summaryrefslogtreecommitdiff
path: root/coral-sepolicy.mk
AgeCommit message (Collapse)Author
2020-12-23oslo: add context for oslo debug propertiesJeffrey Carlyle
These are used for factory and testing purposes. Not renaming the properties at this time so that current factory and test procedures do not need to be updated. OsloService, which uses these properites, is only active on Flame and Coral devices. Fixes: 173095941 Test: checked motion sense functionality using alarm app Test: checked for "avc: denials" in logcat coming from OsloService Test: used setprop/getprop in adb root shell to change these props Test; used "getprop -Z" to verify props had new SELinux context Signed-off-by: Jeffrey Carlyle <jcarlyle@google.com> Change-Id: Ie870b11e7e694d20c44aa30de6f308f212449a55
2020-11-04Merge "Update ST NFC/SecureElement policies"George Chang
2020-11-03Revert^2 "Organize citadel's setting"Jing-yan, Jang
63406b657e9839e5e469877667b9495abcf0e245 Change-Id: I65448551412e1dd0979caa60a26f6f6571d3a6e9
2020-10-30Revert "Organize citadel's setting"Lokesh Gidra
Revert "Organize citadel's setting" Revert "fastbootd: allow fastbootd to access citadel" Revert "Organize citadel's setting" Revert "Organize citadel's setting and fastboot lib" Revert "Organize citadel's setting and fastboot lib" Revert "Organize citadel's setting" Revert "Organize citadel's setting" Revert "fastboot: Use doOemSpecificErase() to erase Titan M userdata" Revert "Organize citadel's setting" Revert "Organize citadel's setting and fastboot lib" Revert "Organize citadel's setting" Revert "Organize citadel's setting" Revert "Organize citadel's setting" Revert "Organize citadel's setting and fastboot lib" Revert "iOrganize citadel's setting" Revert submission 12945656-ORGANIZE_CITADEL_LIB_AND_FASTBOOTD Reason for revert: Device boot tests failing. Reverted Changes: Ieb1cf8cb6:Organize citadel's setting I8c965ff88:Organize citadel's setting and fastboot lib Ia472d7812:Organize citadel's setting Id922447dd:iOrganize citadel's setting I4e05236c0:Organize citadel's setting I8fea8a68c:Organize citadel's setting and fastboot lib I63c732ead:fastbootd: allow fastbootd to access citadel I379e9a717:fastboot: Include fastbootd and lib in pixel-commo... I46a30449a:fastboot: Use doOemSpecificErase() to erase Titan ... I6cded2df5:Organize citadel's setting and fastboot lib I388675440:Organize citadel's setting and fastboot lib Iec10ebc27:Organize citadel's setting I51d6db226:Organize citadel's setting I44c4a232e:Organize citadel's setting I8ef83954e:Organize citadel's setting I72ae3f968:Organize citadel's setting Ia3dbac300:Organize citadel's setting I2c9ff026a:Organize citadel's setting I50a6764e1:Organize citadel's setting Bug: 172063886 Change-Id: Iaa0ab9629a957599d84a3ebd3e7edd8bfde01a7a
2020-10-29Organize citadel's settingJoseph Jang
Bug: 169548154 Change-Id: I4e05236c01751aa2e97ac1df8c53dc66cb63a03a
2020-10-22Update ST NFC/SecureElement policiesGeorge Chang
Bug: 168875298 Bug: 160672745 Test: check no avc denial for nfc Change-Id: I51059a5a8f4afbb41505d1ed826c6aea8027894d
2020-08-19Fix sepolicy name conflictBenjamin Schwartz
Need to distinguish between power stats hal's main service and the vendor service that it runs to provide an AIDL interface to other userspace stats providers. This also uncovered a problem where con_monitor_app was not labeled as coredomain. Bug: 162472196 Bug: 162964335 Test: m Change-Id: Icb95bc0acf114f877c92f08d10372c4052526ff7
2020-07-07Citadel: move rules to common directoryKenny Root
Move all the common Citadel rules to a directory where they can all be changed simultaneously and avoid accidental version skew between the devices. Test: build affected devices locally Bug: 143330574 Change-Id: I238f5211ccb606af13fb429134d76eae847a7d8e
2020-05-15Merge "Allow appending PRODUCT_*_SEPOLICY_DIRS" into rvc-devKeun-young Park
2020-05-13coral-sepolicy: Add selinux rules for verizon OBDM appAdam Shih
Bug: 155809686 Test: build pass and make sure the contents are the same as before - check the domain in device can be changed to obdm_app to apply the rules Note: OBDM is a prebuilt app and tested on old projects with these rules, and we have no environment to do local test now, just sync patch from B1C1(http://ag/4059061, http://ag/4418057) Change-Id: I991b90c345043311077f3e65807432642ddad64c
2020-05-07Allow appending PRODUCT_*_SEPOLICY_DIRSKeun young Park
- Allow inherited devices to update the policy Bug: 156009417 Test: build inherited car devices Change-Id: I59c39698e74c4ca43f0d76f3840482f8191e0433
2020-02-14track wild avc errorAdam Shih
Bug: 122999081 Test: reboot with less avc error Change-Id: I009c0361d41aa441c21f67d07d12d6e9542ba234
2019-05-07sepolicy: add rules for iaxxx ramdump monitorJasmine Cha
- allow access to uevent, socket and ramdump_vendor_data_file Bug: 130656572 Test: Build all and test soundtrigger functions in enforcing mode. Verify SSR ramdump flow is working and ramdumps can be downloaded from SSR subsystem server. Change-Id: Id676aaeb46681b338b4d46f47a8874f0b640ff41 Signed-off-by: Jasmine Cha <chajasmine@google.com>
2019-03-27Use PRODUCT_*_SEPOLICY_DIRS to build product sepolicy.Anton Hansson
This places to product-specific sepolicy on /product. This CL is like I67636b7aaff2bd5ae5309981f9fa2f8ce51edf6f in aosp, but for coral. Bug: 119305624 Test: m selinux_policy Change-Id: I7b5e82b6a712458703dfef55e50c0a6aa2f96226
2018-09-10Add google-specific types and domains to coralAndrew Chant
Add google-specific types and domains to coral to allow insmod loading as well as google-specific services to be added to Coral. Bug: 111935745 Bug: 113168731 Change-Id: I3d8ed880d433d30dd9adb088563b5e4a02aba5ba
2018-08-27Initial coral sepolicyAndrew Chant
This has types and init domains only. Bug: 111935745 Test: lunch coral-userdebug && make Change-Id: Ic6c3a3bb8229a4a5bfcf13fd9a266a333084ea5a
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 23:11:34 +0000