summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-04-07uv_exposure_reporter: updated sepolicy am: 3d5fba65be am: e79949ecbbtemp_ab_7272582Vova Sharaienko
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1663041 Change-Id: Ib4e9c38663d85c1032ebcc29c356c6dc4722a6e9
2021-04-07uv_exposure_reporter: updated sepolicy am: 3d5fba65beVova Sharaienko
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1663041 Change-Id: I16f6d24c08e0ce942207345f293fc8d67177a06e
2021-04-02uv_exposure_reporter: updated sepolicyVova Sharaienko
This allows the uv_exposure_reporter to access AIDL Stats service Bug: 181892307 Test: Build, flash, boot & and logcat | grep "uv_exposure_reporter" Change-Id: I5aaa2a815ec91e5503197e57508804813d4c2aa3
2021-03-25hal_health_default: updated sepolicy am: 9e3a68b03c am: c48f8f377eVova Sharaienko
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1652891 Change-Id: I76866b58719bb5f8342b01df51ab2bb4a8e2742b
2021-03-25hal_health_default: updated sepolicy am: 9e3a68b03cVova Sharaienko
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1652891 Change-Id: I1407120a6f57ae13878b3cadefc036aa8c5518e7
2021-03-25hal_health_default: updated sepolicyVova Sharaienko
This allows the hal_health_default to access AIDL Stats service Bug: 181351177 Test: Build, flash, boot & and logcat | grep "hal_health_default" Change-Id: I35fe6fbfa6d098a05286785449fa51223f14563a
2021-03-24Hardwareinfo: remove platform sign key am: 5672357d03 am: 326fd12107Denny cy Lee
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1633399 Change-Id: Idab2d2a523c3fce5320f5fa153c35f9aaa9c931a
2021-03-24Hardwareinfo: remove platform sign key am: 5672357d03Denny cy Lee
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1633399 Change-Id: I15bbb1c130a0b5653e699c3ec40257f99c0e7e6a
2021-03-24Hardwareinfo: remove platform sign keyDenny cy Lee
Sign with default key Test: manually, connect to wifi, reboot and check logcat, no new error message after apply patch adb logcat |egrep "Hardware|System.err" Bug: 162295589 Signed-off-by: Denny cy Lee <dennycylee@google.com> Change-Id: Iafb8f978981a03020974804f121f04aec7bf334f Merged-in: Iafb8f978981a03020974804f121f04aec7bf334f
2021-03-24Merge "Add se-policy for new GRIL service and RadioExt hal APIs" am: ↵Labib Rashid
11190af27c am: b4091a5216 Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1651607 Change-Id: I33af54e97e239ecec28beb44d8cd61a57bbeb250
2021-03-24Merge "Add se-policy for new GRIL service and RadioExt hal APIs" am: 11190af27cLabib Rashid
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1651607 Change-Id: I9fd1fd51ebc64bff1ab6221e0b80fba0cc98c4dd
2021-03-24Merge "Add se-policy for new GRIL service and RadioExt hal APIs"Labib Rashid
2021-03-23Add se-policy for new GRIL service and RadioExt hal APIsLabib Rashid
Added permission - IBluetoothHal access for GRIL service Bug: 172294179 Change-Id: I2a4af793332c21b0968b3aaf4e13434bdef3ee1e
2021-03-23Commonize pixelstats uevent sepolicies into pixel-specific sepolicy folder ↵Stephane Lee
am: 3d19dc020a am: adf5639346 Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1646098 Change-Id: I17922c883b09801fe74d666e054f99f3aff0c184
2021-03-23Commonize pixelstats uevent sepolicies into pixel-specific sepolicy folder ↵Stephane Lee
am: 3d19dc020a Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1646098 Change-Id: I416fe8fb69d4c70cfbf24bf875a8f703325022c7
2021-03-19Commonize pixelstats uevent sepolicies into pixel-specific sepolicy folderStephane Lee
Bug: 171793497 Test: Ensure there are no sepolicy violations for this device Change-Id: I979a149ad427bcbfc6a1faf89e26fe710ff7e166
2021-03-19Update avc error on ROM 7217113 am: 29ad38d322 am: 06d72b0febsukiliu
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1644466 Change-Id: Ic07cd0855914a425f67402b115f728cf4849efa2
2021-03-19Update avc error on ROM 7217113 am: 29ad38d322sukiliu
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1644466 Change-Id: I23be86233884931880a95389bf1a219c513d9959
2021-03-18Update avc error on ROM 7217113sukiliu
avc: denied { set } for property=persist.vendor.data.offload_ko_load pid=1262 uid=1001 gid=1001 scontext=u:r:netmgrd:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0' Bug: 183070459 Test: boot test Change-Id: I5abdcce7c97c0c54662ea433897bafde9f75b0cd
2021-03-05Merge "[DO NOT MERGE] Revert "[DO NOT MERGE] Syncronize pixel-sepolicy and ↵TreeHugger Robot
