Cross Reference: /device/asus/flo/BoardConfigCommon.mk

History log of /device/asus/flo/BoardConfigCommon.mk
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
48b12ed5a29343f13252c57e23b2feb2e0238681	20-Nov-2014	Iliyan Malchev <malchev@google.com>	flo: increase vmalloc size by 100MB (240MB-->340MB) b/18402205 External reports: Video playback failing on Flo after upgrade to Lollipop Change-Id: I8569a59f357a0bd689ed5a86da27fcf524a28143 Signed-off-by: Iliyan Malchev <malchev@google.com> /device/asus/flo/BoardConfigCommon.mk
b450b48b1a55913960b93c07e960b885218ad4f7	11-Aug-2014	Alex Light <allight@google.com>	Enable WITH_DEXPREOPT on devices where it is possible Change-Id: I0ea9768f801865f95f2774b8377cc8f3d75e30bf (cherry picked from commit 35251f090b30d32c79febcc9c4296534cc3b5f5b) /device/asus/flo/BoardConfigCommon.mk
8a000094f63244863d7d4f16c9a22d2123f4ccc6	11-Aug-2014	Alex Light <allight@google.com>	Enable WITH_DEXPREOPT_BOOT_IMG_ONLY to support partial preopting Bug: 16938924 Change-Id: Iadf3235cbd93375b8c3b89faa07d7d6c42cd6fb0 (cherry picked from commit c8030c7f4c3f550710450599d3915fb09284575a) /device/asus/flo/BoardConfigCommon.mk
65650fd6fb6371f20a470e630b2cd11c4d5d28da	17-Jul-2014	Nick Kralevich <nnk@google.com>	Update selinux rules for rmt_storage Google's internal master has been updated to not use /dev/mem. Update the SELinux rules to allow for this. Keep rmt in permissive for AOSP. The updated userspace / kernel aren't in AOSP, and we don't want to break those users. We'll flip this to enforcing in Google's internal tree. (cherry picked from commit 023162b9e8f6ccfa40fbe1e0e2c5548721099562) Change-Id: Ie9de15361c4f283baa912bcd15e3e3c93c897c6a /device/asus/flo/BoardConfigCommon.mk
dba9973dd7c03c2a18770c78945461ea91311d63	16-Jun-2014	Victoria Lease <violets@google.com>	enable EXTENDED_FONT_FOOTPRINT for flo/deb please enjoy your new selection of CJK fonts! Bug: 15569561 Change-Id: Ia9cacbe788e0ebcd4f34e44fc6edad4f621f47f7 /device/asus/flo/BoardConfigCommon.mk
f3cf895319941d13b488b4f37de30c9c83b2adb0	30-May-2014	Nick Kralevich <nnk@google.com>	am 01902a06: am 45248675: am 7d491eeb: Merge "Drop ppd selinux policy." * commit '01902a06526bdc737b5c36e917fa5cab70b36763': Drop ppd selinux policy.
45248675fce36c418344cffe10ca9dbb3a6737ea	30-May-2014	Nick Kralevich <nnk@google.com>	am 7d491eeb: Merge "Drop ppd selinux policy." * commit '7d491eebc25f051dfe3d4a52d16a21248534cdc5': Drop ppd selinux policy.
159a3411c21a7b5f6691e6dd28fad291b120e5a9	30-May-2014	Robert Craig <rpcraig@tycho.ncsc.mil>	Drop ppd selinux policy. The ppd service which runs the mm-pp-daemon binary appears to no longer be used. The last occurrence of the binary for either flo or deb is with the jss15r and jls36i builds respectively. In fact, current builds report that the ppd service is explicitly being disabled. <3>[ 5.023345] init: cannot find '/system/bin/mm-pp-daemon', disabling 'ppd' Thus, just drop the selinux policy for it. While we're at it, drop the ppd service entries from the init.flo.rc file too. Change-Id: I5902b6876d5bea33bb65dcaa505fc4ee13a61677 Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil> /device/asus/flo/BoardConfigCommon.mk
de81fe0b2674f8be5a8274db2c004c15abaddcf1	01-Apr-2014	Doug Zongker <dougz@android.com>	remove custom recovery UI for flo All its functionality is now in the default UI. Change-Id: I013f864bae10e3e1e8bee65241d05a8e5529f680 /device/asus/flo/BoardConfigCommon.mk
d9093241a3c6433fa8866c8c71e865fd7590c19e	10-Mar-2014	Nick Kralevich <nnk@google.com>	am 6991ec7a: Merge "SELinux: Allow hostapd to read wifi data files under /persist." * commit '6991ec7a25209ef4bd5b3522b3afabbe8eab832f': SELinux: Allow hostapd to read wifi data files under /persist.
