tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
41353 commits 1 branch 0 tags 50 MiB
Commit graph

41353 commits

This branch
This branch
All branches
Author SHA1 Message Date
Ioannis Ilkos
ebf9f35f15 Merge "Sysprop for the count of active OOME tracing sessions" am: 300f93bf5a am: 2a73c910d3 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2433415

Change-Id: I5fc68e9f24c6b1b3c518a9642c12670bfeb8fc30
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 19:53:24 +00:00
Frederick Mayle
4f5390d640 Allow crash_dump on crosvm 
Protected guest memory maps are now unmapped when crash_dump forks off
of crosvm, so we don't need or want this exception anymore.

Bug: 238324526
Test: ran debuggerd on protected vm
Change-Id: Iccff5dcc441dcf769fcdaa89e7b8e686341821fd
 2023-02-17 19:36:51 +00:00
Ioannis Ilkos
2a73c910d3 Merge "Sysprop for the count of active OOME tracing sessions" am: 300f93bf5a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2433415

Change-Id: I94c868305fc6c681b01bc86b6f3d9ffaf8fac9d1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 18:51:54 +00:00
Ioannis Ilkos
300f93bf5a Merge "Sysprop for the count of active OOME tracing sessions" 2023-02-17 17:50:59 +00:00
Nikita Ioffe
22f42bfff8 Merge "Sepolicy rules to allow crosvm to start a gdb-server" am: 09cbce900f am: 9892a80308 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2436892

Change-Id: I00693c698f17e2fb651f7b795114ca79e91117d6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 17:27:13 +00:00
Treehugger Robot
6fb58c72c1 Merge "Set system_lib_file for libs in tethering apex" am: 8c086ac589 am: 62b20a0c26 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2442879

Change-Id: I1b16e707c8d77d1cb943d9bd8f9995fe11018ace
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 17:27:01 +00:00
Alfred Piccioni
14de90550b Merge "Adds support for fuseblk binaries." am: dd4c5fa93b am: 89cd736d8d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2393296

Change-Id: Idd32c28ac3c24b55a6d79db0ab508fc7957fcf30
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 17:24:32 +00:00
Nikita Ioffe
9892a80308 Merge "Sepolicy rules to allow crosvm to start a gdb-server" am: 09cbce900f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2436892

Change-Id: I2df5e7c76cfe7149139d018c01be1903a7dc1ee6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 16:25:13 +00:00
Treehugger Robot
62b20a0c26 Merge "Set system_lib_file for libs in tethering apex" am: 8c086ac589 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2442879

Change-Id: Idd3bb1a172f84149c129fc585793b968597d0b51
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 16:23:52 +00:00
Alfred Piccioni
89cd736d8d Merge "Adds support for fuseblk binaries." am: dd4c5fa93b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2393296

Change-Id: Ic1a8d2a297848430a672826f1780bbb3e976f1be
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 16:23:38 +00:00
Nikita Ioffe
09cbce900f Merge "Sepolicy rules to allow crosvm to start a gdb-server" 2023-02-17 15:46:05 +00:00
Treehugger Robot
8c086ac589 Merge "Set system_lib_file for libs in tethering apex" 2023-02-17 15:17:25 +00:00
Alfred Piccioni
dd4c5fa93b Merge "Adds support for fuseblk binaries." 2023-02-17 15:15:31 +00:00
Jooyung Han
a5506bcd8f Set system_lib_file for libs in tethering apex 
The library (libcom.android.tethering.connectivity_native.so) in the
apex is a part of LLNDK. So it should be properly labelled so that
vendor can access it.

Bug: n/a
Test: m com.android.tethering
Test: adb shell -lZ /apex/com.android.tethering/lib64
Change-Id: I6c949c992042f4a38f25ca6f4243d31e81354467
 2023-02-17 12:41:19 +09:00
Woody Lin
35541e183f Allow dumpstate to read /data/system/shutdown-checkpoints/ 
Bug: 260366497
Bug: 264600011
Test: Take bugreport and check dmesg for avc error
Test: Reboot and check shutdown-checkpoints
Change-Id: Ifcc7de30ee64e18f78af147cd3da39d7c6dc6f5f
 2023-02-16 14:23:33 +08:00
Pawan Wagh
c2fbe131f6 Merge "Adding fuzzer entries for drmmanager and vold" am: 9bc9a63b68 am: 20f7c87041 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2438893

Change-Id: Ib94ca9f0af9bd61a38da4c492ff38c8c2e0bc110
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-16 03:01:03 +00:00
Pawan Wagh
20f7c87041 Merge "Adding fuzzer entries for drmmanager and vold" am: 9bc9a63b68 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2438893

