tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
37785 commits 1 branch 0 tags 50 MiB
Commit graph

514 commits

Author SHA1 Message Date
Lorenzo Colitti
ce493bd00d Merge "Connectivity Native AIDL interface Sepolicy" am: bf8af42bf5 am: 5ef1893f50 am: 4d7cd06a40 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1943988

Change-Id: I330642784c6fddd6949a55156d1fa6b198425a4a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 22:36:20 +00:00
Lorenzo Colitti
bf8af42bf5 Merge "Connectivity Native AIDL interface Sepolicy" 2022-04-01 21:46:37 +00:00
Neha Pattan
1838513cca Merge "Sepolicy changes for adding new system service for AdServices." am: dcb324bdb3 am: e5d6614096 am: c5c329718a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2046744

Change-Id: I6f1d6ee7b30e7d6a5f26282268b4a56fa57cb873
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 19:33:33 +00:00
Neha Pattan
64ef8be1de Sepolicy changes for adding new system service for AdServices. 
Test: build
Bug: 216375107
Change-Id: I238ac3f8966ce05768aef17bd05217a9772cf2f3
 2022-03-28 19:26:50 +00:00
Mikhail Naganov
d08f5c240f Merge "Add AIDL audio HAL service to SEPolicy" am: 1704f61dcf am: ba497daa6c am: 3cb68e23a1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2040968

Change-Id: Ice3516fe2dc57fd35c0b2c67b8cf9e397e2d3018
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 23:24:33 +00:00
Mikhail Naganov
676da7273f Add AIDL audio HAL service to SEPolicy 
This adds the two top interfaces: IConfig and IModule
to service context, allows the HAL service to call
Binder, and registers the example implementation
service executable.

Bug: 205884982
Test: m
Change-Id: I322e813c96123167ea29b6c25a08ec9677c9b4d1
 2022-03-24 01:39:29 +00:00
Bram Bonne
b93f26fd89 Move sdk_sandbox sepolicy to AOSP. 
Bug: 224796470
Bug: 203670791
Bug: 204989872
Bug: 211761016
Bug: 217543371
Bug: 217559719
Bug: 215105355
Bug: 220320098
Test: make, ensure device boots

Change-Id: Ia96ae5407f5a83390ce1b610da0d49264e90d7e2
Merged-In: Ib085c49f29dab47268e479fe5266490a66adaa87
Merged-In: I2215ffe74e0fa19ff936e90c08c4ebfd177e5258
Merged-In: I478c9a16032dc1f1286f5295fc080cbe574f09c9
Merged-In: Ibf478466e5d6ab0ee08fca4da3b4bae974a82db0
Merged-In: I5d519605d9fbe80c7b4c9fb6572bc72425f6e90a
Merged-In: I05d2071e023d0de8a93dcd111674f8d8102a21ce
Merged-In: I6572a7a5c46c52c9421d0e9c9fc653ddbd6de145
Merged-In: I1b6d1a778cb658bdfd930b684e4ba0640031b226
Merged-In: I9fb98e0caee75bdaaa35d11d174004505f236799
 2022-03-17 10:22:33 +01:00
Tyler Wear
691def4fd5 Connectivity Native AIDL interface Sepolicy 
Sepolicy files for new ConnectivityNative service.
This is a new service implemented in java accessible from
native code. Stable aidl is used to avoid having to manually write
the unparcling code in two different languages. A new service is
required because there is no connectivity service in the system
server that exposes a stable aidl interface.

Bug: 179733303
Change-Id: If2372712a4a8ac7b0631a2195aabc910d1a829cc
 2022-02-24 08:53:13 -08:00
Nikita Ioffe
e2da633ef7 Rename SupplementalProcess to SdkSandbox 
Ignore-AOSP-First: sepolicy is not in aosp, yet
Bug: 220320098
Test: presubmit
Change-Id: I9fb98e0caee75bdaaa35d11d174004505f236799
 2022-02-23 20:44:20 +00:00
Treehugger Robot
a77159c365 Merge changes from topic "revert-1979386-revert-1967140-EVS_sepolicy_updates_T-MBLQTXKQEY-UVTCTRHQWF" am: 48f59f9ec2 am: 33f3804491 am: 35d788475c am: 05ef2c2c88 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1978173

