tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
44624 commits 1 branch 0 tags 50 MiB
Commit graph

44624 commits

This branch
This branch
All branches
Author SHA1 Message Date
Treehugger Robot
fc5c365d81 Merge "Remove redundant allows" into main am: 598de5b6c8 am: e3fec04da1 am: c09b371bad am: ec4858c6b7 am: c6138d7be0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2677815

Change-Id: I3041150cb974cb291e586faeb1ef46bb8e432fc3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 13:33:49 +00:00
Treehugger Robot
c6138d7be0 Merge "Remove redundant allows" into main am: 598de5b6c8 am: e3fec04da1 am: c09b371bad am: ec4858c6b7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2677815

Change-Id: Ie74e438185552265c126608782d0342c56d9dc97
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 12:54:31 +00:00
Treehugger Robot
ec4858c6b7 Merge "Remove redundant allows" into main am: 598de5b6c8 am: e3fec04da1 am: c09b371bad 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2677815

Change-Id: I1f354c744de2887077b0ad7c06dcf00e18a3c9f7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 11:44:24 +00:00
Treehugger Robot
c09b371bad Merge "Remove redundant allows" into main am: 598de5b6c8 am: e3fec04da1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2677815

Change-Id: Id0834a2437bb9d95c3fd525026fe3cfcc9e60127
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 11:00:27 +00:00
Treehugger Robot
e3fec04da1 Merge "Remove redundant allows" into main am: 598de5b6c8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2677815

Change-Id: I866a4c2715f368af0c2d48e5de79bfba8bb270af
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 09:54:56 +00:00
Treehugger Robot
598de5b6c8 Merge "Remove redundant allows" into main 2023-07-27 09:23:23 +00:00
Eric Biggers
d6756caf61 Merge "Revert "Remove fsverity_init SELinux rules"" into main am: dfe3906e7b am: 9def335a7e am: 5be91be28c am: 82154bc9df am: 4e7f9b6963 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2676759

Change-Id: I7a812345e2dd6c5bd4625ebc709e82b6a72b817a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 22:17:05 +00:00
Eric Biggers
4e7f9b6963 Merge "Revert "Remove fsverity_init SELinux rules"" into main am: dfe3906e7b am: 9def335a7e am: 5be91be28c am: 82154bc9df 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2676759

Change-Id: I3bae25b58c3d158c0c8f812936551ecd59ce5044
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 21:26:43 +00:00
Eric Biggers
82154bc9df Merge "Revert "Remove fsverity_init SELinux rules"" into main am: dfe3906e7b am: 9def335a7e am: 5be91be28c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2676759

Change-Id: Icdbe47406f8f00b7a4a8db70a0643f3bb5ec8f69
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 20:39:17 +00:00
Eric Biggers
5be91be28c Merge "Revert "Remove fsverity_init SELinux rules"" into main am: dfe3906e7b am: 9def335a7e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2676759

Change-Id: Id87d9dee76b3b4e49ccf69b6f9bcd6a9ff91fb23
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 19:54:15 +00:00
Eric Biggers
9def335a7e Merge "Revert "Remove fsverity_init SELinux rules"" into main am: dfe3906e7b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2676759

Change-Id: I4bd15df782993f7694e34e4093d68b24443601d6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 19:08:06 +00:00
Eric Biggers
dfe3906e7b Merge "Revert "Remove fsverity_init SELinux rules"" into main 2023-07-26 18:06:52 +00:00
Alan Stokes
25ab737cb7 Remove redundant allows 
While searching the policy I came across some ancient TODOs, which can
now be done.

Bug: 186396070
Test: atest MicrodroidTests MicrodroidHostTests
Test: Manually run vm_shell start-microdroid
Change-Id: I21b9f992394b637399cc074dca8339e3167cf5af
 2023-07-26 17:12:23 +01:00
Alfred Piccioni
d1751e7592 Merge "Add dontaudit for rs fd usage" into main am: e850e98669 am: 71dc3379f6 am: a44a6a087c am: 92b8c6e8d5 am: fc46619630 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2673701

Change-Id: If75a078bee481e850852317b25edf7ae4be08c48
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 14:44:30 +00:00
Vadim Caen
1debb1f293 Merge "Policy for virtual_camera" into main am: bb59231998 am: 2199233cfd am: 3674481782 am: 96c681a8a1 am: 81bc867e73 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2655420

Change-Id: Ic708afb2898331a07a6c24f92ac9ae739d1406b0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 14:44:18 +00:00
Dennis Shen
7a50983c15 Merge "SELinux allow listing core_experiements_team_internal namespace" into main am: d0042c6e99 am: 5d837ee749 am: 2601a373fb am: e3c06598a0 am: 56b3c80d1c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2675539

