Annotate processes that violate the ban including fingerprint and
widevine HALs.
Bug: 34980020
Test: build
Change-Id: I4afa03841e1648d4624e66bbd5ed21d09d357547
Merged-In: I4afa03841e1648d4624e66bbd5ed21d09d357547
(cherry picked from commit 458d1f6a6e)
This separates the data of audioserver from the data of the
hal_audio.
Bug: 35042759
Test: no SELinux denials for hal_audio
Change-Id: I2eafed4d8a620507e27cab3a9b84d829d003bcec
Merged-In: I1815c5debaa6d6d2076cebf8beb5acd36c6fe891
On taimen some of the files under /sys/class/power_supply are symlinks
to these dirs.
Addresses these denials on taimen:
avc: denied { read } for comm="android.hardwar" name="type" dev="sysfs"
ino=50110 scontext=u:r:hal_health_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
avc: denied { read } for comm="android.hardwar" name="type" dev="sysfs"
ino=48182 scontext=u:r:hal_health_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
Bug: 68962942
Test: builds, boots, files are correctly labeled.
Change-Id: I2b972f4f471b54097354d3e490a02300182a8e9a
Instead give obdm_app read access to /proc/stat.
Bug: 65643247
Test: can login to obdm app without selinux denials
Merged-In: I368c018f883610364cd026da68085935aefd69c1
Change-Id: I368c018f883610364cd026da68085935aefd69c1
(cherry picked from commit 036ef1ebc2)
These were moved from vendor to fwk policy:
1. sysfs_net type declaration
2. labeling of /sys/devices/virtual/net with sysfs_net
3. netd access to sysfs_net
Bug: 65643247
Test: can browse internet without netd denials
Test: netd_unit_test, netd_integration_test without netd denials
Merged-In: I9e6ec7ab24039bc74a7e47f423222334fed8bf3a
Change-Id: I9e6ec7ab24039bc74a7e47f423222334fed8bf3a
(cherry picked from commit 661dbb6d30)
This was picked up transitively previously, but that transitive
include is removed, so we include it explicitly here.
Test: build
Change-Id: I023831d0fbe474d363201f792bbfb3f7ea38cd9b
(cherry picked from commit c2b4ce4e0a)
This policy belongs in global policy.
(cherry-pick of commit: e498eb7ee2)
Bug: 62102757
Test: Builds and boots.
Change-Id: I099e1fbed6e1c648d0d5f1570ba3207c197f3233
/dev/input(/.*)? u:object_r:input_device:s0
Is now in core policy. Remove from device specific policy.
(cherry-pick of commit: 1fa31288a0)
Bug: 64954704
Test: build
Change-Id: Id16dccff58843e619e5197661f7ffabc22c3e213
If ramp rates aren't even multiple of 60 then we're more likely to get
brightness changes that differ each frame, which can show up as a
stuttering in the animation.
Bug: 64514692
Test: made change, took systrace, saw smooth ramping
Change-Id: I48ec832f752a8aefb6185c1583141f2fb1a29e85
A new thermistor was recently exposed on Taimen,
which shifted all the thermistor numbers, making
the hal innaccurate because it checks by number,
not name...
Bug: 62845934
Test: heat device and verify exactly when warning appears
Change-Id: I08e00296e622a85f5bbc45a7faf9b5024faacb10
Rogers, DTAG and Telstra want the actual SIM card SPN to be displayed
The entries in spn-conf.xml overrides the SIM SPN hence this CL disables it
Test: Validated using T-Mobile SIM card with same set of changes for T-Mobile
Bug: 64137294
Bug: 64139429
Merged-In: I3d3e1b1d2dc38a73a657fe7f9220dd894f967c67
Change-Id: I2b4d2cb87f6dd05302ba03c8abda46b9de7f8187
Add Camera, Storage and other permissions for Ornament app.
BUG=62444679
Test: Settings app shows the pre-grant permissions enabled
Change-Id: Idd53b816e025d1f0f7d1f888ac0675203e611d18
correct the property name to not drop packets based upon
enqueue sequence to avoid freeze.
BUG=63274801
Change-Id: I5a5c336c7e3f1e90e4ed05bc731747998a15e51b