Change-Id: Id411487bab280f9c0e5d5f575ec8d9e3154fd447
 2022-02-10 22:06:17 +00:00
Changyeon Jo
eacb1095a8 Revert^2 "Updates sepolicy for EVS HAL" 
418f41ad13

Bug: 216727303
Test: m -j selinux_policy on failed targets reported
      in b/218802298
Change-Id: Iec8fd2a1e9073bf3dc679e308407572a8fcf44d9
 2022-02-10 17:21:54 +00:00
Changyeon Jo
8c12609bce Revert^2 "Adds a sepolicy for EVS manager service" 
0137c98b90

Bug: 216727303
Test: m -j selinux_policy on failed targets reported
      in b/218802298
Change-Id: I2ae2fc85a4055f2cb7d19ff70b120e7b7ff0957d
 2022-02-10 17:21:14 +00:00
Mohammed Rashidy
1ea99c86e9 Merge changes from topic "revert-1967140-EVS_sepolicy_updates_T-MBLQTXKQEY" am: 7f1eaf1b45 am: aa0cb606c3 am: 3bed79292e am: f1ea833625 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1979387

Change-Id: I8ad7455e22999359816e3e47dfcb5b95845a63e4
 2022-02-10 12:32:56 +00:00
Mohammed Rashidy
5e3beea9bc Revert "Updates sepolicy for EVS HAL" am: 418f41ad13 am: 4d67e0d02b am: a46cbab128 am: 7f9b355e86 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1979386

Change-Id: I6e704950a709e76c8e2c5fdb3829487a4012f887
 2022-02-10 12:32:54 +00:00
Mohammed Rashidy
0137c98b90 Revert "Adds a sepolicy for EVS manager service" 
Revert submission 1967140-EVS_sepolicy_updates_T

Reason for revert: triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_master&target=cf_x86_64_auto-userdebug&lkgb=8168894&lkbb=8168958&fkbb=8168947, bug b/218802298
Reverted Changes:
I730d56ab1:Allows hal_evs_default to read directories
I2df8e10f5:Updates sepolicy for EVS HAL
Ie6cb3e269:Adds a sepolicy for EVS manager service

Change-Id: I207c261bcf2c8498d937ab02c499bf709a5f1b15
 2022-02-10 10:07:44 +00:00
Mohammed Rashidy
418f41ad13 Revert "Updates sepolicy for EVS HAL" 
Revert submission 1967140-EVS_sepolicy_updates_T

Reason for revert: triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_master&target=cf_x86_64_auto-userdebug&lkgb=8168894&lkbb=8168958&fkbb=8168947, bug b/218802298
Reverted Changes:
I730d56ab1:Allows hal_evs_default to read directories
I2df8e10f5:Updates sepolicy for EVS HAL
Ie6cb3e269:Adds a sepolicy for EVS manager service

Change-Id: I1cc37b0e56646db61bdb34cb209aefe7376c5a50
 2022-02-10 10:07:44 +00:00
Treehugger Robot
47f43ab23c Merge changes from topic "EVS_sepolicy_updates_T" am: 2cedd28cf9 am: 177cf20196 am: 85c9e1cf9e am: feb9f3f2c2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1967009

Change-Id: I112edf374e2b96e74f786897d580d396bec33c29
 2022-02-10 08:52:51 +00:00
Changyeon Jo
a083d7a8d8 Updates sepolicy for EVS HAL 
This CL updates hal_evs_default to be sufficient for the defautl EVS HAL
implementation and modifies other services' policies to be able to
communicate with EVS HAL implementations

Bug: 217271351
Test: m -j selinux_policy and Treehugger
Change-Id: I2df8e10f574d62f8b84e0ff0381656ab1b18b52f
 2022-02-10 01:42:59 +00:00
Changyeon Jo
5c3bc58163 Adds a sepolicy for EVS manager service 
Bug: 170401743
Bug: 216727303
Test: m -j selinux_policy and TreeHugger
Change-Id: Ie6cb3e269fc46a61b56ca93efd69fbc447da0e3d
 2022-02-10 01:42:21 +00:00
Jayant Chowdhary
58c0794156 Merge "System wide sepolicy changes for aidl camera hals." am: b00bf9d282 am: 4c51fa993e am: f3ccb9095a am: 887847beaa 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1975831

