Log - refs/heads/android-15 - android_system_sepolicy

941ba72 sepolicy: rework perfetto producer/profiler rules for "user" builds by Ryan Savitski · 2 years, 7 months ago
3d4a6b7 Add isolated_compute_app domain by Charles Chen · 2 years, 8 months ago
ccf8014 Share isolated properties across islolated apps by Charles Chen · 2 years, 8 months ago
155d318 Add ThermalService and file access to SdkSandbox by Shiwangi Shah · 3 years, 6 months ago
b93f26f Move sdk_sandbox sepolicy to AOSP. by Bram Bonne · 3 years, 6 months ago
9ec5327 Add fusefs_type for FUSE filesystems by Thiébaud Weksteen · 4 years, 3 months ago
b382f02 [incfs] Allow everyone read the IncFS sysfs features by Yurii Zubrytskyi · 4 years, 5 months ago
766ad44 Merge "Revert "Prevent isolated_app from searching system_data_file."" by Treehugger Robot · 4 years, 11 months ago
0a364c3 Revert "Prevent isolated_app from searching system_data_file." by Alan Stokes · 5 years ago
a0e7a6d Update language to comply with Android's inclusive language guidance by Jeff Sharkey · 5 years ago
8dea731 Prevent isolated_app from searching system_data_file. by Alan Stokes · 5 years ago
67a8248 initial policy for traced_perf daemon (perf profiler) by Ryan Savitski · 6 years ago
2284d35 Allow isolated_app to use TCP and UDP sockets brokered over IPC. by Robert Sesek · 6 years ago
b4d7815 Merge "Reland "sepolicy: rework ashmem_device permissions"" by Orion Hodson · 6 years ago
b554a95 Reland "sepolicy: rework ashmem_device permissions" by Tri Vo · 6 years ago
5527d70 Revert "sepolicy: rework ashmem_device permissions" by Orion Hodson · 6 years ago
5e52281 Allow Java domains to be Perfetto producers. by Florian Mayer · 6 years ago
d9dcea5 sepolicy: rework ashmem_device permissions by Tri Vo · 6 years ago
bfcddbe sepolicy: remove ashmemd by Tri Vo · 6 years ago
d6c5ff5 Allow global read access to /sys/kernel/mm/transparent_hugepage/ by Tri Vo · 6 years ago
9fbc87c ashmem: expand app access by Tri Vo · 7 years ago
8b12ff5 Neverallow app open access to /dev/ashmem by Tri Vo · 7 years ago
73d0a67 sepolicy for ashmemd by Tri Vo · 7 years ago
ca0690e Allow heap profiling of certain app domains on user builds by Ryan Savitski · 7 years ago
1bbda7e Initial sepolicy for app_zygote. by Martijn Coenen · 7 years ago
a194d37 Tighten up handling of new classes by Nick Kralevich · 7 years ago
619c1ef tun_device: enforce ioctl restrictions by Nick Kralevich · 7 years ago
0025220 isolated_app: add mmaps by Nick Kralevich · 7 years ago
90cf5a7 same_process_hal_file: access to individual coredomains by Tri Vo · 7 years ago
81ade3d Audit access to same_process_hal_file. by Tri Vo · 7 years ago
8f08456 isolated_apps: no socket create by Nick Kralevich · 7 years ago
23c9d91 Start partitioning off privapp_data_file from app_data_file by Nick Kralevich · 7 years ago
869562e Remove rules for starting the webview_zygote as a child of init. by Robert Sesek · 8 years ago
c80f9e0 Perfetto SELinux policies by Primiano Tucci · 8 years ago
62d3b4f Ensure /sys restrictions for isolated_apps by Nick Kralevich · 8 years ago
ae48ecb Revert "Ensure /sys restrictions for isolated_apps" by Nick Kralevich · 8 years ago
579366a Ensure /sys restrictions for isolated_apps by Nick Kralevich · 8 years ago
69ec0f8 Drop isolated_app auditallow rule. by Nick Kralevich · 8 years ago
91d398d Sync internal master and AOSP sepolicy. by Dan Cashman · 8 years ago
f5446eb Vendor domains must not use Binder by Alex Klyubin · 8 years ago
46e5a06 Move neverallows from untrusted_app.te to app_neverallows.te by Chad Brubaker · 9 years ago
a390397 Move isolated_app policy to private by Alex Klyubin · 9 years ago
3e8dbf0 Restore app_domain macro and move to private use. by dcashman · 9 years ago
2e00e63 sepolicy: add version_policy tool and version non-platform policy. by dcashman · 9 years ago