- Jan 31, 2017
-
-
Calin Juravle authored
Since it was introduced it caused quite a few issues and it spams the SElinux logs unnecessary. The end goal of the audit was to whitelist the access to the interpreter. However that's unfeasible for now given the complexity. Test: devices boots and everything works as expected no more auditallow logs Bug: 29795519 Bug: 32871170 Change-Id: I9a7a65835e1e1d3f81be635bed2a3acf75a264f6
-
- Jan 26, 2017
-
-
Alex Klyubin authored
This leaves only the existence of appdomain attribute as public API. All other rules are implementation details of this attribute's policy and are thus now private. Test: Device boot, apps (untrusted_app, system_app, platform_app, priv_app) work fine. No new denials. Bug: 31364497 Change-Id: Ie22e35bad3307bb9918318c3d034f1433d51677f
-
- Dec 06, 2016
-
-
dcashman authored
In order to support platform changes without simultaneous updates from non-platform components, the platform and non-platform policies must be split. In order to provide a guarantee that policy written for non-platform objects continues to provide the same access, all types exposed to non-platform policy are versioned by converting them and the policy using them into attributes. This change performs that split, the subsequent versioning and also generates a mapping file to glue the different policy components together. Test: Device boots and runs. Bug: 31369363 Change-Id: Ibfd3eb077bd9b8e2ff3b2e6a0ca87e44d78b1317
-
