Age | Commit message (Collapse) | Author |
|
Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/15615939
Change-Id: Ie72f1cb2264010cb6f2322e84d49b8747709bd50
|
|
Bug: 196058977
Test: Check ownership of smp_affinity handles
Change-Id: Idf2235882ba4eb714edc4634e32acce86fc92585
|
|
Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/15583518
Change-Id: I4288e2383379d084c007677db9c0f0051dd506fe
|
|
The following patch introduces code that iterates over all block
devices:
https://android-review.googlesource.com/c/platform/system/core/+/1783847/9
The following patch grants 'init' and 'apexd' permission to iterate over
all block devices:
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1783947
The above SELinux policy change requires to add the 'bdev_type'
attribute to all block devices. Hence this patch.
Bug: 194450129
Test: Built Android images and installed these on a test device.
Change-Id: Ie76b00aa51e696508b9471dbd34f96dad5aa3240
Signed-off-by: Bart Van Assche <bvanassche@google.com>
|
|
Bug: 194730972
Signed-off-by: Oleg Matcovschi <omatcovschi@google.com>
Change-Id: Iec80b0b9e0a99875dcae478a5e63d94caae86767
|
|
system_server also creates UI sometimes.
Ex: ANR Dialog, the Pointer Location in developer options.
Bug: 194775170
Test: build and enable Pointer Location debug option
Merged-In: Ife50e90d2899623d8a482ca79ae7c74aafae9a49
Change-Id: Ife50e90d2899623d8a482ca79ae7c74aafae9a49
|
|
Bug: 191531000
Test: TreeHugger, built and booted to home, check factory cgroup
Change-Id: Id9faa3b4b9662f23dc56d8bd3a027aaeb6315fa5
|
|
Bug 177481425 requires a dedicated file type for fscontext to mount
fusefs. To reduce code changes difference between sc-dev and master,
create file_type 'ramdump_vendor_fs' for both as base. Later it will be
revised to 'fusefs_type' on master branch only.
Bug: 177481425
Merged-In: I6bd07933e4a24835c3ad3b7afb8c9619651bff18
Change-Id: I6bd07933e4a24835c3ad3b7afb8c9619651bff18
|
|
Bug: 191925901
Test: Build
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: I68126a1e1ae6193c85f6e0d9baf92a83023f436f
|
|
Bug: 190571517
Bug: 189938926
Bug: 190732106
Signed-off-by: Martin Liu <liumartin@google.com>
Change-Id: Id5c39f45b0dd88e4c7c972fa60f416c715d6f34d
Merged-In: Id5c39f45b0dd88e4c7c972fa60f416c715d6f34d
|
|
If needed, the initialization must be done from dumpstate HAL instead.
Test: build
Bug: 186500818
Change-Id: Ib38878acffb472f89ff54747f070a949feab0130
|
|
Bug: 188728065
Change-Id: Icdbea8dcd84bfe25105c16027d5e32958bd1f31b
|
|
|
|
Add policies to allow vibrator HAL to search on audio_device dir.
Bug: 178431048
Test: manually verify audio-coupled-haptics is working for Pixel
ringtones on P21 devices
Change-Id: If9e8833dcbe50024587347abbea3bbb978a08a76
|
|
Add rebalance_interrupts sepolicy to allow
rebalance_interrupts to modify smp_affinity for IRQs.
Example denials w/o this:
[ 43.144107] type=1400 audit(1621271039.800:58): avc: denied { read } for comm="rebalance_inter" name="irq" dev="sysfs" ino=15875 scontext=u:r:rebalance_interrupts_vendor:s0 tcontext=u:object_r:sysfs_irq:s0 tclass=dir permissive=1
[ 43.144306] type=1400 audit(1621271039.800:59): avc: denied { open } for comm="rebalance_inter" path="/sys/kernel/irq" dev="sysfs" ino=15875 scontext=u:r:rebalance_interrupts_vendor:s0 tcontext=u:object_r:sysfs_irq:s0 tclass=dir permissive=1
[ 43.144452] type=1400 audit(1621271039.800:60): avc: denied { search } for comm="rebalance_inter" name="irq" dev="sysfs" ino=15875 scontext=u:r:rebalance_interrupts_vendor:s0 tcontext=u:object_r:sysfs_irq:s0 tclass=dir permissive=1
[ 43.159532] type=1400 audit(1621271039.816:61): avc: denied { search } for comm="rebalance_inter" name="irq" dev="proc" ino=4026531868 scontext=u:r:rebalance_interrupts_vendor:s0 tcontext=u:object_r:proc_irq:s0 tclass=dir permissive=1
Bug: 148403062
Change-Id: I0cf7e163d8436f428a53bbb96ff2949753004ac1
|
|
Add policies to allow access to audio devices required for audio haptics
channel.
Bug: 178431048
Test: manually verify audio-coupled-haptics is working for Pixel
ringtones on P21 devices
Change-Id: I8e481ba65b5a713bcc2e25fdf4727ad68ba7f721
|
|
Now that these statistics have been moved to sysfs and b/185589010 is
fixed, remove these permission.