Change-Id: If90113a972d3f96bed74db0ae65da50caff1afbf
 2022-02-09 04:04:33 +00:00
Jayant Chowdhary
e3019be3db System wide sepolicy changes for aidl camera hals. 
Bug: 196432585

Test: Camera CTS

Change-Id: I0ec0158c9cf82937d6c00841448e6e42f6ff4bb0
Signed-off-by: Jayant Chowdhary <jchowdhary@google.com>
 2022-02-08 09:37:17 +00:00
shubang
a1b9f186fb SE policy: rename iapp -> interactive_app 
Bug: 205738783
Test: cuttlefish

Change-Id: I15fd60a2dba79dd5e2a3cf57ed542e5a930680f1
Merged-In: I15fd60a2dba79dd5e2a3cf57ed542e5a930680f1
 2022-02-07 07:54:32 +00:00
Seth Moore
3f7ee1390e Add remotely provisioned key pool se policy am: a75cad0d0a am: 10ec76f621 am: 7a7ac7d5aa am: 38ed66df25 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1969539

Change-Id: If922ac778d3afbb210b284dfd167fc9212ef691f
 2022-02-04 00:00:45 +00:00
Seth Moore
a75cad0d0a Add remotely provisioned key pool se policy 
Keystore now hosts a native binder for the remotely provisioned key
pool, which is used to services such as credstore to lookup remotely
provisioned keys.

Add a new service context and include it in the keystore services.

Add a dependency on this new service for credstore. Also include a
credstore dependency on IRemotelyProvisionedComponent, as it's needed
to make use of the key pool.

Bug: 194696876
Test: CtsIdentityTestCases
Change-Id: I0fa71c5be79922a279eb1056305bbd3e8078116e
 2022-02-02 15:07:26 -08:00
Treehugger Robot
a068287a1e Merge "Adds selinux rules for ICarDisplayProxy service" am: 108fdbc5f7 am: 8a96be8df9 am: 2ac9d08d7e am: baebbb72fd 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1965562

Change-Id: Id6c66d646e8ee01db0250097c3cd967c2be8ecfe
 2022-01-31 22:49:41 +00:00
Treehugger Robot
108fdbc5f7 Merge "Adds selinux rules for ICarDisplayProxy service" 2022-01-31 21:52:46 +00:00
Changyeon Jo
66eba13833 Adds selinux rules for ICarDisplayProxy service 
Bug: 170401743
Test: m -j selinux_policy
Change-Id: Idf3f09d0bcf24de18d6eddb05e51991b4c5edbe8
 2022-01-31 19:40:20 +00:00
Huihong Luo
a330140278 Merge "Migrate screenshot methods to AIDL" am: 9b82051367 am: 270ddf48d0 am: 703a0ffa08 am: 80e89afc85 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1954716

Change-Id: Ib79b61ae79f6ad766adca5eff0fec0bb9de34f12
 2022-01-29 22:25:44 +00:00
Huihong Luo
9b82051367 Merge "Migrate screenshot methods to AIDL" 2022-01-29 21:17:18 +00:00
Robert Shih
5c11b33da4 Merge "Add sepolicy for DRM AIDL HAL" am: d70f0af2bf am: 0de1ba742a am: 77bf16ed0d am: 7295a03aec 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1918837

Change-Id: I116a39f718ce3d71dea6318191acd57aae8874a6
 2022-01-28 19:55:47 +00:00
Robert Shih
d70f0af2bf Merge "Add sepolicy for DRM AIDL HAL" 2022-01-28 18:40:53 +00:00
Treehugger Robot
35fde34cc4 Merge "Changes in SELinux Policy for cloudsearch API naming" am: 27416257f3 am: 45a466e098 am: fb1a824053 am: 51cf103457 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1963460

Change-Id: I4c834e7d376e61c26f7ec26d9ea55e2e8584ea14
 2022-01-28 03:01:21 +00:00
Hui Wu
42d24fd59d Changes in SELinux Policy for cloudsearch API naming 
Bug: 216507592
Test: Presubmit Tests
Change-Id: I5aa647d146cfea0b44efb4c247d9856e0666ea86
 2022-01-27 13:42:17 -08:00
Robert Shih
4968374205 Add sepolicy for DRM AIDL HAL 
Bug: 208486736
Test: atest VtsAidlHalDrmTargetTest
Change-Id: Ia2b1488a564d94384d183d30291fbf5a6d2df4ab
 2022-01-27 01:51:05 -08:00
Paul Hu
d4a42947c3 Merge "Add sepolicy for mdns service" am: 415a2f9b58 am: 1f935d64bf am: dc91d13405 am: 5f1b07275c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1916037

