- Jan 23, 2018
-
-
Yi Jin authored
Bug: 64222712 Test: manual Change-Id: Ica77ae3c9e535eddac9fccf11710b0bcb3254ab3
-
- Jan 22, 2018
-
-
Max Bires authored
Fixing denials that stopped traceur from being able to write to debugfs_tracing. Also cleaning up general find denials for services that traceur doesn't have permission to access. Additionally, labeling /data/local/trace as a trace_data_file in order to give traceur a UX friendly area to write its traces to now that it will no longer be a shell user. It will be write/readable by traceur, and deletable/readable by shell. Test: Traceur functionality is not being blocked by selinux policy Bug: 68126425 Change-Id: I201c82975a31094102e90bc81454d3c2a48fae36
-
Steven Moreland authored
This util allows init to turn off the screen without any binder dependencies. Bug: 70846424 Test: manual + init use Change-Id: I4f41a966d6398e959ea6baf36c2cfe6fcebc00de
-
- Jan 20, 2018
-
-
Badhri Jagan Sridharan authored
Sepolicy for the usb daemon. (ag/3373886/) Bug: 63669128 Test: Checked for avc denial messages. Change-Id: I6e2a4ccf597750c47e1ea90c4d43581de4afa4af
-
- Jan 19, 2018
-
-
Yifan Hong authored
Test: boots Test: hwservicemanager can read these files Bug: 36790901 Change-Id: I0431a7f166face993c1d14b6209c9b502a506e09
-
- Jan 17, 2018
-
-
Chenbo Feng authored
Add a new set of sepolicy for the process that only netd use to load and run ebpf programs. It is the only process that can load eBPF programs into the kernel and is only used to do that. Add some neverallow rules regarding which processes have access to bpf objects. Test: program successfully loaded and pinned at sys/fs/bpf after device boot. No selinux violation for bpfloader Bug: 30950746 Change-Id: Ia6bb1afda29ae0749bdc368e2dfc5faa12e81b2f
-
- Jan 12, 2018
-
-
Tri Vo authored
Label /vendor/etc/selinux/* as vendor_configs_file. Bug: 62041836 Test: build system/sepolicy Test: walleye boots Change-Id: I617a3287860e965c282e9e82b4375ea68dbca785
-
- Jan 11, 2018
-
-
Tom Cherry authored
Bug: 71861796 Test: no more denials on walleye for shell init scripts Change-Id: I51eab267c95a915f927b0aaa7db9d678a83093c7
-
- Jan 10, 2018
-
-
Primiano Tucci authored
Perfetto is a performance instrumentation and logging framework, living in AOSP's /external/pefetto. Perfetto introduces in the system one binary and two daemons (the binary can specialize in either depending on the cmdline). 1) traced: unprivileged daemon. This is architecturally similar to logd. It exposes two UNIX sockets: - /dev/socket/traced_producer : world-accessible, allows to stream tracing data. A tmpfs file descriptor is sent via SCM_RIGHTS from traced to each client process, which needs to be able to mmap it R/W (but not X) - /dev/socket/traced_consumer : privilege-accessible (only from: shell, statsd). It allows to configure tracing and read the trace buffer. 2) traced_probes: privileged daemon. This needs to: - access tracingfs (/d/tracing) to turn tracing on and off. - exec atrace - connect to traced_producer to stream data to traced. init.rc file: https://android-review.googlesource.com/c/platform/external/perfetto/+/575382/14/perfetto.rc Bug: 70942310 Change-Id: Ia3b5fdacbd5a8e6e23b82f1d6fabfa07e4abc405
-
- Jan 08, 2018
-
-
Tom Cherry authored
This reverts commit d711d4d2. Reason for revert: Shouldn't have submitted... Change-Id: I5b88101f381ca59132ec7d24990ea41ac1b84171
-
Tom Cherry authored
getprop is broken out from toolbox/toybox, however its permissions should remain the same, so label it appropriately. Bug: 36001741 Test: boot bullhead with the new getprop Change-Id: I4114ea21998da95173d882038bc6aebf39b64d7f
-
- Jan 04, 2018
-
-
fionaxu authored