Test: build
Bug: 186500818
Change-Id: I2860564b3fe3710d85a104e4907a515d6beb8eca
|
|
This commit include 2 changes:
1. Remove Qcom platform rule to generalize the rule in pixel-sepolicy
2. Add tcpdump rule for Pixel Logger to access tcpdump folder
Bug: 186069127
Test: Pixel Logger app can start sniffer logger
Change-Id: I171a773fe658384d5ccb163ff1d6686a2665c808
|
|
|
|
|
|
Bug: 179459878
Change-Id: I7b32b49d3eafaceda1ef494bc2ef2a2e5feffd26
|
|
5c75973039 am: 0ff4e5096e am: 753bd0744a
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1680045
Change-Id: I2851d5158c260a819e03caecde710dacd5ac95ac
|
|
5c75973039 am: 0ff4e5096e
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1680045
Change-Id: I33e46b006ea21f6a410dc131781722da36e9eb25
|
|
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1680045
Change-Id: I43f460c8f02ccfbba11aaf5f055ce1cab4edff10
|
|
The IStats HIDL service is still in use in rvc-qpr-dev-plus-aosp branch
Since the sepolicy located at AOSP is shared betweed sc-dev and
other branches - need to keep allow rules for the AIDL & HIDL version
Bug: 185607559
Test: Build, flash, and logcat for sepolicies messages
Change-Id: I5437178feff7efdab25423ec7e63a8d8e9312c29
|
|
|
|
Bug: 184610991
Test: Service and HAL can init properly from rc
Signed-off-by: Tai Kuo <taikuo@google.com>
Change-Id: I9d72f564688f56f7415d7398b032df375d86e37c
|
|
|
|
This reverts commit 6f660acb3f43dd5e994a5b8e226fa64d2bc3f2a5.
Reason for revert: http://b/185462725
Change-Id: Iea1ba0835a684721789cd068c87a13b1d56aa847
|
|
am: a08704c2c4 am: c1baf4906d -s ours
am skip reason: skip tag Change-Id I8a3da90860a32b8f883d2769d195fdfb48627127 with SHA-1 726f7b060a is already in history
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1675959
Change-Id: Iefccc4db2255f53db5774d21a13629212549b032
|
|
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1675959
Change-Id: I1e0443e33e9d15e67a3c0bbc72e87c83f2feb708
|
|
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1675959
Change-Id: I10e7ed93b57d0d21df443185663be8762e501dbc
|
|
Bug: 185440155
Bug: 185480917
Test: Build, flash, and logcat for sepolicies messages
Change-Id: Ia0dfe5c9e50a18993cf075eb1ee198f78fb2b839
Merged-In: I8a3da90860a32b8f883d2769d195fdfb48627127
|
|
Bug: 185440155
Test: Build, flash, and logcat for sepolicies messages
Change-Id: I8a3da90860a32b8f883d2769d195fdfb48627127
|
|
|
|
|
|
240aa49bb8 am: 3b9aedcbea
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1673872
Change-Id: I9b97d5db33ce0bb29413c0fb63ad1f8c822ba26b
|
|
Bug: 181887265
Test: Build, flash, and logcat for sepolicies messages
Change-Id: Iabd233270969b981169168b47011cc8f4961c56d
|
|
240aa49bb8
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1673872
Change-Id: I36557151e8f83786fae30520ec4de8f25ebb20c3
|
|
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1673872
Change-Id: I8965dcc780a84e4d185a0a74994400a17e861c98
|
|
Bug: 181577366
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: I2d81adb31223466208382e9425f40eb01fe11f90
|
|
|
|
GoogleBattery am: df5f6ee522 am: 833a62da50 am: 7bf38352c7
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1674303
Change-Id: If8371c062236c39ac954e0ff011fdf279f7f3361
|
|
GoogleBattery am: df5f6ee522 am: 833a62da50
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1674303
Change-Id: I682cd76412b88926ea58dae9b71db9cd2622d03d
|
|
GoogleBattery am: df5f6ee522
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1674303
Change-Id: I70e31e072197098a21316d66072208c5145a7124
|
|
Bug: 181887265
Test: Test: Build, flash, and logcat for sepolicies messages
Change-Id: I7776076c47a7fd476120a29093deef59d6cf3be2
|
|
GoogleBattery
Bug: 184547203
Test: Ensure there are no sepolicy/access errors from GoogleBattery
Change-Id: I5b21aa6fea767bd6706307341963941ac4077d6f
|
|
|
|
|
|
42d7cab5d1 am: 910ead0d1f am: 2a646acc69 -s ours
am skip reason: skip tag Change-Id I21d5c60c63fd0cb46e074d76934dccf53819683d with SHA-1 98c027ef63 is already in history
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1660784
Change-Id: I7694c8a6ad4249ca2eb3fac9b6b86abdb088011c
|