66cfafa54fc4e4e50901f24be4593b39b69e66be	06-Mar-2014	Robert Craig <rpcraig@tycho.ncsc.mil>	SELinux: Allow hostapd to read wifi data files under /persist. Addresses the following denials: avc: denied { search } for pid=9143 comm="hostapd" name="wifi" dev="mmcblk0p16" ino=12 scontext=u:r:hostapd:s0 tcontext=u:object_r:persist_wifi_file:s0 tclass=dir avc: denied { getattr } for pid=9143 comm="hostapd" path="/persist/wifi/.macaddr" dev="mmcblk0p16" ino=19 scontext=u:r:hostapd:s0 tcontext=u:object_r:persist_wifi_file:s0 tclass=file avc: denied { read } for pid=9143 comm="hostapd" name=".macaddr" dev="mmcblk0p16" ino=19 scontext=u:r:hostapd:s0 tcontext=u:object_r:persist_wifi_file:s0 tclass=file avc: denied { open } for pid=9143 comm="hostapd" name=".macaddr" dev="mmcblk0p16" ino=19 scontext=u:r:hostapd:s0 tcontext=u:object_r:persist_wifi_file:s0 tclass=file Change-Id: I0e86c92d91601c341c1798f869b935b359c2577a Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil> /device/asus/flo/BoardConfigCommon.mk
dcaccbaccef2814b44abd57fe0670413d82f76ff	21-Feb-2014	Nick Kralevich <nnk@google.com>	am d802a62f: Merge "Move SELinux diag_device policy to userdebug/eng." * commit 'd802a62fd6dd27e14742d98f4fb06f52fefa8f5d': Move SELinux diag_device policy to userdebug/eng.
ba571057faf0714eeaf646d0033c8c393b94c197	21-Feb-2014	Robert Craig <rpcraig@tycho.ncsc.mil>	Move SELinux diag_device policy to userdebug/eng. Also just remove all specific domain access and instead allow diag_device access for all domains on the userdebug/user builds. Change-Id: I2dc79eb47e05290902af2dfd61a361336ebc8bca Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil> /device/asus/flo/BoardConfigCommon.mk
ca4a7b9a8bcabfeed55e54fa263396668c1c23f4	21-Feb-2014	Nick Kralevich <nnk@google.com>	am 699b9b67: Merge "Address SELinux denials with rild." * commit '699b9b6704abf8ecd9b4efeb631fee06173f417e': Address SELinux denials with rild.
