Age | Commit message (Collapse) | Author |
|
Change-Id: Ia265538b03e9ba7dffec1496195afacde3a71629
|
|
To help debug b/188853550, we're enabling logcat to kmsg (and
serial).
Bug: 188853550
Test: Observe logcat over serial when we add it in the init file
Change-Id: Ia3b23cce758e490c63818f079c0317fa462e2e9c
|
|
Change-Id: I610f22943b4e74f6a6d38190f38bc80016982068
|
|
Change-Id: I87eba0adae7512e6098c062d0206fc6cce448021
|
|
Grant fstab access rights to these domains.
Bug: 181110285
Test: Presubmit boot health test
Change-Id: I6ea4a9e749eca774925e4f664a423d2d51ad0e55
Merged-In: I6ea4a9e749eca774925e4f664a423d2d51ad0e55
(cherry picked from commit dbc53ae057a8b2e15c5239f6f5acee0a64321f14)
|
|
Bug: 182378048
Fixes: 182378048
Test: Manually changed system navigation in Settings and it worked.
Change-Id: Iff16de4dfe45f61c96145254710d0ba9214af4a6
|
|
Change-Id: I1b3c3030afbe1b460fd9168c186854001490ed0f
|
|
Changes to otapreopt_chroot will require that otapreopt_chroot has
additional permissions to mount on /sys and /dev in the ota chroot.
See go/aog/1646766 for more information.
Bug: 181182967
Test: m droid
Change-Id: Ica4d6444b0320d7b4ad77b888690b2dfb05c681e
|
|
Change-Id: I04732d84ea7d76e3e305227f0ccc1d714b4cb997
|
|
Right now, anyone using CameraGo is told to fully disable
SELinux for the entire device in order to be able to save
pictures they take. This is not an issue with CameraGo,
as OpenCamera has the same behavior.
With this CL, we weaken and put holes in the device SELinux
policy until we're able to save a picture with OpenCamera.
This is a much better state than having folks disable
SELinux altogether, and also should make it much easier to
test with this camera.
Bug: 152082918
Test: OpenCamera app is able to store pictures and videos without disabling selinux for the device.
Change-Id: I14afc331c12dd0316e8c90cc878374e0a1ee94f6
|
|
Change-Id: I1452f3c017d0183dc042b5cb1cc4a274554f14e4
|
|
ours am: 83dd4837df -s ours
am skip reason: Change-Id I3274f49748d1e41173b04911b6b9af4307e429a3 with SHA-1 05a7e7ec3e is in history
Original change: undetermined
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: If33f86e6382facaf39fd31e7ba8b69a405e0a7df
|
|
am skip reason: Change-Id I3274f49748d1e41173b04911b6b9af4307e429a3 with SHA-1 05a7e7ec3e is in history
Original change: undetermined
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Ic0f3c9f513d58528eb6f3391b908757420b24a65
|
|
Bug: 180401296
Merged-In: I3274f49748d1e41173b04911b6b9af4307e429a3
Change-Id: I3cd787db92e1a81147994bb0fcdc7b35fe1707be
|
|
Change-Id: I6ba223acef4798adf2b4a2ed4b5016af743b26f9
|
|
In Android S, debugfs will be mounted by init to enable boot time
initializations to set up debug data collection and unmounted after
boot. This change will help debug builds with keeping debugfs
disabled during run time.
