tequilaOS/platform_system_sepolicy

Author SHA1 Message Date

Author	SHA1	Message	Date
Jaekyun Seok	e49714542e	Whitelist exported platform properties This CL lists all the exported platform properties in private/exported_property_contexts. Additionally accessing core_property_type from vendor components is restricted. Instead public_readable_property_type is used to allow vendor components to read exported platform properties, and accessibility from vendor_init is also specified explicitly. Note that whitelisting would be applied only if PRODUCT_COMPATIBLE_PROPERTY is set on. Bug: 38146102 Test: tested on walleye with PRODUCT_COMPATIBLE_PROPERTY=true Change-Id: I304ba428cc4ca82668fec2ddeb17c971e7ec065e	2018-01-10 16:15:25 +00:00
Steven Moreland	763697d425	Use PRODUCT_SEPOLICY_SPLIT for full Treble. PRODUCT_FULL_TREBLE is being broken up into smaller, more manageable components. Bug: 62019611 Test: manual Change-Id: I9b65f120851d9ea134a0059a417f0282777717fc	2017-11-10 10:25:23 -08:00
Dan Cashman	36ee91d4b5	Add sepolicy definitions.mk and create policy.conf function. Bug: 36899958 Test: Builds 'n' boots. Change-Id: I5836a18f9d0a9a976dda7304045e3b9e1e84565e Merged-In: I5836a18f9d0a9a976dda7304045e3b9e1e84565e (cherry picked from commit `c0713e8679`)	2017-08-25 15:08:45 +08:00

Jaekyun Seok

e49714542e

Whitelist exported platform properties

This CL lists all the exported platform properties in
private/exported_property_contexts.

Additionally accessing core_property_type from vendor components is
restricted.
Instead public_readable_property_type is used to allow vendor components
to read exported platform properties, and accessibility from
vendor_init is also specified explicitly.

Note that whitelisting would be applied only if
PRODUCT_COMPATIBLE_PROPERTY is set on.

Bug: 38146102
Test: tested on walleye with PRODUCT_COMPATIBLE_PROPERTY=true
Change-Id: I304ba428cc4ca82668fec2ddeb17c971e7ec065e

2018-01-10 16:15:25 +00:00

Steven Moreland

763697d425

Use PRODUCT_SEPOLICY_SPLIT for full Treble.

PRODUCT_FULL_TREBLE is being broken up into smaller,
more manageable components.

Bug: 62019611
Test: manual
Change-Id: I9b65f120851d9ea134a0059a417f0282777717fc

2017-11-10 10:25:23 -08:00

Dan Cashman

36ee91d4b5

Add sepolicy definitions.mk and create policy.conf function.

Bug: 36899958
Test: Builds 'n' boots.
Change-Id: I5836a18f9d0a9a976dda7304045e3b9e1e84565e
Merged-In: I5836a18f9d0a9a976dda7304045e3b9e1e84565e
(cherry picked from commit c0713e8679)

2017-08-25 15:08:45 +08:00

3 commits