62d77eeceb8f826b6e673170fc514091bb109a50	21-Feb-2014	Robert Craig <rpcraig@tycho.ncsc.mil>	Address SELinux denials with rild. Allow r/w access to /dev/diag on userdebug/eng builds. avc: denied { read write } for pid=204 comm="rild" name="diag" dev="tmpfs" ino=8404 scontext=u:r:rild:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file avc: denied { open } for pid=204 comm="rild" name="diag" dev="tmpfs" ino=8404 scontext=u:r:rild:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file Grant radio sockets access to rild. avc: denied { write } for pid=323 comm="rild" name="qmux_radio" dev="tmpfs" ino=1053 scontext=u:r:rild:s0 tcontext=u:object_r:qmuxd_socket:s0 tclass=dir avc: denied { write } for pid=323 comm="rild" name="qmux_connect_socket" dev="tmpfs" ino=1309 scontext=u:r:rild:s0 tcontext=u:object_r:qmuxd_socket:s0 tclass=sock_file avc: denied { connectto } for pid=323 comm="rild" path="/dev/socket/qmux_radio/qmux_connect_socket" scontext=u:r:rild:s0 tcontext=u:r:qmux:s0 tclass=unix_stream_socket Change-Id: I89f7531fb006bfcae9f97b979fba61f3ed6badde Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil> /device/asus/flo/BoardConfigCommon.mk
0790950ccfd34ce9b2a74a12d6e15ff7d65c5353	31-Jan-2014	Stephen Hines <srhines@google.com>	DO NOT MERGE: Disable GPU RS driver due to AOSP incompatibility. This change will necessitate a rebuilt GPU driver: https://android-review.googlesource.com/80951 Change-Id: I61f4098305422021f6f78dc7f3b99e2cc9b4c116 /device/asus/flo/BoardConfigCommon.mk
a37cbdbfffe86ab8b7b32607a06b4ee4b3b539ba	18-Dec-2013	Nick Kralevich <nnk@google.com>	initial irsc_util domain Initially unconfined and enforcing. Change-Id: I49be1c53afb1f91836d5e49dbce84c4a0c789478 /device/asus/flo/BoardConfigCommon.mk
c2fadc12a16bbf96b00fac8f14d69aab766519be	12-Dec-2013	Stephen Smalley <sds@tycho.nsa.gov>	Move gpu_device type and rules to core policy. Change-Id: I3ce0b4bd25e078698a1c50242aaed414bf5cb517 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> /device/asus/flo/BoardConfigCommon.mk
df2aa61a2d209da854474ba18d7350e9380c0cd4	25-Nov-2013	Robert Craig <rpcraig@tycho.ncsc.mil>	SELinux policy updates. * Make gpu_device a trusted object since all apps can write to the device. denied { write } for pid=3460 comm="ense_free.menus" name="kgsl-3d0" dev="tmpfs" ino=7606 scontext=u:r:untrusted_app:s0:c92,c256 tcontext=u:object_r:gpu_device:s0 tclass=chr_file * Drop dead type mpdecision_device. * Create policy for mm-pp-daemon and keep it permissive. Address the following initial denials. denied { write } for pid=220 comm="mm-pp-daemon" name="property_service" dev="tmpfs" ino=7289 scontext=u:r:ppd:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file denied { connectto } for pid=220 comm="mm-pp-daemon" path="/dev/socket/property_service" scontext=u:r:ppd:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket denied { read write } for pid=220 comm="mm-pp-daemon" name="fb0" dev="tmpfs" ino=8523 scontext=u:r:ppd:s0 tcontext=u:object_r:graphics_device:s0 tclass=chr_file denied { open } for pid=220 comm="mm-pp-daemon" name="fb0" dev="tmpfs" ino=8523 scontext=u:r:ppd:s0 tcontext=u:object_r:graphics_device:s0 tclass=chr_file denied { ioctl } for pid=220 comm="mm-pp-daemon" path="/dev/graphics/fb0" dev="tmpfs" ino=8523 