Bug: 176936478
Test: make
Change-Id: I4dacf374a9b85a000802ee6a8d00458aecb84404
|
|
Change-Id: I6c45037f906c3a7fd303840f2c15cafc7f9c1284
|
|
ours am: 12795f31a1 -s ours am: 05a7e7ec3e -s ours
am skip reason: subject contains skip directive
Original change: https://android-review.googlesource.com/c/device/mediatek/wembley-sepolicy/+/1521183
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: Iec6c6a749f1b47e261c8d51e275e584e624fef38
|
|
ours am: 12795f31a1 -s ours
am skip reason: Change-Id I84b3f43dd187e541a0b93698b92cc46be37bc755 with SHA-1 4e785e22e6 is in history
Original change: https://android-review.googlesource.com/c/device/mediatek/wembley-sepolicy/+/1521183
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I3274f49748d1e41173b04911b6b9af4307e429a3
|
|
am skip reason: Change-Id I84b3f43dd187e541a0b93698b92cc46be37bc755 with SHA-1 4e785e22e6 is in history
Original change: https://android-review.googlesource.com/c/device/mediatek/wembley-sepolicy/+/1521183
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I71031b9878beab7edb429345d6d3be65cb2f2cee
|
|
Bug: 172690556
Merged-In: I84b3f43dd187e541a0b93698b92cc46be37bc755
Change-Id: I0d5c9025b94a4f5245a473399d9f795e3cbbf30a
|
|
Change-Id: I21f52514a4408619705c520ebf66e530fed0dcdc
|
|
4e785e22e6 -s ours am: 39b62f5d05 -s ours
am skip reason: Change-Id Iae35596629c0a396e24a9877c2c4e99322c4b495 with SHA-1 e20ff8402b is in history
Original change: https://googleplex-android-review.googlesource.com/c/device/mediatek/wembley-sepolicy/+/13120522
Change-Id: I5c6ac8afb7bc5dbdd2c21c5255ddc2dd6e501651
|
|
4e785e22e6 -s ours
am skip reason: Change-Id Iae35596629c0a396e24a9877c2c4e99322c4b495 with SHA-1 e20ff8402b is in history
Original change: https://googleplex-android-review.googlesource.com/c/device/mediatek/wembley-sepolicy/+/13120522
Change-Id: Ibc56c5f270ae535b1d862c4e74f0620365842c09
|
|
Change-Id: I6197a00749405a03eaef991b1a4a0df887d877ae
|
|
Test: [Google] Clean build, wiping flash, and basic usage
Change-Id: I1d0d35107c4c558c217a1e7e80cb7b86054a6a34
|
|
Bug: 172690556
Merged-In: Iae35596629c0a396e24a9877c2c4e99322c4b495
Change-Id: I84b3f43dd187e541a0b93698b92cc46be37bc755
|
|
Change-Id: I8f36c8c0ff625c9b028fbf0f8e36839c75099f96
|
|
am: d78af6fd0f am: 1b708e227c am: 304e4eb368 -s ours
am skip reason: Change-Id I3d768332160a282e8dac5603ecfd36b2ec1153c5 with SHA-1 f2ccdcba4d is in history
Original change: https://android-review.googlesource.com/c/device/mediatek/wembley-sepolicy/+/1485164
Change-Id: Ie592006c598af16506b38c422cfa962cbc594eaa
|
|
1b708e227c
Original change: https://android-review.googlesource.com/c/device/mediatek/wembley-sepolicy/+/1485164
Change-Id: I4a1379140d50b2db9334c24d556b966ed323267c
|
|
Original change: https://android-review.googlesource.com/c/device/mediatek/wembley-sepolicy/+/1485164
Change-Id: I93c916e6ec6e8d82312f531e43b6f457e4958737
|
|
Original change: https://android-review.googlesource.com/c/device/mediatek/wembley-sepolicy/+/1485164
Change-Id: I2b3ef846fedcd65647e4fada4f27a375a030e11e
|
|
It will be added to system/sepolicy/private/property_contexts.
Bug: 170590987
Test: build
Change-Id: I3d768332160a282e8dac5603ecfd36b2ec1153c5
Merged-In: I3d768332160a282e8dac5603ecfd36b2ec1153c5
|
|
It will be added to system/sepolicy/private/property_contexts.
Bug: 170590987
Test: build
Change-Id: I3d768332160a282e8dac5603ecfd36b2ec1153c5
|
|
Change-Id: If44bb088acd0adcfb30bbaa75270c13fa01fe9f8
|
|
Bug: 169618527
Test: Section 6 in vendor/mediatek/build/wembley_tools/merge_process.txt
* commit 'f1036aefcce9e4d386f2cf2bee9f56edd71b6f1d': (53 commits)
Remove access of vendor_default_prop from coredomain
[ALPS05155694] mdp: remove write permissions
[ALPS04977450] Add permission for wakelock
[ALPS05235347] mdp: add permission for mdp aipq
[ALPS05250120] Kernel API dump
[ALPS05248728] delete unuse code
[ALPS05233824] Factory Mode: add M4U policy
[ALPS05247661] show ip address information
[ALPS05219942] [Module]Audio HAL:Porting device config for soundtrigger
[ALPS05230203] SurfaceFlinger : update sepolicy
[ALPS05055038] m4u:add selinux policy for MTEE
[ALPS05222338] usb: add permission for factory otg test
[ALPS04997875] Light: add new path for led driver
[ALPS04960338] audio: no trigger avc log when call nvram api
[ALPS05239796] dvfsrc: allow aee can read dvfsrc node
[ALPS04671447] hang: modify file_contexts label
[ALPS05239312] temp solution for debugging traced_probes NE
[ALPS05184435] charger: add mt6360_charger for mt6873
[ALPS05052205] battery: add mt6359p support
[ALPS05229235] USB: OTG: add selinux permission
...
