| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Breaks installation from SD card in some cases otherwise.
Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
|
|
|
|
| |
Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
|
|\
| |
| |
| | |
into replicant-6.0
|
| |
| |
| |
| |
| |
| |
| | |
Update seapp_contexts and mac_permissions.xml for the new
LineageOS updater
Change-Id: I171b35ad5578202724efc3f823f7e7a461e5e5cd
|
|\ \
| |/
| |
| | |
into replicant-6.0
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
On a fresh install the theme service broker creates the initial
theme directory which needs to be relabeled to a themeservice_app_data_File
in order for the brokered theme service to write to this directory
Change-Id: Ifd689a0c619c0e954192749b83a0cacaa945468f
TICKET: NIGHTLIES-3349
|
| |
| |
| |
| |
| |
| | |
* Need write permission to create file containing the current mode.
Change-Id: I4ed26412e7ec38861156110c7eb51ef707a0999f
|
| |
| |
| |
| |
| |
| |
| | |
* Don't wanna break the build for anyone again :( The
native stuff is very QCOM specific and won't work elsewhere.
Change-Id: Id5dbba1a46dc12cbd5914cf3072ed92a72039b31
|
| |
| |
| |
| |
| |
| |
| |
| | |
* LiveDisplay needs to store the user-selected default mode somewhere
in the case where we are mixing local sysfs-style modes with QDCM
modes. Add a rule for this.
Change-Id: I42b80df7c0ee3c2815594c8a6feea3dc078c6ae2
|
| |
| |
| |
| |
| |
| |
| |
| | |
* denied { link } for pid=190 comm="minivold"
name="vold_blkid.tab" dev="tmpfs" scontext=u:r:vold:s0
tcontext=u:object_r:vold_tmpfs:s0 tclass=file
Change-Id: I0b3e47dd00c5a32261691f51838a8d9af9778faa
|
| |
| |
| |
| |
| |
| |
| | |
Allow the theme manager and its data to be sandboxed in
its own context
Change-Id: I7898663d1c196bfe04fa4c539d20191a43fde284
|
| |
| |
| |
| | |
Change-Id: I6d6cfd7202c94135344eb718e0c6ac5347a0ece7
|
| |
| |
| |
| | |
Change-Id: I8fe011140798925ee5b5926355868febd595a788
|
| |
| |
| |
| | |
Change-Id: Ie618887fbf292c702df720f04840ab3c8ff222f7
|
| |
| |
| |
| | |
Change-Id: Ia6fc26781c1cb576c2feee3e941d7206e7878bb5
|
| |
| |
| |
| | |
Change-Id: Icc892d8b2c34950431564738b66d8e8baefc62be
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Upstream policy showed up in AOSP this morning. Dropping
ours in favor of AOSP.
Revert "sepolicy: A few more denials"
This reverts commit 522c421f6623be6437e444454cac58f7bbd5bc32.
Revert "sepolicy: More policy for sdcardfs"
This reverts commit 4a24ffeb6a44b2a044c2c3ce4e5aad8956e7157a.
Revert "sepolicy: Add sdcardfs support"
This reverts commit ba87877dd0b193a29a7b5293e4889c310dcdfc8a.
Change-Id: I4f066b9bd5d8c899137fcaa12999f2547f9e0ec0
|
| |
| |
| |
| |
| |
| | |
* Hopefully the last of the sdcardfs denials
Change-Id: I2a9fbc33696d2517fd2596f64f55656a14d66c2c
|
| |
| |
| |
| | |
Change-Id: Iddc6f86bd1e4b9942139acf9b7e75279b3865b8a
|
| |
| |
| |
| |
| |
| | |
* Do not carry forward into N release.
Change-Id: I1f90695c48ac5a19848efafb146eabdff1ca4b6a
|
| |
| |
| |
| | |
Change-Id: Ib9486b0ad7ed0e4c53494271e6fd35bcfedba40a
|
| |
| |
| |
| | |
Change-Id: Ia2a1734a74c4bba0bc09f150442aec573d769370
|
| |
| |
| |
| |
| |
| |
| | |
* Necessary for being able to execute commands such as 'su'
from a non-root shell
Change-Id: Icbaaa6ff7447add65441011944bdc5d13b788c86
|
| |
| |
| |
| |
| |
| | |
Issue-id:FEIJ-679
Change-Id: Iafe0405fd4a83c8f22e1af7152c1c3a009cd2e71
|
| |
| |
| |
| |
| |
| |
| | |
Uncrypt may need access to additional selinux contexts for devices
with created storage solutions.
Change-Id: Ie90f130ff6bafdd195379f7d57504b2fce4ef830
|
| |
| |
| |
| |
| |
| | |
* IO prefetcher needs to dig into themes and media as well.
Change-Id: I72cd7fca3a7cacf28764023a73c66e4ea8a58be5
|
| |
| |
| |
| | |
Change-Id: I14338a03c469cd71a6d5c7fecc71eb2290b2e6c4
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The proper permissions for the color_enhance sysfs node weren't
being set, rendering the color enhancement switch useless.
Set the proper permissions for LiveDisplay to toggle color enhancement.
Change-Id: Ic8dba8953b73a497cb01a645834c0e7934092b38
|
| |
| |
| |
| |
| |
| | |
* Not sure how the -- got here but it causes the rules to be invalid.