scontext=u:r:ppd:s0 tcontext=u:object_r:graphics_device:s0 tclass=chr_file * Add kickstart_exec labels for kickstart binaries that are used by deb devices. * Add tee policy. Label /data/misc/playready and allow tee access. denied { write } for pid=259 comm="qseecomd" name="misc" dev="mmcblk0p30" ino=635233 scontext=u:r:tee:s0 tcontext=u:object_r:system_data_file:s0 tclass=dir denied { read } for pid=232 comm="qseecomd" name="/" dev="mmcblk0p30" ino=2 scontext=u:r:tee:s0 tcontext=u:object_r:system_data_file:s0 tclass=dir denied { create } for pid=306 comm="qseecomd" name="playready" scontext=u:r:tee:s0 tcontext=u:object_r:drm_data_file:s0 tclass=dir denied { search } for pid=282 comm="qseecomd" name="playready" dev="mmcblk0p30" ino=635262 scontext=u:r:tee:s0 tcontext=u:object_r:drm_data_file:s0 tclass=dir denied { read } for pid=282 comm="qseecomd" name="playready" dev="mmcblk0p30" ino=635262 scontext=u:r:tee:s0 tcontext=u:object_r:drm_data_file:s0 tclass=dir denied { write } for pid=265 comm="qseecomd" name="playready" dev="mmcblk0p30" ino=635262 scontext=u:r:tee:s0 tcontext=u:object_r:drm_data_file:s0 tclass=dir denied { create } for pid=252 comm="qseecomd" name="tzdrm.log" scontext=u:r:tee:s0 tcontext=u:object_r:drm_data_file:s0 tclass=file denied { read write open } for pid=271 comm="qseecomd" name="tzdrm.log" dev="mmcblk0p30" ino=635264 scontext=u:r:tee:s0 tcontext=u:object_r:drm_data_file:s0 tclass=file * Give surfaceflinger access to /dev/socket/pps and allow access to certain sysfs nodes. denied { write } for pid=181 comm="surfaceflinger" name="pps" dev="tmpfs" ino=7958 scontext=u:r:surfaceflinger:s0 tcontext=u:object_r:ppd_socket:s0 tclass=sock_file denied { write } for pid=182 comm="surfaceflinger" name="hpd" dev="sysfs" ino=9639 scontext=u:r:surfaceflinger:s0 tcontext=u:object_r:sysfs:s0 tclass=file Change-Id: Ia7a5c63365593af7ac5adc207b27fad113b01dd3 /device/asus/flo/BoardConfigCommon.mk
e43c3f5a4a6e193cf92ad0d05c78456b581dc917	23-Nov-2013	Nick Kralevich <nnk@google.com>	am 3dd91d02: Merge "Add to selinux policy." * commit '3dd91d0298097d990ff37ddc6885fe63d819eae2': Add to selinux policy.
5c05d63597811693a9bd7506ab1708ab7907add2	22-Nov-2013	The Android Open Source Project <initial-contribution@android.com>	Merge commit 'e741348065428222edfd3486180e1778ffb489d6' into HEAD
9d6624a0b503d2fe950dd0dccfe9ca90aae19eac	15-Nov-2013	Robert Craig <rpcraig@tycho.ncsc.mil>	Add to selinux policy. Bring policy over from the mako board which has a lot of similar domains and services. mako is also a Qualcomm board which allows a lot of that policy to be directly brought over and applied. Included in this are some radio specific pieces. Though not directly applicable to flo, the deb board inherits this policy. Change-Id: I6b294c7dc830189c08f1f981a239234a2c3f577f /device/asus/flo/BoardConfigCommon.mk
6e899c856889fcb7fe17aeba7c8122312e09bab5	13-Nov-2013	Robert Craig <rpcraig@tycho.ncsc.mil>	Create new security labels for device nodes. Labeling nodes with appropriate types doesn't introduce any new denials to the mix. This list largely addresses the Qualcomm specific nodes. Various nodes are labeled with radio specific types. Since the deb build inherits from this flo policy, it is a good idea to include them. Change-Id: Ia55a80af027c8bde933d45c41f4ed287f01adb2e /device/asus/flo/BoardConfigCommon.mk
