_server no longer need access to /dev/hw_random." 2021-02-16 20:08:39 +00:00
Ram Muthiah
1bd5d71c18 Merge "Revert "Add qemu.hw.mainkeys to system property_contexts"" am: 523a649401 am: fa10ab3955 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1590671

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Ide05bfa653b2ab873cd52a914b26f19f1567a308
 2021-02-16 20:05:41 +00:00
Ram Muthiah
fa10ab3955 Merge "Revert "Add qemu.hw.mainkeys to system property_contexts"" am: 523a649401 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1590671

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Ibc3afb978c5f79942d6a10b5790172bceb920288
 2021-02-16 19:35:42 +00:00
Amy Zhang
db13ae741e Allow third-party apps to access tuner hal fd 
The fd shared here is the fast message queue descriptor of the Tuner
Filter MQ or DVR MQ, sent from the Tuner HAL HIDL interface to Tuner Service.

Tuner service would convert the hidl mq descriptor into an aidl one then
passed to the Tuner JNI. Tuner JNI would read/write data into fmq
through the shared fd when the third-party app calls corresponding APIs.
The fd won't be exposed through SDK APIs.

The same fd won't be shared among apps. Each app only has access to
their own Tuner java instance through Tuner SDK, and read/write their
own Filter/Dvr.

Test: atest TunerDvrTest#testDvrPlayback
Bug: 159067322
Bug: 174500129
Bug: 171378420
Bug: 158868205
Change-Id: I34c113a092673f8ea9bcb7428b5562101c4d35ec
 2021-02-16 11:17:49 -08:00
Ram Muthiah
523a649401 Merge "Revert "Add qemu.hw.mainkeys to system property_contexts"" 2021-02-16 19:05:10 +00:00
Ram Muthiah
509b35e5d9 Revert "Add qemu.hw.mainkeys to system property_contexts" 
Revert submission 1582845-qemu-prop

Reason for revert: aosp_hawk-userdebug is broken on an RVC branch
Reverted Changes:
Idfc2bffa5:Add qemu.hw.mainkeys to system property_contexts
If013ff33f:Remove qemu.hw.mainkeys from vendor_qemu_prop
Bug: 180412668
Change-Id: I335afb931eaeb019f66e3feedea80b0c8888f7a3
 2021-02-16 18:58:10 +00:00
Weilun Du
446906c8bf Merge "Add qemu.hw.mainkeys to system property_contexts" am: 23bb01756e am: baf97e40f9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1582845

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Ia70f172338fc964700ef1ca6eee0434459b3eae4
 2021-02-16 17:56:08 +00:00
Hongming Jin
58f83415ea Add /data/misc/a11ytrace folder to store accessibility trace files. 
Bug: 157601519
Test: adb shell cmd accessibility start-trace
      adb shell cmd accessibility stop-trace
Change-Id: Id4224cee800fe3e10f33794c96048366a0bf09bb
 2021-02-16 09:35:09 -08:00
Weilun Du
baf97e40f9 Merge "Add qemu.hw.mainkeys to system property_contexts" am: 23bb01756e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1582845

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I7eb61f01903b343c1cf2a210ffe6f7bae3034922
 2021-02-16 17:22:58 +00:00
Nick Chalko
81a4dd40d6 Add sepolicy swcodec native flag namespace. 
Test: add sepolicy, build, check GetServerConfigurableFlag function
Bug: 179286276
Change-Id: Ia16d110900251b3fb3e3959d73524c8814199270
 2021-02-16 09:22:16 -08:00
Weilun Du
23bb01756e Merge "Add qemu.hw.mainkeys to system property_contexts" 2021-02-16 16:44:00 +00:00
Max Bires
d2a9e6e630 Adding SEPolicy for IRemotelyProvisionedComponent 
This SEPolicy change allows the hal_keymint domain to add
hal_remotelyprovisionedcomponent_service to hwservice_manager.

Test: The Keymint HAL can successfully start an instance of
IRemotelyProvisionedComponent

Change-Id: I15f34daf319e8de5b656bfacb8d050950bf8f250
 2021-02-15 20:48:45 -08:00
Gavin Corkery
cd3bb575ab Add sepolicy for scheduling module data directories 
Test: Manually test writing and reading files
Bug: 161353402
Change-Id: Ifbc0e4db0ec51f6565a0f52df06b1d148577b788
 2021-02-15 22:31:27 +00:00