Age | Commit message (Collapse) | Author |
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1663041
Change-Id: Ib4e9c38663d85c1032ebcc29c356c6dc4722a6e9
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1663041
Change-Id: I16f6d24c08e0ce942207345f293fc8d67177a06e
|
|
This allows the uv_exposure_reporter to access AIDL Stats service
Bug: 181892307
Test: Build, flash, boot & and logcat | grep "uv_exposure_reporter"
Change-Id: I5aaa2a815ec91e5503197e57508804813d4c2aa3
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1652891
Change-Id: I76866b58719bb5f8342b01df51ab2bb4a8e2742b
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1652891
Change-Id: I1407120a6f57ae13878b3cadefc036aa8c5518e7
|
|
This allows the hal_health_default to access AIDL Stats service
Bug: 181351177
Test: Build, flash, boot & and logcat | grep "hal_health_default"
Change-Id: I35fe6fbfa6d098a05286785449fa51223f14563a
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1633399
Change-Id: Idab2d2a523c3fce5320f5fa153c35f9aaa9c931a
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1633399
Change-Id: I15bbb1c130a0b5653e699c3ec40257f99c0e7e6a
|
|
Sign with default key
Test: manually, connect to wifi, reboot and check logcat, no new error
message after apply patch
adb logcat |egrep "Hardware|System.err"
Bug: 162295589
Signed-off-by: Denny cy Lee <dennycylee@google.com>
Change-Id: Iafb8f978981a03020974804f121f04aec7bf334f
Merged-in: Iafb8f978981a03020974804f121f04aec7bf334f
|
|
11190af27c am: b4091a5216
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1651607
Change-Id: I33af54e97e239ecec28beb44d8cd61a57bbeb250
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1651607
Change-Id: I9fd1fd51ebc64bff1ab6221e0b80fba0cc98c4dd
|
|
|
|
Added permission
- IBluetoothHal access for GRIL service
Bug: 172294179
Change-Id: I2a4af793332c21b0968b3aaf4e13434bdef3ee1e
|
|
am: 3d19dc020a am: adf5639346
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1646098
Change-Id: I17922c883b09801fe74d666e054f99f3aff0c184
|
|
am: 3d19dc020a
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1646098
Change-Id: I416fe8fb69d4c70cfbf24bf875a8f703325022c7
|
|
Bug: 171793497
Test: Ensure there are no sepolicy violations for this device
Change-Id: I979a149ad427bcbfc6a1faf89e26fe710ff7e166
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1644466
Change-Id: Ic07cd0855914a425f67402b115f728cf4849efa2
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1644466
Change-Id: I23be86233884931880a95389bf1a219c513d9959
|
|
avc: denied { set } for property=persist.vendor.data.offload_ko_load pid=1262 uid=1001 gid=1001 scontext=u:r:netmgrd:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0'
Bug: 183070459
Test: boot test
Change-Id: I5abdcce7c97c0c54662ea433897bafde9f75b0cd
|
|
set source of truth"" into rvc-qpr-dev-plus-aosp
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1619804
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Ieb651d7a6e1bddcaa11017f462bfc3ea8fd5c09b
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1619804
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I38d5ad0adbe91a9097127736da86cef2404ee5d3
|
|
|
|
This allows the hal_sensors_default implementation library libsensorsuez
access AIDL Stats service via system servicemanager
Bug: 178523659
Test: Build, flash, boot & and logcat | grep "hal_sensors_default"
Change-Id: I73d9bafa450a8a1a6392d22990c7ccd240877b3a
|
|
source of truth"
This reverts commit e83303ed0b48d2b20c2beeeaa412a54c24659808.