c1dd2c8312e20e0633db90a3c6d8df06ded6da8a	13-Nov-2013	Robert Craig <rpcraig@tycho.ncsc.mil>	Label kgsl (graphics) nodes. Created a new label and addressed the following denials. * For system server denied { read write } for pid=800 comm="ndroid.systemui" name="kgsl-3d0" dev="tmpfs" ino=8426 scontext=u:r:platform_app:s0 tcontext=u:object_r:device:s0 tclass=chr_file denied { open } for pid=800 comm="ndroid.systemui" name="kgsl-3d0" dev="tmpfs" ino=8426 scontext=u:r:platform_app:s0 tcontext=u:object_r:device:s0 tclass=chr_file denied { ioctl } for pid=800 comm="ndroid.systemui" path="/dev/kgsl-3d0" dev="tmpfs" ino=8426 scontext=u:r:platform_app:s0 tcontext=u:object_r:device:s0 tclass=chr_file * For surfaceflinger denied { ioctl } for pid=286 comm="SurfaceFlinger" path="/dev/kgsl-3d0" dev="tmpfs" ino=8426 scontext=u:r:surfaceflinger:s0 tcontext=u:object_r:device:s0 tclass=chr_file denied { read write } for pid=286 comm="SurfaceFlinger" path="/dev/kgsl-3d0" dev="tmpfs" ino=8426 scontext=u:r:surfaceflinger:s0 tcontext=u:object_r:device:s0 tclass=chr_file * For app domains denied { read write } for pid=800 comm="ndroid.systemui" name="kgsl-3d0" dev="tmpfs" ino=8426 scontext=u:r:platform_app:s0 tcontext=u:object_r:device:s0 tclass=chr_file denied { open } for pid=800 comm="ndroid.systemui" name="kgsl-3d0" dev="tmpfs" ino=8426 scontext=u:r:platform_app:s0 tcontext=u:object_r:device:s0 tclass=chr_file denied { ioctl } for pid=800 comm="ndroid.systemui" path="/dev/kgsl-3d0" dev="tmpfs" ino=8426 scontext=u:r:platform_app:s0 tcontext=u:object_r:device:s0 tclass=chr_file Change-Id: I417bbd12fbdc17cd3d1110dcf3bff73dd5e385a4 /device/asus/flo/BoardConfigCommon.mk
226d605c9d2c1e99469464842c36f6cd9fb4f789	14-Nov-2013	Nick Kralevich <nnk@google.com>	fix broken wifi on flo/deb 00739e3d14f2f1ea9240037283c3edd836d2aa2f in external/sepolicy moved ueventd into enforcing. This broke wifi on flo/deb. Fix it. This addresses the following denials: <5>[ 219.755523] type=1400 audit(1384456650.969:107): avc: denied { search } for pid=2868 comm="ueventd" name="wifi" dev="mmcblk0p30" ino=637740 scontext=u:r:ueventd:s0 tcontext=u:object_r:wifi_data_file:s0 tclass=dir <5>[ 219.755706] type=1400 audit(1384456650.969:108): avc: denied { read } for pid=2868 comm="ueventd" name="WCNSS_qcom_cfg.ini" dev="mmcblk0p30" ino=637747 scontext=u:r:ueventd:s0 tcontext=u:object_r:wifi_data_file:s0 tclass=file <5>[ 219.755889] type=1400 audit(1384456650.969:109): avc: denied { open } for pid=2868 comm="ueventd" name="WCNSS_qcom_cfg.ini" dev="mmcblk0p30" ino=637747 scontext=u:r:ueventd:s0 tcontext=u:object_r:wifi_data_file:s0 tclass=file <5>[ 219.756134] type=1400 audit(1384456650.969:110): avc: denied { getattr } for pid=2868 comm="ueventd" path="/data/misc/wifi/WCNSS_qcom_cfg.ini" dev="mmcblk0p30" ino=637747 scontext=u:r:ueventd:s0 tcontext=u:object_r:wifi_data_file:s0 tclass=file Bug: 11688129 Change-Id: Ice0d3432010cfbbce88dd0ede013af3b2297d3d6 /device/asus/flo/BoardConfigCommon.mk