Bug: 64131637 Test: Manual Change-Id: I0170c5eb465aa663582e3974348380a8f0c9b27f
-
- Jan 02, 2018
-
-
Ricky Wai authored
Bug: 63908748 Test: Able to boot Change-Id: I14d8856d7aac7be9d1f26ecf5bfff69ea5ee9607
-
- Dec 19, 2017
-
-
yro authored
Bug: 63757906 Test: manual testing conducted Change-Id: Id03413ce82b5646d4bceddc59e16c7d5ee5bc193
-
- Dec 18, 2017
-
-
xshu authored
we are aiming to improve logging performance by having wifi hal directly write to the flash. Wifi hal need to be able to create, write, and delete files in a directory. This will be restricted to userdebug and eng builds only. Bug: 70170285 Test: compile, run on device Change-Id: Id0cd317411f4c393d7529aa31b501046d7350edb
-
- Dec 16, 2017
-
-
yro authored
Test: manual testing conducted see if it interfere's with AOSP Change-Id: If47a663557b2ebf825fc082edb838ae085ec66b3
- Dec 15, 2017
-
-
Jiyong Park authored
Since /odm is an extension of /vendor, libs in /odm should be treated just like the ones in /vendor. Bug: 67890517 Test: none as we don't yet have /odm partition. Change-Id: I5232baef769c7fa8c7641b462cfa1d7537d3cfdf
-
- Dec 13, 2017
-
-
Tom Cherry authored
Allow init to create a serialized property_info file and allow all processes to read it. Bug: 36001741 Test: boot bullhead, walleye using property_info Change-Id: Ie51d4c0f0221b128dd087029c811fda15b4d7093
-
- Dec 12, 2017
-
-
Bowgo Tsai authored
/odm partition is the extension of /vendor partition, so we should not use system_file for it. Currently there is no ABI between vendor and odm. We can use 'odm_file' when needed in the future. Bug: 64240127 Test: boot a device Change-Id: I4e8300d597aeeba60a255c8d114a54b24bc39470
-
- Dec 08, 2017
-
-
Jaegeuk Kim authored
Change-Id: Icfcf02a21dace99ab3f466de495db24a88127ad7 Signed-off-by:
Jaegeuk Kim <jaegeuk@google.com>
-
- Dec 07, 2017
-
-
Elliott Hughes authored
Bug: http://b/63142920 Test: `make dist` Change-Id: Iae363fd5e7181941408d3d75cbf248e651bc8b49
-
Bo Hu authored
This reverts commit 8b562206. Reason for revert: broke mac build b/70273082 FAILED: out/target/product/generic_x86/obj/ETC/vendor_sepolicy.cil_intermediates/vendor_sepolicy.cil /bin/bash -c "(out/host/darwin-x86/bin/version_policy -b out/target/product/generic_x86/obj/FAKE/selinux_policy_intermediates/plat_pub_policy.cil -t out/target/product/generic_x86/obj/ETC/vendor_sepolicy.cil_intermediates/vendor_policy_raw.cil -n 10000.0 -o out/target/product/generic_x86/obj/ETC/vendor_sepolicy.cil_intermediates/vendor_sepolicy.cil.tmp ) && (grep -Fxv -f out/target/product/generic_x86/obj/ETC/plat_pub_versioned.cil_intermediates/plat_pub_versioned.cil out/target/product/generic_x86/obj/ETC/vendor_sepolicy.cil_intermediates/vendor_sepolicy.cil.tmp > out/target/product/generic_x86/obj/ETC/vendor_sepolicy.cil_intermediates/vendor_sepolicy.cil ) && (out/host/darwin-x86/bin/secilc -m -M true -G -N -c 30 out/target/product/generic_x86/obj/ETC/plat_sepolicy.cil_intermediates/plat_sepolicy.cil out/target/product/generic_x86/obj/ETC/plat_pub_versioned.cil_intermediates/plat_pub_versioned.cil out/target/product/generic_x86/obj/ETC/10000.0.cil_intermediates/10000.0.cil out/target/product/generic_x86/obj/ETC/vendor_sepolicy.cil_intermediates/vendor_sepolicy.cil -o /dev/null -f /dev/null )" Parsing out/target/product/generic_x86/obj/FAKE/selinux_policy_intermediates/plat_pub_policy.cil Parsing out/target/product/generic_x86/obj/ETC/vendor_sepolicy.cil_intermediates/vendor_policy_raw.cil grep: out of memory Change-Id: I14f0801fdd6b9be28e53dfcc0f352b844005db59
-
- Dec 06, 2017
-
-
kaichieh authored