Reason for revert: b/181838106
Change-Id: If42ea99664915c1f02d2d66da7d105ac7d1f7713
|
|
into rvc-qpr-dev-plus-aosp
|
|
8f2d724f6f -s ours
am skip reason: Change-Id I646cf656401a6e71345c4faf7f89ab8d0d1b822b with SHA-1 df0a11bc42 is in history
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1611850
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I508de429d17d1620942b0b539eb95c38b7154297
|
|
am skip reason: Change-Id I646cf656401a6e71345c4faf7f89ab8d0d1b822b with SHA-1 df0a11bc42 is in history
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1611850
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I6e464981edcd006595af29b25de3217a07c67f8d
|
|
Bug: 180401296
Merged-In: I646cf656401a6e71345c4faf7f89ab8d0d1b822b
Change-Id: Ied6791f500726eb0232096e4996ad89560e99210
|
|
Bug: 168011527
Test: built pass
Change-Id: If5846bbc4e406d8dfac323142ad9324c5101aeba
|
|
am skip reason: Change-Id I6de871f2a9107c4a8438139af720a86e3e760756 with SHA-1 40a650a671 is in history
Original change: https://googleplex-android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/13657535
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I7893cee8b6eeb3c198ae2e6c2290f8aa562fc875
|
|
Bug: 180401296
Merged-In: I6de871f2a9107c4a8438139af720a86e3e760756
Change-Id: I646cf656401a6e71345c4faf7f89ab8d0d1b822b
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1582312
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Ifb7fc9c4b773950fa88a6b59a844a99d7c414c1e
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1582312
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I4982c4d55e05ed919435c01554c924c934b29190
|
|
This allows the statspixel_vendor communicate with new AIDL IStats service via ServiceManager
Bug: 178859845
Test: Build, flash, and logcat -s "statspixel_vendor"
Change-Id: Idab7581c33b41d28bf50c4d0024cf0b822feba4a
|
|
24a2d63d05 am: 91b7eb79bb
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1575995
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I1c0044cf438efdb416e89e2e256fe0bfeec5f6ad
|
|
24a2d63d05
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1575995
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Id83c569d1ff68d2fcca9108df8d6670f088a52f9
|
|
|
|
which obliviates the need for:
allow secure_ui_service_app activity_service:service_manager find;
allow secure_ui_service_app surfaceflinger_service:service_manager find;
allow secure_ui_service_app telecom_service:service_manager find;
allow secure_ui_service_app thermal_service:service_manager find;
allow secure_ui_service_app trust_service:service_manager find;
because they all are app_api_service's
This should also fix:
auditd : avc: denied { find } for pid=4625 uid=10140 name=tethering scontext=u:r:secure_ui_service_app:s0:c140,c256,c512,c768 tcontext=u:object_r:tethering_service:s0 tclass=service_manager
which would require:
allow secure_ui_service_app tethering_service:service_manager find;
but again, tethering_service is a app_api_service
See system/sepolicy/public/service.te:
type activity_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
type surfaceflinger_service, app_api_service, ephemeral_app_api_service, service_manager_type;
type telecom_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
type tethering_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
type thermal_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;
type trust_service, app_api_service, system_server_service, service_manager_type;
Test: TreeHugger
Bug: 179337939
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I9bb9f2a580ac615a552f7bac97e478bf086243f6
Merged-In: I9bb9f2a580ac615a552f7bac97e478bf086243f6
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1569762
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Icfdaad0bf98a9a10985b36de0ff34bbb9e916113
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1569762
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I6f06e7f7207bf20f3273d9eefb7ce08c6356bdb4
|
|
In original design, pixellogger was included in Pixelize mk file,
but the sepolicy are defined by the product specific te file.
These are not aligned and have dependency concern if add new sepolicy rule
in Pixelize te file.
This change remove the Pixelize rule from the device specifc te file.
And the Pixelize rule will be defined by
hardware/google/pixel-sepolicy/logger_app/logger_app.te
Bug: 159650456
Test: Pixel Logger is workable
Change-Id: Ib8b439c078be4d0589d3397678322b1b428f9b55
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1566238
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I3a937014eeae426b8a200523c80dfde8ffe61bb1
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1566238
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: If0d65c1db3f72380785d019baae949c1e062d29b
|
|
Bug: 178985646
Test: pts-tradefed run pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I3facf1c9bddc58deebd3e066346370d3acee58bc
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1550656
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Ib48692fff86815a346b305dbcfab3991c9c7cb08
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1550656
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Iadc1eae6520be075335fbe8265ea0857f7a9a559
|
|
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1552060
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I6238d4280cf70ccb4e326515dc5a30076c3faf5b
|
|
Original change: https://android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/1552060
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I9fa5e98bdb6ce74cdbf9f5ae832d902c3b44c8ba
|