set source of truth"" into rvc-qpr-dev-plus-aosp
2021-03-05Merge "hal_sensors_default: updated sepolicy" am: e01b297e48 am: e07efeb0dbVova Sharaienko
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1619804 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: Ieb651d7a6e1bddcaa11017f462bfc3ea8fd5c09b
2021-03-05Merge "hal_sensors_default: updated sepolicy" am: e01b297e48Vova Sharaienko
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1619804 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: I38d5ad0adbe91a9097127736da86cef2404ee5d3
2021-03-05Merge "hal_sensors_default: updated sepolicy"Vova Sharaienko
2021-03-04hal_sensors_default: updated sepolicyVova Sharaienko
This allows the hal_sensors_default implementation library libsensorsuez access AIDL Stats service via system servicemanager Bug: 178523659 Test: Build, flash, boot & and logcat | grep "hal_sensors_default" Change-Id: I73d9bafa450a8a1a6392d22990c7ccd240877b3a
2021-03-04[DO NOT MERGE] Revert "[DO NOT MERGE] Syncronize pixel-sepolicy and set ↵Raff Tsai
source of truth" This reverts commit e83303ed0b48d2b20c2beeeaa412a54c24659808. Reason for revert: b/181838106 Change-Id: If42ea99664915c1f02d2d66da7d105ac7d1f7713
2021-03-04Merge "[DO NOT MERGE] Syncronize pixel-sepolicy and set source of truth" ↵Adam Shih
into rvc-qpr-dev-plus-aosp
2021-03-03[automerger skipped] Merge RQ2A.210305.007 am: 893d39c8fc -s ours am: ↵Xin Li
8f2d724f6f -s ours am skip reason: Change-Id I646cf656401a6e71345c4faf7f89ab8d0d1b822b with SHA-1 df0a11bc42 is in history Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1611850 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: I508de429d17d1620942b0b539eb95c38b7154297
2021-03-03[automerger skipped] Merge RQ2A.210305.007 am: 893d39c8fc -s oursXin Li
am skip reason: Change-Id I646cf656401a6e71345c4faf7f89ab8d0d1b822b with SHA-1 df0a11bc42 is in history Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1611850 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: I6e464981edcd006595af29b25de3217a07c67f8d
2021-03-03Merge RQ2A.210305.007Xin Li
Bug: 180401296 Merged-In: I646cf656401a6e71345c4faf7f89ab8d0d1b822b Change-Id: Ied6791f500726eb0232096e4996ad89560e99210
2021-03-03[DO NOT MERGE] Syncronize pixel-sepolicy and set source of truthAdam Shih
Bug: 168011527 Test: built pass Change-Id: If5846bbc4e406d8dfac323142ad9324c5101aeba
2021-02-23[automerger skipped] Merge ab/7061308 into stage. am: df0a11bc42 -s oursXin Li
am skip reason: Change-Id I6de871f2a9107c4a8438139af720a86e3e760756 with SHA-1 40a650a671 is in history Original change: https://googleplex-android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/13657535 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: I7893cee8b6eeb3c198ae2e6c2290f8aa562fc875
2021-02-21Merge ab/7061308 into stage.temp_RQ2A.210305.007Xin Li
Bug: 180401296 Merged-In: I6de871f2a9107c4a8438139af720a86e3e760756 Change-Id: I646cf656401a6e71345c4faf7f89ab8d0d1b822b
2021-02-11Stats: new sepolicy for the AIDL service am: a189add191 am: ab4e00b7d4Vova Sharaienko
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1582312 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: Ifb7fc9c4b773950fa88a6b59a844a99d7c414c1e
2021-02-11Stats: new sepolicy for the AIDL service am: a189add191Vova Sharaienko
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1582312 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: I4982c4d55e05ed919435c01554c924c934b29190
2021-02-10Stats: new sepolicy for the AIDL serviceandroid-s-preview-1Vova Sharaienko
This allows the statspixel_vendor communicate with new AIDL IStats service via ServiceManager Bug: 178859845 Test: Build, flash, and logcat -s "statspixel_vendor" Change-Id: Idab7581c33b41d28bf50c4d0024cf0b822feba4a
2021-02-05Merge "allow secure_ui_service_app app_api_service:service_manager find" am: ↵Treehugger Robot
24a2d63d05 am: 91b7eb79bb Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1575995 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: I1c0044cf438efdb416e89e2e256fe0bfeec5f6ad
2021-02-05Merge "allow secure_ui_service_app app_api_service:service_manager find" am: ↵Treehugger Robot
24a2d63d05 Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1575995 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: Id83c569d1ff68d2fcca9108df8d6670f088a52f9
