Skip to content
Snippets Groups Projects
Select Git revision
20 results
Search by author
  • Any Author
0 authors
  1. May 18, 2018
  3. May 16, 2018
  5. May 15, 2018
    • Pavel Maltsev's avatar
      Allow to specify platform sepolicy dir mult. times · 34f23364
      Pavel Maltsev authored 
      For automotive (and I assume for other verticals) it make sense to keep
vertical-specific policies outside of /system/sepolicy as those not used
by the phones. However, there's no way to do it rather than using
BOARD_PLAT_{PUBLIC|PRIVATE}_SEPOLICY_DIR build variables.

Bug: 70637118
Test: lunch bat_land-userdebug && m
Test: verify it builds, boots and logs seems to be reasonable
Test: enable full treble for aosp_car_x86 - verify it builds, boots and
no denials in the logs

Change-Id: Ia5fd847f7a6152ff6cf99bbbc12e1e322f7946ab
      34f23364
    • Jerry Zhang's avatar
      Merge "Allow mediaprovider to search /mnt/media_rw" into pi-dev · 6002126f
      Jerry Zhang authored
      6002126f
    • Jerry Zhang's avatar
      Allow mediaprovider to search /mnt/media_rw · 31c4b4ea
      Jerry Zhang authored 
      Mtp needs access to this path in order to
change files on an sdcard.

Fixes denial:

05-14 17:40:58.803  3004  3004 W MtpServer: type=1400 audit(0.0:46):
avc: denied { search } for name="media_rw" dev="tmpfs" ino=10113
scontext=u:r:mediaprovider:s0:c512,c768
tcontext=u:object_r:mnt_media_rw_file:s0 tclass=dir permissive=0
b/77925342 app=com.android.providers.media

Bug: 77849654
Test: no denials using mtp with emulated sdcard
Change-Id: I27b5294fa211bb1eff6d011638b5fdc90334bc80
      31c4b4ea
    • TreeHugger Robot's avatar
      Merge "Allow to use sockets from hal server for auto" into pi-dev · 175f23ec
      TreeHugger Robot authored
      175f23ec
  7. May 14, 2018
  9. May 12, 2018
  11. May 11, 2018
  13. May 10, 2018
  15. May 09, 2018
    • Calin Juravle's avatar
      Merge "Allow system server to write profile snapshots in /data/misc/profman" into pi-dev · dfaf3915
      Calin Juravle authored
      dfaf3915
    • Paul Crowley's avatar
      Add wait_for_keymaster · 6af7af15
      Paul Crowley authored 
      Bug: 79228237
Test: audit2allow finds no relevant denials on boot
Change-Id: Ia80b77ba9a1ec2354127cd0ef68d50ebcf593fb0
      6af7af15
    • Calin Juravle's avatar
      Allow system server to write profile snapshots in /data/misc/profman · 687d5e46
      Calin Juravle authored 
      The goal is to allow creating profile snapshots from the shell command in
order to be able to write CTS tests.

The system server will dump profiles for debuggable in /data/misc/profman
from where they will be pulled and verified by CTS tests.

Test: adb shell cmd package snapshot-profile com.android.vending
Bug: 74081010
Change-Id: I54690305284b92c0e759538303cb98c93ce92dd5
      687d5e46
    • Mark Salyzyn's avatar
      FrameworksServicesTests: allow access to test.sys.boot.reason property · 1b748766
      Mark Salyzyn authored 
      com.android.server.power.PowerManagerServiceTest#testGetLastShutdownReasonInternal due to "RuntimeException: failed to set system property"

W/roidJUnitRunner: type=1400 audit(0.0:6): avc: denied { write } for name="property_service" dev="tmpfs" ino=13178 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0
W/libc    : Unable to set property "test.sys.boot.reason" to "shutdown,thermal": connection failed; errno=13 (Permission denied)

Had to use precise property definition as com.android.phone accesses
test properties as well.

Test: compile
Bug: 78245377
Change-Id: I2cc810846f8615f2a2fae8e0d4f41de585b7abd7
      1b748766
    • Joel Galenson's avatar
      Track cppreopts SELinux denial. · 8e6b2d55
      Joel Galenson authored 
      This should help fix presubmit tests.

Bug: 79414024
Test: Built policy.
Change-Id: Ic840150767ff6c2799ac3b5ef22ba139108c94dd
(cherry picked from commit 06e09abd)
      8e6b2d55
  17. May 08, 2018
  19. May 07, 2018
  21. May 04, 2018
  23. May 03, 2018
  25. May 02, 2018