This change renames the non-platform sepolicy files on a DUT from nonplat_* to vendor_*. It also splits the versioned platform sepolicy from vendor_sepolicy.cil to a new file /vendor/etc/selinux/plat_pub_versioned.cil. And only keeps vendor customizations in vendor_sepolicy.cil. Build variable BOARD_SEPOLICY_DIRS is also renamed to BOARD_VENDOR_SEPOLICY_DIRS. Bug: 64240127 Test: boot an existing device Change-Id: I53a9715b2f9ddccd214f4cf9ef081ac426721612
-
- Dec 05, 2017
-
-
Jaegeuk Kim authored
This allows to format sdcard for adoptable storage. Bug: 69641635 Change-Id: I8d471be657e2e8f4df56c94437239510ca65096e Signed-off-by:
Jaegeuk Kim <jaegeuk@google.com>
-
- Dec 02, 2017
-
-
Andreas Gampe authored
Corresponds to commit 410cdebaf966746d6667d6d0dd4cee62262905e1 in system/extras. Bug: 32286026 Test: m Change-Id: I1e0934aa5bf4649d598ec460128de6f02711597f
-
- Nov 22, 2017
-
-
Jiyong Park authored
In P, we will be supporting privileged apps in vendor partition, thus need to label /vendor/priv-app as vendor_app_file so that apps can exist under the dir. Bug: 35301609 Test: N/A since there is no /vendor/priv-app yet. Framework change which is currently in the internal is required. Change-Id: I86a765ef9da5267113e64a7cbb38ba0abf5c2835
-
- Nov 17, 2017
-
-
Vishnu Nair authored
- Allow system_server to create and write to /data/misc/wmtrace/* - Allow surfaceflinger to create and write files from /data/misc/wmtrace/* - Allow dumpstate to read files from /data/misc/wmtrace/* permissions are restricted to userdebug or eng builds Bug: 64831661 Test: adb shell cmd window tracing start && adb shell cmd window tracing stop Test: adb shell su root service call SurfaceFlinger 1025 i32 1 >/dev/null && adb shell su root service call SurfaceFlinger 1025 i32 0 >/dev/null Test: adb bugreport ~/tmp.zip && adb shell su root dmesg | grep 'avc: ' Change-Id: I0b15166560739d73d7749201f3ad197dbcf5791c
-
- Nov 09, 2017
-
-
Hakan Kvist authored
Add label update_engine_log_data_file for log files created by update engine in directory /data/misc/update_engine_log. Bug: 65568605 Test: manual Change-Id: I379db82a0ea540e41cb3b8e03f93d9ce64fac7c9
-
- Oct 23, 2017
-
-
Jin Qian authored
Test: Boot device, observe logs Bug: 63740245 Change-Id: I1068304b12ea90736b7927b7368ba1a213d2fbae
-
- Oct 17, 2017
-
-
Paul Crowley authored
Bug: 25861755 Test: Boot device, observe logs Change-Id: I6c13430d42e9794003eb48e6ca219b874112b900 Merged-In: I6c13430d42e9794003eb48e6ca219b874112b900 (cherry picked from commit 47f3ed09)
-
- Oct 16, 2017
-
-
Robert Quattlebaum authored
Bug: b/64399219 Test: Manual Change-Id: I4f6c7e4e3339ae95e43299bf364edff40d07c796 (cherry picked from commit c8bd93d7)
-
- Sep 28, 2017
-
-
Bowgo Tsai authored
Bug: 65570851 Test: boot sailfish Change-Id: I008bf5386595c614236de44131afcda7d3fd6d98 Merged-In: I008bf5386595c614236de44131afcda7d3fd6d98 (cherry picked from commit 82ca9c2e)
-
Dan Cashman authored
(This reverts internal commit: 82ca9c2e) Test: None. Change-Id: I48bbbe197c8e793bd9888b6ef4dadb2b3466423b (cherry picked from commit 852aca05)
-
Dan Cashman authored
Bug: 37916906 Test: Builds 'n' boots. Change-Id: Ia1d86264446ebecc1ca79f32f11354921bc77668 Merged-In: I208ec6a864127a059fb389417a9c6b259d7474cb
-
- Sep 27, 2017
-
-
Dan Cashman authored
(This reverts internal commit: 82ca9c2e) Test: None. Merged-in: I97ffdd48b64ef5c35267387079204512a093a356 Change-Id: I97ffdd48b64ef5c35267387079204512a093a356
-
Dan Cashman authored
(This reverts internal commit: 82ca9c2e) Test: None. Change-Id: I97ffdd48b64ef5c35267387079204512a093a356
-
- Sep 26, 2017
-
-
Dan Cashman authored
Bug: 37916906 Test: Builds 'n' boots. Change-Id: Ia1d86264446ebecc1ca79f32f11354921bc77668 Merged-In: I208ec6a864127a059fb389417a9c6b259d7474cb
-
- Sep 11, 2017
-