tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/private/compat
History
Inseob Kim edf58243dd Add debugfs permission to 29.0 and 30.0 compat cil 
Since Android S, we started to enforce the debugfs restrictions. However,
GSI had it turned off (PRODUCT_SET_DEBUGFS_RESTRICTIONS := false) in order
to support pre-S vendor images.

This has an undesirable side effect that the restriction is turned off even
for S+ vendors.

This CL fixes it by

1) re-enabling the restriction for GSI and

2) manually adding the debugfs permissions only to the compat cil for the
pre-S (29 and 30) vendors, effectively turning the restriction off for
them.

Bug: 330671086
Test: build
Test: run neverallow CTS
Change-Id: I5cd554b1b9f729a540e6b0f2aa0662091b691f0c
2024-04-16 01:24:41 +00:00
..
29.0 Add debugfs permission to 29.0 and 30.0 compat cil 2024-04-16 01:24:41 +00:00
30.0 Add debugfs permission to 29.0 and 30.0 compat cil 2024-04-16 01:24:41 +00:00
31.0 Add comments on compat files 2023-01-31 09:57:26 +09:00
32.0 Merge "Add comments on compat files" am: beee8849a6 2023-01-31 07:32:10 +00:00
33.0 Prebuilt updates am: 448968a6d1 2023-11-29 06:25:40 +00:00
34.0 Revert^2 "Add pm.archiving.enabled system property" 2024-04-11 00:56:13 +00:00
202404 Merge "Revert^2 "Add pm.archiving.enabled system property"" into main 2024-04-11 03:34:52 +00:00