Change-Id: Ib17217d14f844d7aa27bb554346183e32ff5ae13
|
| |
| |
| |
| |
| |
| | |
* Also brings JNI to CMSDK
Change-Id: I599964a1f9200a8d2ecdad0bb8c4d8593e6d7415
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
/storage is a tmpfs volume, and is where updater stores its zip
when downloading updates. Devices with emmc partitions that are
used as 'sdcard' volumes will end up with paths like:
/storage/UUID/...../update.zip
where UUID is the mount point for the partition and update.zip is
the downloaded update. With this change, minivold can create the
UUID folder and mount onto it, fixing the application of updates.
Change-Id: I4fa84fd590f5ff0f91e38c49cef0c179728fdf43
|
| |
| |
| |
| |
| |
| | |
* Also alphabetized the list of feature xmls, you filthy pigs.
Change-Id: I094a46c313be4531c6dd1af1e007a26b2476d60e
|
| |
| |
| |
| |
| |
| |
| | |
* Needed by Gallery3D Photo Editor to apply effects like:
Vignette and Graduated.
Change-Id: I7b07a974fbdb77abbaba1c15a21e918406d2175b
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Introduce the weather system feature, which will be used to
identify if the Weather Content Provider/Weather services are
available in the device.
Add SELinux entries for the cmweather service
Change-Id: Ibe862903095276f87f23c0d7dae54733eeeb5638
|
| |
| |
| |
| | |
Change-Id: I9136e9c9c1413c45aa300f0c92fd69b0c409a052
|
|\ \
| |/
| |
| | |
into replicant-6.0
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Needed for gallery3d when setting contact pics
avc: denied { write } for comm=4173796E635461736B202334
path="/data/data/com.android.settings/cache/CropEditUserPhoto.jpg" dev="mmcblk0p50" ino=65849
scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=file
permissive=0
03-05 13:07:40.741 22060-22207/com.android.gallery3d W/System.err﹕ java.io.IOException: write
failed: EACCES (Permission denied)
Change-Id: Iaa7f75abfd41c86e1a321d5f35b950f9dc7eb930
|
| |
| |
| |
| |
| | |
Change-Id: Ia8f3a5080f2ca2cecc3474058db4970c5661c89c
TICKET: CYNGNOS-2126
|
| |
| |
| |
| |
| |
| |
| |
| | |
init: avc: denied { set } for property=sys.usb.ffs.ready
scontext=u:r:recovery:s0 tcontext=u:object_r:ffs_prop:s0
tclass=property_service
Change-Id: Id3441ccc3c6a8915a5fdf50efd8c617d1242868a
|
| |
| |
| |
| |
| |
| |
| |
| | |
This fixes issues where the kernel would need to read and write
files from internal or external storage. More specifically, the
kernel needs these rules for USB mass storage to work correctly.
Change-Id: I8cb0307727bc0c464d5470e55275ad808e748ee0
|
| |
| |
| |
| |
| |
| |
| |
| | |
System server needs to be able to create a pipe in the cache partition
for uncrypting OTAs. Uncrypt needs to be able to read and write the
pipe.
Change-Id: Ie03ee7d637eaecff8fe38bf03dc733b3915cd336
|
| |
| |
| |
| | |
Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
|
| |
| |
| |
| |
| |
| |
| | |
This allows the device to boot with software rendering
using build/target/board/generic/sepolicy as reference
Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
|
| |
| |
| |
| |
| |
| |
| |
| | |
System server needs to be able to create a pipe in the cache partition
for uncrypting OTAs. Uncrypt needs to be able to read and write the
pipe.
Change-Id: Ie03ee7d637eaecff8fe38bf03dc733b3915cd336
|
|\ \
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
into replicant-6.0
Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
Conflicts:
overlay/common/frameworks/base/core/res/res/drawable-nodpi/default_wallpaper.jpg
overlay/common/frameworks/base/core/res/res/drawable-sw600dp-nodpi/default_wallpaper.jpg
overlay/common/frameworks/base/core/res/res/drawable-sw720dp-nodpi/default_wallpaper.jpg
overlay/common/frameworks/base/core/res/res/drawable-xhdpi/default_wallpaper.jpg
|
| |
| |
| |
| |
| |
| |
| | |
We now use a temporary context when mounting /data, so add permissions
to do that, and add permissions necessary to do the recursive wipe.
Change-Id: Ic925c70f1cf01c8b19a6ac48a9468d6eb9205321
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Also allow apps to read the contents of mounted OBBs.
See AOSP Change-Id: I66df236eade3ca25a10749dd43d173ff4628cfad
and Change-Id: I49b722b24c1c7d9ab084ebee7c1e349d8d660ffa
Change-Id: I757a2a8831c69d41c0496025a39eaf79ceb0e65f
|
|\ \
| |/
| |
| | |
into replicant-6.0-toolchain
|
| |
| |
| |
| |
| |
| |
| |
| | |
Addresses:
avc: denied { write }
for pid=293 comm="perfprofd" name="property_service" dev="tmpfs" ino=9229 scontext=u:r:perfprofd:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0
Change-Id: I5a88722eda4d0751fd9a081c434d385ac1c785ef
|
|\ \
| |/
| |
| | |
into replicant-6.0
|