Change-Id: Ic6b580030e612a95951e5e23c0e9c02bc350e312
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 14:44:05 +00:00
Inseob Kim
9fce587e6c Merge "Update seapp_contexts precedence documentation" into main am: 60b8c39abc am: 66ea241db2 am: 73702452b9 am: c5fee689c7 am: 5fa5bc95a9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2671176

Change-Id: Idee8fe645da9fe135bb533b21a77aba5d07e7e1d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 14:43:47 +00:00
Martin Stjernholm
13a923d766 Allow dex2oat access to symlinks in APEXes to find DCLA libs. am: 76b87a1874 am: 4aa7004f12 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/24194165

Change-Id: Ifcd2d8ca971c5dd16d9dd896f64d459c0ef0bf95
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 14:43:20 +00:00
Alfred Piccioni
fc46619630 Merge "Add dontaudit for rs fd usage" into main am: e850e98669 am: 71dc3379f6 am: a44a6a087c am: 92b8c6e8d5 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2673701

Change-Id: Ic8a6c8f53ab147108ffd152a5295243ddd843e64
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 14:21:10 +00:00
Vadim Caen
81bc867e73 Merge "Policy for virtual_camera" into main am: bb59231998 am: 2199233cfd am: 3674481782 am: 96c681a8a1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2655420

Change-Id: Icfd3b2aba61af1931407fbdf22fa1361dff036c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 14:20:59 +00:00
Dennis Shen
56b3c80d1c Merge "SELinux allow listing core_experiements_team_internal namespace" into main am: d0042c6e99 am: 5d837ee749 am: 2601a373fb am: e3c06598a0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2675539

Change-Id: Ie5c0a73ae2fdac33c947bc516ecc736c729bf6a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 14:20:46 +00:00
Inseob Kim
5fa5bc95a9 Merge "Update seapp_contexts precedence documentation" into main am: 60b8c39abc am: 66ea241db2 am: 73702452b9 am: c5fee689c7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2671176

Change-Id: I9b0fcd48155d1440454e345783ed9562ee91aaf6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 14:20:29 +00:00
Martin Stjernholm
4aa7004f12 Allow dex2oat access to symlinks in APEXes to find DCLA libs. am: 76b87a1874 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/24194165

Change-Id: Ibbfaeaaa89c637a0858eb53ce197d61b9d83aa28
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 13:56:54 +00:00
Alfred Piccioni
92b8c6e8d5 Merge "Add dontaudit for rs fd usage" into main am: e850e98669 am: 71dc3379f6 am: a44a6a087c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2673701

Change-Id: I9417fe5c9821cdba69da429a9644240e5580f6ff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 13:36:31 +00:00
Vadim Caen
96c681a8a1 Merge "Policy for virtual_camera" into main am: bb59231998 am: 2199233cfd am: 3674481782 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2655420

Change-Id: I50e5361dbd21b189292b771c38764ab082aa9b05
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 13:36:21 +00:00
Dennis Shen
e3c06598a0 Merge "SELinux allow listing core_experiements_team_internal namespace" into main am: d0042c6e99 am: 5d837ee749 am: 2601a373fb 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2675539

Change-Id: Icfcbdc3dcd01560639db6ea8f4cf79b9790c2d4d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 13:36:09 +00:00
Inseob Kim
c5fee689c7 Merge "Update seapp_contexts precedence documentation" into main am: 60b8c39abc am: 66ea241db2 am: 73702452b9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2671176

Change-Id: I94239971c6a5f195d597156061695eb56bc78b7d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 13:35:53 +00:00
Alfred Piccioni
a44a6a087c Merge "Add dontaudit for rs fd usage" into main am: e850e98669 am: 71dc3379f6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2673701

Change-Id: Ia9a487f93ee436daab8763086c2128cc09db352c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 13:15:13 +00:00
Alfred Piccioni
71dc3379f6 Merge "Add dontaudit for rs fd usage" into main am: e850e98669 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2673701

Change-Id: Ib40cb92fccc48413322c7439e58d03cd35c94017
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 12:55:24 +00:00
Vadim Caen
3674481782 Merge "Policy for virtual_camera" into main am: bb59231998 am: 2199233cfd 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2655420

Change-Id: Ic8d5d7b1cdd0d72777cd8ac1bd58ad0a4f5fa619
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 12:53:11 +00:00
Dennis Shen
2601a373fb Merge "SELinux allow listing core_experiements_team_internal namespace" into main am: d0042c6e99 am: 5d837ee749 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2675539

Change-Id: I7597c71c700dd6e3c1785a8d0afd6bbc70e1e515
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 12:52:58 +00:00
Inseob Kim
73702452b9 Merge "Update seapp_contexts precedence documentation" into main am: 60b8c39abc am: 66ea241db2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2671176

