PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
23,332 Commits 17 Branches 0 Tags 42 MiB
d5c3a11681
Commit Graph

5 Commits

Author SHA1 Message Date
Nick Kralevich
5e37271df8 Introduce system_file_type 
system_file_type is a new attribute used to identify files which exist
on the /system partition. It's useful for allow rules in init, which are
based off of a blacklist of writable files. Additionally, it's useful
for constructing neverallow rules to prevent regressions.

Additionally, add commented out tests which enforce that all files on
the /system partition have the system_file_type attribute. These tests
will be uncommented in a future change after all the device-specific
policies are cleaned up.

Test: Device boots and no obvious problems.
Change-Id: Id9bae6625f042594c8eba74ca712abb09702c1e5
 2018-09-27 12:52:09 -07:00
Daniel Nicoara
1fc0755033 Allow vr_hwc and virtual_touchpad to query for permissions 
Allow the services to do binder calls to system_server in order to check
for app permissions.

Bug: 37542947
Test: Compiled and ran on device ensuring no permission errors
Change-Id: If91895607eb118f689cf2e11c63945e9f83bf2a0
 2017-04-21 17:15:03 -04:00
Daniel Nicoara
5227638394 Remove rules blocking vrcore_app to connect to VR HWC and VirtualTouchpad 
Bug: 37542947
Test: Compiled and ran on device to ensure no access errors while in VR
Change-Id: Ia685676d82f1f10f2bd371a13879d00fe63a9ea6
 2017-04-20 16:45:58 -04:00
Alex Vakulenko
c56805614c Add SELinux policies for vr_window_manager 
This set of rules is neeeded to allow vr_windows_manager to run
successfully on the system.

Bug: 32541196
Test: `m -j32` succeeds. Sailfish device boots.
Change-Id: I0aec94d80f655a6f47691cf2622dd158ce9e475f
 2017-02-15 14:56:49 -08:00
Nick Bray
084faf0259 Add policies for new services. 
Bug: 30989383
Bug: 34731101
Test: manual
Change-Id: Icf9d48568b505c6b788f2f5f456f2d709969fbeb
 2017-02-09 15:15:11 -08:00