Change-Id: Ib6605178361e6cc6b3eb65321b33873ef9c42cfd
|
|
Change-Id: I9b186071d126c62fe5b140fb4b049354788aa0d8
|
|
|
|
Change-Id: I8316db1d6caaac8562157445ab9a3a398f821080
|
|
This is a Treble policy violation. As it turns out, at least
from initial testing, we don't appear to need any of these for
basic device functionality.
We comment these out so for future merge conflicts, we'll know
immediately why this line was different from Keystone.
Bug: 169606103
Test: Build, flash, install and run a couple apps, use camera, phone, messages, chrome, YouTube, and take a screenshot.
Change-Id: Ibaa33050f9876b663321f2c8069d6c087f06d9eb
|
|
This is a Treble policy violation. As it turns out, at least
from initial testing, we don't appear to need any of these for
basic device functionality.
We comment these out so for future merge conflicts, we'll know
immediately why this line was different from Keystone.
Bug: 169606103
Test: Build, flash, install and run a couple apps, use camera, phone, messages, chrome, YouTube, and take a screenshot.
Change-Id: Ibaa33050f9876b663321f2c8069d6c087f06d9eb
|
|
Device policy should not be constraining system policy, and this
specific neverallow rule clashes with a desired change to the policy.
Bug: 141677108
Test: Now builds with aosp/1437214 applied.
Change-Id: Ie47c39dcd16c473241f67e9249e864bc6136a538
|
|
Change-Id: Idd7fc1aa8dfa1eff349f81943c017295865dfecc
|
|
Mediatek's customization and addition of attributes to the
platform_app SELinux domain, which they shouldn't be doing,
caused a permission failure for screenshots.
See https://buganizer.corp.google.com/issues/169108544#comment7
for a detailed explanation.
Bug: 169108544
Test: Able to take screenshots
Change-Id: If49d874c3b99569afd3b94512761d78c8059b31d
|
|
Change-Id: I08a95a165d5a7de17426c0f3fbd44127d39da089
|
|
Bug: 159428912
Test: Section 6 in vendor/mediatek/build/wembley_tools/merge_process.txt
* commit 'bb6f1916c28d4efc515c563d3b3ba696a71449ea': (129 commits)
[ALPS04749524] Add property sepolicy
[ALPS05112814] permission for new path reading
[ALPS05057837] pd: enable pdo dump data permission
[ALPS05092356] GBE: add gbe daemon permission
[ALPS05185121] usb: merge mtk_hal_usb and mtk_hal_usb_gadget
[ALPS05059791] add permission for proc_mtk_jpeg
[ALPS05027624] AF driver sepolicy
[ALPS05083413] usb: fix mtk_hal_usb permission issue
[ALPS05092356] power: gbe migration
[ALPS05146069] Add label and sepolicy for mtk usb gadget hidl 1.1
[ALPS05170641] add policy for media extractor
[ALPS05149115] mrdump: change the way to pass mrdump parameters
[ALPS05171267] GPS: add prop to mnld can get screen on off
[ALPS04996224] power: SE policy migration
[ALPS05108268] SEPolicy: Add neverallow rule for untrusted_app
[ALPS05168291] Remove unused EM property policies
[ALPS05121274] Revert "[ALPS05121274] allow access to arm graphics so"
[ALPS05121274] allow access to arm graphics so
[ALPS05166005] Light: add new path for led driver
[ALPS05163913] TC_21894 AAObitTrue data permission
...
Change-Id: I20453d00386e470cecd787afe4c7c08f0e8b440c
Change-Id: Idad75f4c6db6c29036ab368028c26c94dd1241d9
|
|
Remove write permissions of driver device nodes
Change-Id: Idbcbde7981f33d9e46db147631d25d7a5655f4b6
CR-Id: ALPS05155694
Feature: Vulnerability Scan
|
|
We will use mdmi lib. It will use hwservice.
So we need to add the wake lock permission.
Change-Id: I04c115055773cbfe607ba7df4076599c4d7565f2
CR-Id: ALPS04977450
Feature: A-GPS
|
|
Change-Id: I85c04fe1f329bf6f68ed6868888bf9f9c472c7c3
|
|
51786b8d34 am: e20ff8402b
Original change: https://googleplex-android-review.googlesource.com/c/device/mediatek/wembley-sepolicy/+/12246783
Change-Id: Ib40d1c0d84a415df37e3e93da2f7b93dbbaac5a1
|