tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
42720 commits 1 branch 0 tags 50 MiB
Commit graph

42720 commits

This branch
This branch
All branches
Author SHA1 Message Date
Treehugger Robot
e0339e83fd Merge "Fix dalvik property attribute for Microdroid" am: f850317561 am: 2325d5b92f am: d63c987ca2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2519481

Change-Id: Ibbaa84dc3ffc65db06e22ea8c2de7e9aa3cde916
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-05 11:01:49 +00:00
Slawomir Rosek
7e9dede866 Allow system server to read media config am: 608e4923d3 am: 115d5c232e am: 5c9aad0e2d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2524799

Change-Id: I7b0566d02b682babab4d9e5bbfffe8e4e889feec
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-05 11:01:21 +00:00
Treehugger Robot
d63c987ca2 Merge "Fix dalvik property attribute for Microdroid" am: f850317561 am: 2325d5b92f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2519481

Change-Id: I83b8810cf6e2262c4e093a4ec917863e8e6002ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-05 10:32:49 +00:00
Slawomir Rosek
5c9aad0e2d Allow system server to read media config am: 608e4923d3 am: 115d5c232e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2524799

Change-Id: Id70c73bc4ae283e6005f2384ce3f55bd6864a4b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-05 10:32:28 +00:00
Treehugger Robot
2325d5b92f Merge "Fix dalvik property attribute for Microdroid" am: f850317561 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2519481

Change-Id: Ia0ee85d81c157514d7943697cc0e08b51fd9585e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-05 10:02:12 +00:00
Slawomir Rosek
115d5c232e Allow system server to read media config am: 608e4923d3 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2524799

Change-Id: I43abe37859a557b997e20bcf7e4f43097bdc5109
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-05 10:01:47 +00:00
Treehugger Robot
f850317561 Merge "Fix dalvik property attribute for Microdroid" 2023-04-05 09:45:25 +00:00
Ioannis Ilkos
262a10ff2b SEPolicy for trace event suspend_resume_minimal 
This is a more lightweight version of built-in power/suspend_resume

Bug: 277016923
Test: manual
Change-Id: I71cefcab43a8119cfded52e55ebfaaf809e9f205
 2023-04-05 07:55:43 +00:00
Slawomir Rosek
608e4923d3 Allow system server to read media config 
This patch allows system server to read media config properties.
On 32bit architectures the StorageManager service in system server
needs to access media config while checking if transcoding is supported.

Bug: 276498430
Bug: 276662056
Change-Id: Ifc008d98b893b099c31c1fc8b96de9ed18dd4fbe
Signed-off-by: Slawomir Rosek <srosek@google.com>
 2023-04-05 07:51:24 +00:00
Maciej Żenczykowski
9fe0c21672 allow systemserver to sigkill clat 
This appears to be an oversight in T sepolicy???

Based on observed logs (on a slightly hacked up setup):

04-04 20:38:38.205  1548  1935 I Nat464Xlat: Stopping clatd on wlan0
04-04 20:38:38.205  1548  1935 I ClatCoordinator: Stopping clatd pid=7300 on wlan0
04-04 20:38:43.408  1548  1548 W ConnectivitySer: type=1400 audit(0.0:8): avc: denied { sigkill } for scontext=u:r:system_server:s0 tcontext=u:r:clatd:s0 tclass=process permissive=0
04-04 20:38:43.412  1548  1935 E jniClatCoordinator: Failed to SIGTERM clatd pid=7300, try SIGKILL
04-04 20:39:27.817  7300  7300 I clatd   : Shutting down clat on wlan0
04-04 20:39:27.819  7300  7300 I clatd   : Clatd on wlan0 already received SIGTERM
04-04 20:39:27.830  2218  2894 D IpClient/wlan0: clatInterfaceRemoved: v4-wlan0
04-04 20:39:27.857  1548  1935 D jniClatCoordinator: clatd process 7300 terminated status=0

I think this means SIGTERM failed to work in time, and we tried SIGKILL and that was denied, and then the SIGTERM succeeded?

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ia55ebd812cb9e7062e3cb10d6cb6851638926868
 2023-04-05 07:49:26 +00:00
Lakshman Annadorai
52d8a1e5d8 Merge "Add cpu_monitor service context." am: d970b34331 am: 605db074db am: 76809597e6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2517975

Change-Id: I2fae64b89c92f9c8d8a360e943e13a6144b6d7b1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-04 19:08:46 +00:00
Lakshman Annadorai
76809597e6 Merge "Add cpu_monitor service context." am: d970b34331 am: 605db074db 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2517975

Change-Id: Ie25e170a7f31c1052e4ae029fc5f89c6b1c3baad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-04 18:33:55 +00:00
Lakshman Annadorai
605db074db Merge "Add cpu_monitor service context." am: d970b34331 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2517975

Change-Id: I21abdad4f6715f8ca45a335c731360ac4edad9aa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-04 18:05:22 +00:00
Lakshman Annadorai
d970b34331 Merge "Add cpu_monitor service context." 2023-04-04 17:20:12 +00:00
Alan Stokes
f85f298b2f Fix dalvik property attribute for Microdroid 
Commit 22fb5c7d24 migrated from property
types to attributes in some Microdroid rules, but omitted to
associated the attribute with the relevant types. So we fix that.

