The Android Open Source Project
f5f899c3c0
Merge from upstream sepolicy
...
Change-Id: I99085d575e3d884fb04ac03ac998eb3c53eb2d9f
2012-04-10 09:52:59 -07:00
Ying Wang
f4ea5b2539
Use the checkpolicy built from source.
...
Change-Id: I22f49db3d59b50ed8975d8c1146bb9c322adbf7e
2012-04-10 09:11:08 -07:00
Stephen Smalley
730957aef3
Rework the radio vs rild property split.
...
Only label properties with the ril. prefix with rild_prop.
Allow rild and system (and radio) to set radio_prop.
Only rild can set rild_prop presently.
2012-04-04 16:01:19 -04:00
Stephen Smalley
a883c38637
Allow apps to write to anr_data_file for /data/anr/traces.txt.
2012-04-04 16:00:11 -04:00
Stephen Smalley
124720a697
Add policy for property service.
...
New property_contexts file for property selabel backend.
New property.te file with property type declarations.
New property_service security class and set permission.
Allow rules for setting properties.
2012-04-04 10:11:16 -04:00
Stephen Smalley
2cb1b31f90
Allow adbd to access the qemu device and label /dev/eac correctly.
2012-04-03 15:30:28 -04:00
Stephen Smalley
f7948230ef
Integrate nfc_power and rild rules from tuna sepolicy by Bryan Hinton.
2012-03-19 15:58:11 -04:00
Stephen Smalley
0e85c17e6e
Rewrite MLS constraints to only constrain open for app_data_file, not read/write.
2012-03-19 10:32:24 -04:00
Stephen Smalley
f6cbbe255b
Introduce a separate wallpaper_file type for the wallpaper file.
2012-03-19 10:29:36 -04:00
Stephen Smalley
59d28035a1
Introduce a separate apk_tmp_file type for the vmdl.*\.tmp files.
2012-03-19 10:24:52 -04:00
Stephen Smalley
b660916b0a
Allow the shell to create files on the sdcard.
2012-03-08 11:17:45 -05:00
Stephen Smalley
d5a70a7f7c
Drop redundant rules.
2012-03-07 15:01:53 -05:00
Stephen Smalley
c83d0087e4
Policy changes to support running the latest CTS.
2012-03-07 14:59:01 -05:00
Stephen Smalley
64935c7d87
Limit per-device policy files to a well-defined sepolicy prefix.
...
Avoid any future collisions with the use of .fc or .te suffixes in the
per-device directories. If we want multiple file support, add a separate
subdirectory for sepolicy files.
2012-03-06 13:27:39 -05:00
Stephen Smalley
5b340befb4
Add support for per-device .te and .fc files.
2012-03-06 11:12:41 -05:00
Stephen Smalley
4c6f1ce8ee
Allow Settings to set enforcing and booleans if settings_manage_selinux is true.
2012-02-02 13:28:44 -05:00
Stephen Smalley
7e8cf24f58
Do not build if HAVE_SELINUX=false.
2012-02-02 13:28:28 -05:00
Stephen Smalley
2b826fcbe8
Add a dependency on checkpolicy.
2012-01-24 08:46:13 -05:00
Ying Wang
02fb5f3c6a
Rewrite Android.mk.
2012-01-18 14:01:08 -05:00
Stephen Smalley
beefbe5c4d
Add explicit role declaration for newer checkpolicy versions.
2012-01-12 09:58:37 -05:00
Stephen Smalley
6261d6d823
Allow reading of properties area, which is now created before init has switched contexts. Revisit this later - we should explicitly label the properties file.
2012-01-12 08:57:50 -05:00
Stephen Smalley
0d76f4e5c2
Allow system server to set scheduling info for apps.
2012-01-10 13:24:21 -05:00
Stephen Smalley
c94e2392f6
Further policy for Motorola Xoom.
2012-01-06 10:25:53 -05:00
Stephen Smalley
2dd4e51d5c
SE Android policy.
2012-01-04 12:33:27 -05:00