Change-Id: I5880bfedb3edfd2573967c63daa8d1632ad02ae1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-16 02:18:46 +00:00
Treehugger Robot
8964e039d4 Merge "Allow to format zoned device w/o dm-default-key" am: 8faa679c9a am: 2e2a42008e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2425228

Change-Id: I0330433f7c9925ef30a3c6a8d9ba1ce97b0acfac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-16 02:09:39 +00:00
Pawan Wagh
9bc9a63b68 Merge "Adding fuzzer entries for drmmanager and vold" 2023-02-16 01:43:46 +00:00
Treehugger Robot
2e2a42008e Merge "Allow to format zoned device w/o dm-default-key" am: 8faa679c9a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2425228

Change-Id: Ibb4160580d93bedcef3ebc99a316b90e2654a14c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-16 01:27:53 +00:00
Treehugger Robot
8faa679c9a Merge "Allow to format zoned device w/o dm-default-key" 2023-02-16 00:58:24 +00:00
Pawan Wagh
61e77a8759 Adding fuzzer entries for drmmanager and vold 
Test: m
Bug: 232439428
Change-Id: I99879c0cfa71bfce44be3b080ca97934bdfa3100
 2023-02-15 21:40:27 +00:00
Nikita Ioffe
40a48c1046 Sepolicy rules to allow crosvm to start a gdb-server 
Bug: 242057159
Test: see another change in this topic
Change-Id: Ie5116c8891a62096e767500b90a19fc5975c3599
 2023-02-15 16:44:50 +00:00
David Duarte
1d17625658 Update prebuilt to add bluetooth_prop to system_server sepolicy. am: c9530bbdfd 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/21359400

Change-Id: Idadf25b8631d21ab7eaa3834c500419253a7edb9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-15 07:23:13 +00:00
Etienne Ruffieux
304adbf81b [automerger skipped] Add bluetooth_prop to system_server sepolicy. am: 66a07f60a1 -s ours 
am skip reason: Merged-In Ia4d5d286ccf94f61bbc87e9063d22b8822806e5c with SHA-1 3b39e92bd9 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/21358006

Change-Id: Ic962643ae95d283c2cf21e58e49969490ac01123
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-15 07:23:09 +00:00
Feiyu Chen
c549fa4675 Merge "Add SELinux policy for edgetpu_native device_config prop" am: b4b757cd83 am: e68fe11b3a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2434232

Change-Id: Ib42aaab788a685b8d24dda8514aae55640ffe258
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-15 04:18:44 +00:00
Feiyu Chen
e68fe11b3a Merge "Add SELinux policy for edgetpu_native device_config prop" am: b4b757cd83 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2434232

Change-Id: Iba932201fe56697b23f25a7ecb41a2f9829dd48a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-15 03:31:01 +00:00
Feiyu Chen
b4b757cd83 Merge "Add SELinux policy for edgetpu_native device_config prop" 2023-02-15 02:32:22 +00:00
Ronish Kalia
ce876c3668 Merge "[CP] Rename healthconnect to healthfitness" am: f45caeb2fd am: 1970c6d622 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2433416

Change-Id: I4ee1b422f9e0f58051550378cedc34ca33e1b5f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 21:40:27 +00:00
Ronish Kalia
1970c6d622 Merge "[CP] Rename healthconnect to healthfitness" am: f45caeb2fd 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2433416

Change-Id: I402f368eb2fe95b45c69eb837cf8bf213398c4f4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 20:48:42 +00:00
Ronish Kalia
f45caeb2fd Merge "[CP] Rename healthconnect to healthfitness" 2023-02-14 20:22:07 +00:00
Treehugger Robot
bc5f16bd81 Merge "Map AIDL Gatekeeper to same policy as HIDL version" am: 22d25dcae4 am: c499098432 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2421501

Change-Id: I22775c96ecaee91a6b2f1f8279cf67ef3b625f9e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 19:41:20 +00:00
Treehugger Robot
c499098432 Merge "Map AIDL Gatekeeper to same policy as HIDL version" am: 22d25dcae4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2421501

Change-Id: I1bb798d424a9595cd549bb88f967f0d44fffd936
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 18:56:34 +00:00
Treehugger Robot
22d25dcae4 Merge "Map AIDL Gatekeeper to same policy as HIDL version" 2023-02-14 17:48:17 +00:00
ronish
f406edf440 [CP] Rename healthconnect to healthfitness 
Change-Id: Icb20784bfe3d07aff5b198b5c8dd2302bb7c854d
 2023-02-14 17:34:26 +00:00
Ioannis Ilkos
8d168e2d8a Sysprop for the count of active OOME tracing sessions 
In order for ART code to call perfetto DataSource::Trace() we need to
wait for all data source instances to have completed their setup. To do
so, we need to know how many of them exist.