Bug: 274530433
Bug: 275469579
Bug: 276895565
Test: Will schedule a test run
Change-Id: I11194be9d1e352fa456c24a3b5784c18ccc03a69
 2023-04-04 15:29:40 +01:00
Daeho Jeong
00a1de7594 Merge "traced_probes: allow traced_probes to access diskstats info" am: 37eb6de3d0 am: 68d1558beb am: 734cb2c018 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2520359

Change-Id: Ife247aca9d05a87874aca85a9bc84e95627b638b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-04 02:56:13 +00:00
Daeho Jeong
734cb2c018 Merge "traced_probes: allow traced_probes to access diskstats info" am: 37eb6de3d0 am: 68d1558beb 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2520359

Change-Id: Icdb4748903608bf7ee43268d9e15b1c4691af03a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-04 02:26:35 +00:00
Daeho Jeong
68d1558beb Merge "traced_probes: allow traced_probes to access diskstats info" am: 37eb6de3d0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2520359

Change-Id: I46192cda6cad0fb3ff8fbaf45b0bcbd989c902e5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-04 01:56:46 +00:00
Daeho Jeong
37eb6de3d0 Merge "traced_probes: allow traced_probes to access diskstats info" 2023-04-04 01:25:18 +00:00
Daeho Jeong
bfa8213d8c traced_probes: allow traced_probes to access diskstats info 
Test: check selinux log while perfetto I/O profiling
Change-Id: I45247b72343c8bca219c7250c467c97e5dacab5c
Signed-off-by: Daeho Jeong <daehojeong@google.com>
 2023-04-03 13:02:34 -07:00
Alexander Roederer
4731a1e28d Merge "Add persist.sysui.notification.builder_extras_ovrd" am: cf1ac9a714 am: 939325600a am: 870aae8164 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2504995

Change-Id: I03ca086505113b91c427ed176e1d7b42b5cd60e4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-03 15:07:53 +00:00
Alexander Roederer
870aae8164 Merge "Add persist.sysui.notification.builder_extras_ovrd" am: cf1ac9a714 am: 939325600a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2504995

Change-Id: I9545d28279e8eb151ef7454af6d6eeafc2899ddb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-03 14:37:34 +00:00
Alexander Roederer
939325600a Merge "Add persist.sysui.notification.builder_extras_ovrd" am: cf1ac9a714 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2504995

Change-Id: Id3041cd90640a1e3ebe7448837b6e10c715bbb52
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-03 14:08:38 +00:00
Alexander Roederer
cf1ac9a714 Merge "Add persist.sysui.notification.builder_extras_ovrd" 2023-04-03 13:47:09 +00:00
Jooyung Han
1cc8e33941 Remove unused def am: 49bd2148a4 am: 77eeabfc46 am: 3946eb0a08 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2519756

Change-Id: Ibc53dd7293e4ac6bdd570016e27c4f35553d4d35
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-03 10:22:43 +00:00
Jooyung Han
3946eb0a08 Remove unused def am: 49bd2148a4 am: 77eeabfc46 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2519756

Change-Id: I8f7a8aec2910975822461410c23d2c9d526ff2b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-03 09:52:20 +00:00
Jooyung Han
77eeabfc46 Remove unused def am: 49bd2148a4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2519756

Change-Id: I14dba01f3f34a43f9369aa92c0a0fd9d8c4e32fb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-03 09:23:07 +00:00
Jaewan Kim
0783a9cd36 Allow virtualizationmanager to open test artifacts in shell_data_file 
Bug: 275047565
Test: atest
Change-Id: Iff9bdd4434a66af0e17fb74da4f173158dd66399
 2023-04-03 15:46:26 +09:00
Jooyung Han
49bd2148a4 Remove unused def 
Bug: n/a
Test: m
Change-Id: I7d35c6395b4e956e2d6e34e38749a3bf21af81e1
 2023-04-03 15:21:32 +09:00
Inseob Kim
d16612cd8a Remove 28.0 compat support 
Treble doesn't support U system + P vendor, so removing P (28.0)
prebuilts and compat files.