Change-Id: I6b9963e0b4409b3586c5ab82755539dbcadbadd1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 12:52:39 +00:00
Alfred Piccioni
e850e98669 Merge "Add dontaudit for rs fd usage" into main 2023-07-26 12:47:12 +00:00
Vadim Caen
2199233cfd Merge "Policy for virtual_camera" into main am: bb59231998 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2655420

Change-Id: I2321f72b47111a3900f3b5e645a77b7f2a728d1d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 12:33:49 +00:00
Dennis Shen
5d837ee749 Merge "SELinux allow listing core_experiements_team_internal namespace" into main am: d0042c6e99 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2675539

Change-Id: I234aa003d11f42376a6a836c0716165e8e6e0e31
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 12:32:42 +00:00
Vadim Caen
bb59231998 Merge "Policy for virtual_camera" into main 2023-07-26 12:20:17 +00:00
Dennis Shen
d0042c6e99 Merge "SELinux allow listing core_experiements_team_internal namespace" into main 2023-07-26 12:16:44 +00:00
Inseob Kim
66ea241db2 Merge "Update seapp_contexts precedence documentation" into main am: 60b8c39abc 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2671176

Change-Id: I4c6d4a5f904fbf8121f3ff982fa44108a3ce792c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 12:09:32 +00:00
Inseob Kim
60b8c39abc Merge "Update seapp_contexts precedence documentation" into main 2023-07-26 11:39:08 +00:00
Inseob Kim
7bb1b5d170 Update seapp_contexts precedence documentation 
Bug: 280547417
Test: TH
Change-Id: I914ef7a7f87b0646411a67e4eec128b61d3ff321
 2023-07-26 11:28:55 +00:00
Alfred Piccioni
dcb9c2b044 Add dontaudit for rs fd usage 
These issues pop up on ocassion, and are very hard to diagnose. Since
renderscript is deprecated, we shouldn't be seeing any new problems with
it, but there isn't pressure to fix these issues as renderscript should
go away on it's own eventually.

Fixes: 291211299
Test: Boot, no audit statements.
Change-Id: I9d595520ecabea562b8e9d4b113bb18db101219a
 2023-07-26 12:12:41 +02:00
Yunkai Lim
486fa9fb0a Revert "Remove fsverity_init SELinux rules" 
Revert submission 2662658-fsverity-init-cleanup

Reason for revert: Culprit for test breakage b/293232766

Reverted changes: /q/submissionid:2662658-fsverity-init-cleanup

Change-Id: I941c28e44890edd0e06dcc896fbd5158d34fded3
 2023-07-26 06:21:37 +00:00
Eric Biggers
d7de3a5615 Merge "Remove fsverity_init SELinux rules" into main am: 3a575356fa am: ca7e36f44e am: 9f946680ba am: 5666555817 am: bfdf5ff0f6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2662775

Change-Id: I3c06ba416f96fa2011ba35c5d0c95fd75230df0d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 02:52:08 +00:00
Eric Biggers
bfdf5ff0f6 Merge "Remove fsverity_init SELinux rules" into main am: 3a575356fa am: ca7e36f44e am: 9f946680ba am: 5666555817 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2662775

Change-Id: Ibe21873299d4e1b2d240b50867ec4265043fb4cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 02:03:56 +00:00
Eric Biggers
5666555817 Merge "Remove fsverity_init SELinux rules" into main am: 3a575356fa am: ca7e36f44e am: 9f946680ba 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2662775

Change-Id: I323e47cb925c2dcb4cc5875957d199f4e3fb5fde
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 01:22:30 +00:00
Eric Biggers
9f946680ba Merge "Remove fsverity_init SELinux rules" into main am: 3a575356fa am: ca7e36f44e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2662775

Change-Id: If8c09076709334da183a555bdf9c83b81a964107
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 00:35:03 +00:00
Eric Biggers
ca7e36f44e Merge "Remove fsverity_init SELinux rules" into main am: 3a575356fa 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2662775

Change-Id: I784acd4f47202d90e5ff81aa97bc49d8b9dd7846
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-25 23:46:13 +00:00
Eric Biggers
3a575356fa Merge "Remove fsverity_init SELinux rules" into main 2023-07-25 22:49:09 +00:00
Dennis Shen
3b8c57fb93 SELinux allow listing core_experiements_team_internal namespace 
Bug: b/291771863
Change-Id: I788e4d5241d824dee249aa8c6d7cb5405c0fac37
 2023-07-25 20:15:02 +00:00
Treehugger Robot
53a165d33d Merge "Allow dex2oat access to symlinks in APEXes to find DCLA libs." into main am: 9f8e315bc8 am: 22af70c4b9 am: 2239b4e016 am: 33f980db75 am: cf350b60ee 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2673696

Change-Id: Ib7c5b71a5a4e1ee8f4cf3c59340a61718deb85a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-25 20:06:08 +00:00