This introduces a new sysprop traced.oome_heap_session.count, writeable
by perfetto traced and readable by apps and system_server that can be
used to communicate this.

See go/art-oom-heap-dump for more details

Test: manual, atest HeapprofdJavaCtsTest
Bug: 269246893
Change-Id: Ib8220879a40854f98bc2f550ff2e7ebf3e077756
 2023-02-14 15:14:39 +00:00
Treehugger Robot
55d69325e9 Merge "Add system property for leaudio_allow_list" am: ae07b5380b am: 79b8e705aa 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2375411

Change-Id: Ib92ab2563a8855f28b42bcb2a471260f669cdea9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 13:05:01 +00:00
Pedro Loureiro
fe0ce26f53 Merge "Add SEPolicy for device config service" am: 43b0b8a65c am: 14060332c7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2430374

Change-Id: Ic458ae5bcbf7b11eb43f2ea8dbfe9e03108991a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 13:04:47 +00:00
Treehugger Robot
79b8e705aa Merge "Add system property for leaudio_allow_list" am: ae07b5380b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2375411

Change-Id: I4323da4ee1e703e48f78cef880c154e94c8f49f3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 12:17:11 +00:00
Pedro Loureiro
14060332c7 Merge "Add SEPolicy for device config service" am: 43b0b8a65c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2430374

Change-Id: I16624fc06f8cd15de32734e31a47acc504a5dea1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 12:16:51 +00:00
Treehugger Robot
ae07b5380b Merge "Add system property for leaudio_allow_list" 2023-02-14 11:21:55 +00:00
Pedro Loureiro
43b0b8a65c Merge "Add SEPolicy for device config service" 2023-02-14 11:18:41 +00:00
Akilesh Kailash
782a9dd2d1 Merge "Set sepolicy for ublk control device and block device" am: a3c0ca4e67 am: 12e344b7de 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2433673

Change-Id: I926282834e443b7a263fd8f4378537f464395fa6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 05:29:29 +00:00
Akilesh Kailash
12e344b7de Merge "Set sepolicy for ublk control device and block device" am: a3c0ca4e67 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2433673

Change-Id: Ia1104a335a2932a48bc2f9eecb547c65e13fe334
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 04:41:42 +00:00
Akilesh Kailash
a3c0ca4e67 Merge "Set sepolicy for ublk control device and block device" 2023-02-14 03:59:06 +00:00
Akilesh Kailash
63a21044f2 Set sepolicy for ublk control device and block device 
ublk-control device: /dev/ublk-control
ublk-block device: /dev/block/ublkbN where N is 0,1,2..

Bug: 269144965
Test: Verify sepolicy changes through kernel logs when user-space daemon
communicates with ublk driver

Change-Id: I10de557566e3c0628ea72fbbda4cff21e7cda68f
Signed-off-by: Akilesh Kailash <akailash@google.com>
 2023-02-13 16:30:40 -08:00
Jeffrey Huang
6788ed4f1c Merge "Restrict system server from reading statsd data" am: 01fd5eb907 am: e53a5b25b6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2410783

Change-Id: Idfcd1276930266819c9ba62bc2695de290aec12b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-13 23:54:04 +00:00
Jeffrey Huang
e53a5b25b6 Merge "Restrict system server from reading statsd data" am: 01fd5eb907 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2410783

Change-Id: I18a4d57758865141a9e0b6f479ff5aabf8db0ece
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-13 23:07:21 +00:00
Jeffrey Huang
01fd5eb907 Merge "Restrict system server from reading statsd data" 2023-02-13 22:37:09 +00:00
feiyuchen
70e1942fb3 Add SELinux policy for edgetpu_native device_config prop 
The new android property namespace will store the configurations which are set on the server side and read by the EdgeTpu HAL.

Notes:
* This CL is similar to nnapi_native CL: https://android-review.git.corp.google.com/c/platform/system/sepolicy/+/1844919
* The read permission of EdgeTpu HAL will be added in another internal CL.

Test: mm
Bug: 243553703
Bug: 246401730
Change-Id: I5705f679148b313d919f334c51e31f7645aca82a
 2023-02-13 21:55:57 +00:00