40b7b28ddfbf5a322d0d2b1172e58c41a1205248	08-Nov-2013	Nick Kralevich <nnk@google.com>	Move rmt into its own domain. Don't run rmt in init's domain. /system/bin/rmt_storage is a qualcomm specific daemon responsible for servicing modem filesystem requests. It doesn't make sense to run rmt_storage in init's domain, as doing so prevents us from fine tuning its policy. Keep the domain in permissive mode right now until we address the following denials: <5>[ 7.497467] type=1400 audit(1383939680.983:5): avc: denied { read write } for pid=193 comm="rmt_storage" name="mem" dev="tmpfs" ino=4010 scontext=u:r:rmt:s0 tcontext=u:object_r:kmem_device:s0 tclass=chr_file <5>[ 7.497741] type=1400 audit(1383939680.983:6): avc: denied { open } for pid=193 comm="rmt_storage" name="mem" dev="tmpfs" ino=4010 scontext=u:r:rmt:s0 tcontext=u:object_r:kmem_device:s0 tclass=chr_file We still need to get a better understanding of what rmt_storage does and what rules should be applied to it. Change-Id: I45d03fb93870f1b4bb64215f5dcd9a2a443f5566 /device/asus/flo/BoardConfigCommon.mk
203fd0df67d63308b65a3672700570e06f54739d	07-Nov-2013	Nick Kralevich <nnk@google.com>	Label /dev/qseecom Otherwise keystore in enforcing is broken. Bug: 11518274 Change-Id: I10ead7cabe794d1752a8cba4dc3193217aad7805 /device/asus/flo/BoardConfigCommon.mk
cd49ca8e6af70f4597a75331fe696af7eb3c6122	08-Oct-2013	Jamie Gennis <jgennis@google.com>	Set a present -> vsync offset Bug: 10624956 Change-Id: If0908918defb54ac7101586636ced55d4f411e17 /device/asus/flo/BoardConfigCommon.mk
54dca38d9621c0c21f01356a7fd2da5c15a0d7fc	06-Sep-2013	Iliyan Malchev <malchev@google.com>	flo: enable device-specific camera b/10429994 Change-Id: Ia03f3a7628448afb8b115a898a3373f95e1dcbd0 Signed-off-by: Iliyan Malchev <malchev@google.com> /device/asus/flo/BoardConfigCommon.mk
ab3a4598f5eecf9045f9e6d3029159f6000cb325	11-Jul-2013	Iliyan Malchev <malchev@google.com>	flo: enable OVERIDE_RS_DRIVER Change-Id: I584c414d27477937e59bbf64114d513cc1988c69 Signed-off-by: Iliyan Malchev <malchev@google.com> /device/asus/flo/BoardConfigCommon.mk
6a51934a6c69a1e8a1cef6505c03f192403e6cb8	13-Jun-2013	Iliyan Malchev <malchev@google.com>	resolved conflicts for merge of 17c394cc to master Change-Id: I19f5b66636fe1b22cf6eac01501b2c851e93b3b2
604128e9835f8a26c3168b058bafc7ef72787bd2	13-Jun-2013	Iliyan Malchev <malchev@google.com>	Revert "Revert "flo: disable CABL"" This reverts commit 1f335d5117a265fea2b81d780ad87892a72fc766. Bug: 9414907 Change-Id: I9576f753e26b197b74d753bbe92c27bb6b170b5e Signed-off-by: Iliyan Malchev <malchev@google.com> /device/asus/flo/BoardConfigCommon.mk
ac46a956011cf8b566d03625e9d525928b007194	31-May-2013	Ed Tam <etam@google.com>	Build fix. USE_DEVICE_SPECIFIC_QCOM_PROPRIETARY flag got lost in a merge conflict. Change-Id: I85e5c9d124e62d7aade47f3ad45a39e2e77347fe /device/asus/flo/BoardConfigCommon.mk
0870f9fb5f2d093f09890aa7f5ddadfa91c190e4	31-May-2013	Iliyan Malchev <malchev@google.com>	flo: fix recovery code Bug: 9010664 Change-Id: I4d6f86c994299c8f9af56d244cdfbe27125c02f6 Signed-off-by: Iliyan Malchev <malchev@google.com> /device/asus/flo/BoardConfigCommon.mk
5dde0d61561977e5ac93ec2496e6a941d9982482	23-May-2013	Ed Tam <etam@google.com>	Break out flo and common makefiles for deb support. Bug: 9067974 Change-Id: Ia1530db751d26f0a930966d656d55978c140f33d /device/asus/flo/BoardConfigCommon.mk