Change-Id: Ibad85dfc0da838419d71f5a466d77152eb837e5d
 2022-01-25 03:40:42 +00:00
Paul Hu
415a2f9b58 Merge "Add sepolicy for mdns service" 2022-01-25 02:35:42 +00:00
Hunsuk Choi
dfbaf937fc Merge "Combining hal_radio_*_service into hal_radio_service" am: 5c27113222 am: f3e65b463f am: 13a711981a am: adee6a673c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1958840

Change-Id: Ifbf8a50deaa0b5c61d5ee70eb5ed81d1cf0b0ebc
 2022-01-25 01:52:56 +00:00
Hunsuk Choi
7938201cbb Combining hal_radio_*_service into hal_radio_service 
Test: build and flash
Bug: 198331673
Change-Id: Id5d699ffc77f708e2144ffea6d2a6805822e7f50
 2022-01-24 19:42:42 +00:00
paulhu
70b0a77ee0 Add sepolicy for mdns service 
mdns service is a subset of netd-provided services, so it gets
the same treatment as netd_service or dnsresolver_service

Bug: 209894875
Test: built, flashed, booted
Change-Id: I33de769c4fff41e816792a34015a70f89e4b8a8c
 2022-01-25 00:50:21 +08:00
George Chang
32a844da1f Merge "Add hal_nfc_service" am: 95113bbbed am: c3c16ea2b2 am: a0cae343bb am: 90e0a6832a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1878147

Change-Id: I81761b15b3342d18cb2f11d588757a936da5979d
 2022-01-22 02:57:37 +00:00
George Chang
95113bbbed Merge "Add hal_nfc_service" 2022-01-22 01:46:41 +00:00
Sharon Su
2a5d8ecd56 Merge "Change in SELinux Policy for wallpaper effects generation API. Test: presubmit tests" am: 0cd7ba7617 am: 1da3471495 am: 2ca8a20307 am: e4fd25aa8d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1955283

Change-Id: If5e653764f71e4f7f3f3d500158c88023f3147c0
 2022-01-22 01:00:35 +00:00
Treehugger Robot
5929ac1cf0 Merge "Add sepolicy for IInputProcessor HAL" am: c23930818d am: e12bcb296e am: 4bec13cf50 am: 94ba617915 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1945423

Change-Id: I471ae65938d4088d05adb4aa0c1a28dc8e9022ad
 2022-01-22 00:12:18 +00:00
Sharon Su
0cd7ba7617 Merge "Change in SELinux Policy for wallpaper effects generation API. Test: presubmit tests" 2022-01-22 00:06:00 +00:00
Kathy Chen
4ce608cf25 Merge "SELinux policy changes for AmbientContext system API." am: 7bb9120ba7 am: 49527e07b6 am: f46b2a87dd am: ad1efe3c75 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1920077

Change-Id: Ib119d650516410479097ba7e339529660f9ffa16
 2022-01-21 22:54:30 +00:00
Treehugger Robot
c23930818d Merge "Add sepolicy for IInputProcessor HAL" 2022-01-21 22:45:52 +00:00
Kathy Chen
082263f3bc SELinux policy changes for AmbientContext system API. 
Context about this is on ag/16302285

Test: Ensure no build failures, ensure no SecurityException on boot
Bug: 192476579
Change-Id: If5ba2fa41975acf91c0002a0f301da11eaebd6d2
 2022-01-21 20:12:54 +00:00
Treehugger Robot
e88ae7f583 Merge "Add selinux policy for new BinaryTransparencyService" am: 158927ed5c am: c39826824d am: 53fab93545 am: d65a7b8b68 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1954957

Change-Id: I45a2571e463975829393a214f0e6c061ecbfdcd1
 2022-01-21 20:09:37 +00:00
Treehugger Robot
158927ed5c Merge "Add selinux policy for new BinaryTransparencyService" 2022-01-21 19:10:31 +00:00
Shubang Lu
11e8f96e7a Merge "SE policy: rename iapp -> interactive_app" 2022-01-21 18:04:08 +00:00