2021-02-05Merge "allow secure_ui_service_app app_api_service:service_manager find"Treehugger Robot
2021-02-04allow secure_ui_service_app app_api_service:service_manager findMaciej Żenczykowski
which obliviates the need for: allow secure_ui_service_app activity_service:service_manager find; allow secure_ui_service_app surfaceflinger_service:service_manager find; allow secure_ui_service_app telecom_service:service_manager find; allow secure_ui_service_app thermal_service:service_manager find; allow secure_ui_service_app trust_service:service_manager find; because they all are app_api_service's This should also fix: auditd : avc: denied { find } for pid=4625 uid=10140 name=tethering scontext=u:r:secure_ui_service_app:s0:c140,c256,c512,c768 tcontext=u:object_r:tethering_service:s0 tclass=service_manager which would require: allow secure_ui_service_app tethering_service:service_manager find; but again, tethering_service is a app_api_service See system/sepolicy/public/service.te: type activity_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; type surfaceflinger_service, app_api_service, ephemeral_app_api_service, service_manager_type; type telecom_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; type tethering_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; type thermal_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; type trust_service, app_api_service, system_server_service, service_manager_type; Test: TreeHugger Bug: 179337939 Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: I9bb9f2a580ac615a552f7bac97e478bf086243f6 Merged-In: I9bb9f2a580ac615a552f7bac97e478bf086243f6
2021-02-04logger_app: Remove Pixelize rule am: ec6daf80d3 am: af9cb131dfchenpaul
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1569762 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: Icfdaad0bf98a9a10985b36de0ff34bbb9e916113
2021-02-04logger_app: Remove Pixelize rule am: ec6daf80d3chenpaul
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1569762 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: I6f06e7f7207bf20f3273d9eefb7ce08c6356bdb4
2021-02-03logger_app: Remove Pixelize rulechenpaul
In original design, pixellogger was included in Pixelize mk file, but the sepolicy are defined by the product specific te file. These are not aligned and have dependency concern if add new sepolicy rule in Pixelize te file. This change remove the Pixelize rule from the device specifc te file. And the Pixelize rule will be defined by hardware/google/pixel-sepolicy/logger_app/logger_app.te Bug: 159650456 Test: Pixel Logger is workable Change-Id: Ib8b439c078be4d0589d3397678322b1b428f9b55
2021-02-01update error on ROM 7114623 am: 7bc289b6a4 am: c305fe87a7Adam Shih
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1566238 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: I3a937014eeae426b8a200523c80dfde8ffe61bb1
2021-02-01update error on ROM 7114623 am: 7bc289b6a4Adam Shih
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1566238 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: If0d65c1db3f72380785d019baae949c1e062d29b
2021-02-01update error on ROM 7114623Adam Shih
Bug: 178985646 Test: pts-tradefed run pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot Change-Id: I3facf1c9bddc58deebd3e066346370d3acee58bc
2021-01-25Merge "vold: remove dontaudit rule" am: 14a7638478 am: a4c3152705Randall Huang
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1550656 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: Ib48692fff86815a346b305dbcfab3991c9c7cb08
2021-01-25Merge "vold: remove dontaudit rule" am: 14a7638478Randall Huang
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1550656 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: Iadc1eae6520be075335fbe8265ea0857f7a9a559
2021-01-25Merge "vold: remove dontaudit rule"Randall Huang
2021-01-18update errors coming from ROM 7083558 am: e0ac6a592d am: e02d46c319Adam Shih
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1552060 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: I6238d4280cf70ccb4e326515dc5a30076c3faf5b
2021-01-18update errors coming from ROM 7083558 am: e0ac6a592dAdam Shih
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1552060 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: I9fa5e98bdb6ce74cdbf9f5ae832d902c3b44c8ba
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-17 10:30:30 +0000