Bug: 267692547
Test: build
Change-Id: I3734a3d331ba8071d00cc196a2545773ae6a7a60
 2023-04-03 15:17:03 +09:00
Treehugger Robot
3280726c25 Merge "Use kernel sys/fs/fuse/features/fuse_bpf flag to enable fuse_bpf" am: f784149627 am: 26860bbe17 am: a1388cb703 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2464374

Change-Id: Id7c96227804fb226f961f644bdd24198d44f24e4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-31 23:57:41 +00:00
Treehugger Robot
a1388cb703 Merge "Use kernel sys/fs/fuse/features/fuse_bpf flag to enable fuse_bpf" am: f784149627 am: 26860bbe17 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2464374

Change-Id: I85826d363554317743a4b71b93c164e28d659a7d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-31 23:24:33 +00:00
Treehugger Robot
26860bbe17 Merge "Use kernel sys/fs/fuse/features/fuse_bpf flag to enable fuse_bpf" am: f784149627 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2464374

Change-Id: I09e4ac9478650a4c3b33395b9703514d11dd6590
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-31 22:55:14 +00:00
Treehugger Robot
f784149627 Merge "Use kernel sys/fs/fuse/features/fuse_bpf flag to enable fuse_bpf" 2023-03-31 22:29:31 +00:00
Lakshman Annadorai
99467b5e4e Add cpu_monitor service context. 
Change-Id: Idefa3e55521477742f53681058575f11242e5b88
Test: m
Bug: 242722241
 2023-03-31 20:55:42 +00:00
Jiakai Zhang
2d0d80ae7f Merge "Allow system server to set dynamic ART properties." am: 326d35c04b am: 1502d1e604 am: afd4aee92d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2513825

Change-Id: Ibe28079aa1641ee7503d2de375eb41b1c4b81e45
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-31 15:37:27 +00:00
Jiakai Zhang
afd4aee92d Merge "Allow system server to set dynamic ART properties." am: 326d35c04b am: 1502d1e604 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2513825

Change-Id: I0c458ea55437e5f92ebf4abde13cc143099d36ff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-31 15:07:06 +00:00
Jiakai Zhang
1502d1e604 Merge "Allow system server to set dynamic ART properties." am: 326d35c04b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2513825

Change-Id: Ie73dabdb8090bfe7a72e1f8c59d91c3f00d62a43
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-31 14:36:30 +00:00
Jiakai Zhang
326d35c04b Merge "Allow system server to set dynamic ART properties." 2023-03-31 14:02:56 +00:00
Jiakai Zhang
22fb5c7d24 Allow system server to set dynamic ART properties. 
This change gives a new type (dalvik_dynamic_config_prop) to some ART
properties such as dalvik.vm.dex2oat-cpu-set and adds a new rule to
allow system server to set them.

Bug: 274530433
Test: Locally added some code to set those properties and saw it being
  successfull.
Change-Id: Ie28602e9039b7647656594ce5c184d29778fa089
 2023-03-31 11:46:05 +01:00
Steven Moreland
f03a315d26 Merge "Introduce vm_manager_device_type for crosvm" am: ccbe862858 am: 5c9967917f am: 18e43c6efa 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2506662

Change-Id: I6de6c83be7f2a138b219da4e77b9b830064139a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 17:42:04 +00:00
Treehugger Robot
32ab1929d4 Merge "Allow EVS HAL to access graphics related properties" am: c5da4fc2b9 am: 55319b0e16 am: 9f2f78f2b0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2500383

Change-Id: I29738e62c4fbef9852aad57ffe10cd3a11bc92a7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 17:40:47 +00:00
Primiano Tucci
31a96f152b Merge "Allow perfetto to write into perfetto_traces_bugreport_data_file" am: 252956dc37 am: 6542540b06 am: 1c59415ec2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2327644

Change-Id: I720e9c50fe56a41764403a006e773ff70e7b89bd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 17:36:00 +00:00
Steven Moreland
18e43c6efa Merge "Introduce vm_manager_device_type for crosvm" am: ccbe862858 am: 5c9967917f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2506662

Change-Id: I7816e16fd02e55a5b7cadc26232beab1d093cc25
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 17:34:53 +00:00
Treehugger Robot
9f2f78f2b0 Merge "Allow EVS HAL to access graphics related properties" am: c5da4fc2b9 am: 55319b0e16 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2500383

Change-Id: Ie711614e467c44705f92ce31000dc400c1da8712
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 17:17:42 +00:00
Steven Moreland
5c9967917f Merge "Introduce vm_manager_device_type for crosvm" am: ccbe862858 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2506662

Change-Id: I2372a6ab50e8e1563e5794460562d0e38acdb63c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 17:11:02 +00:00
Primiano Tucci
1c59415ec2 Merge "Allow perfetto to write into perfetto_traces_bugreport_data_file" am: 252956dc37 am: 6542540b06 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2327644

Change-Id: If6801d4be265445034aa9b0b298b7724b37671cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 17:02:08 +00:00
Treehugger Robot
55319b0e16 Merge "Allow EVS HAL to access graphics related properties" am: c5da4fc2b9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2500383

Change-Id: Ie7095f27114f70a9b49a9b49aa25df09aebdfa62
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 16:38:48 +00:00
Primiano Tucci
6542540b06 Merge "Allow perfetto to write into perfetto_traces_bugreport_data_file" am: 252956dc37 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2327644

Change-Id: I4c521518fbdd67862310ab54cc8c83d47b049940
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 16:35:37 +00:00
Steven Moreland
ccbe862858 Merge "Introduce vm_manager_device_type for crosvm" 2023-03-30 15:57:43 +00:00