In the 5.10 kernel, the i2c paths are named using an out-of-tree patch
[1]. For kernels that don't support that, let's add the unnamed sysfs
paths as well to the selinux policy.
[1] https://android-review.googlesource.com/c/kernel/common/+/1646148
Bug: 217774013
Change-Id: I3a1f279270d22bf82144ce60a08c215308764be3
storageproxyd already has rw_dir_perms for tee_data_file from
vendor/tee.te in platform. We need create_dir_perms to make the
"alternate/" directory for handling DSU correctly.
Test: m dist, flash, and test DSU
Bug: 203719297
Change-Id: Ifcc3e5f82b68a506ff99469d2f3df6ab1440b42a
pvmfw is an A/B partition but is not properly labeled and update_engine
gets a denial trying to write to it.
Bug: N/A
Test: m otapackage, apply OTA, check for denials
Change-Id: I55f41a8937384d3bcda5797b5df3f34257f7a114
For the hardware composer and surfaceflinger to coordinate on certain features, it is necessary for the hardware composer to be able to read the surface_flinger_native_boot_prop to know what should be enabled.
Bug: b/195990840
Test: None
Change-Id: Idc1599820026febecda84233d60982e7db7b14b5
Allows the vendor TEE access to GSI metadata files (which are publicly
readable). Storageproxyd needs access to this metadata to determine if a
GSI image is currently booted. Also allows the TEE domain to make new
directories in its data path.
Test: access /metadata/gsi/dsu/booted from storageproxyd
Bug: 203719297
Change-Id: I86055dd5601f8c2899d28f29bdfcb4dcb9b90d1b
Due to the fact that /vendor/bin/wifi_logger no longer exists
on the P21 master branch any more, we remove obsolete sepolicy.
Bug: 201599426
Test: wlan_logger in Pixel Logger is workable
Change-Id: I22d99c3577f3cceb786e2ffd01c327a67d420202
The ndk_platform backend will soon be deprecated because the ndk backend
can serve the same purpose. This is to eliminate the confusion about
having two variants (ndk and ndk_platform) for the same ndk backend.
Bug: 161456198
Test: m
Merged-In: Icc9af3798ac89742fa56b1cb37d8116d99b4a9c2
Change-Id: Icc9af3798ac89742fa56b1cb37d8116d99b4a9c2
(cherry picked from commit 5cc5d52bd7)
Bug: 201002339
Test: Local test and ensure proper ratio written via PowerHAL
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Ib0a3a5401312403ce870b9c4a4ca971f05c253e4
Since we are now creating an AOSP HAL for uwb. Rename qorvo's internal
HAL to hal_uwb_vendor to avoid conflicts with the AOSP HAL sepolicy
rules.
Bug: 195308730
Test: Compiles
Change-Id: Ief48eacde68b062b2199b20c0c1bb3af23795240
Merged-In: Ief48eacde68b062b2199b20c0c1bb3af23795240
add permission to:
copy factory uwb calib files from persist to /data/vendor/uwb
convert copied file to proper format for uwb stack to consume
Bug: 195659525
Signed-off-by: Victor Liu <victorliu@google.com>
Change-Id: I3e5282477fd391b483e03242ce0b806bd447dc54
Merged-In: I3e5282477fd391b483e03242ce0b806bd447dc54
Since we are now creating an AOSP HAL for uwb. Rename qorvo's internal
HAL to hal_uwb_vendor to avoid conflicts with the AOSP HAL sepolicy
rules.
Bug: 195308730
Test: Compiles
Change-Id: Ief48eacde68b062b2199b20c0c1bb3af23795240
Merged-In: Ief48eacde68b062b2199b20c0c1bb3af23795240
The following patch introduces code that iterates over all block
devices:
https://android-review.googlesource.com/c/platform/system/core/+/1783847/9
The following patch grants 'init' and 'apexd' permission to iterate over
all block devices:
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1783947
The above SELinux policy change requires to add the 'bdev_type'
attribute to all block devices. Hence this patch.
Bug: 194450129
Bug: 196982345
Test: Built Android images that include this change and verified that neither init nor apexd triggers any SELinux access denied errors.
Change-Id: I6ce1127f199c5b33812f15fe280d86594d7d7ebf
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Allows SystemUI to write the boot color sysprop
Test: manual
Bug: 190093578
Change-Id: I844a4dae87fe09a09ff3368c540ffab5f745d455
(cherry picked from commit 8a586e6786)
