tequilaOS/platform_external_selinux
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
5397 commits 1 branch 0 tags 17 MiB
Commit graph

5397 commits

This branch
This branch
All branches
Author SHA1 Message Date
Inseob Kim
6c035ce159 Add a comment to keep in sync with CTS am: 5cfac38d10 am: 03af209f74 am: 7959969e47 am: 603ac63b13 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2709434

Change-Id: Ie9526b15e1cab0da56a2152f91cf99d4d7c5f5bf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-16 16:33:27 +00:00
Inseob Kim
603ac63b13 Add a comment to keep in sync with CTS am: 5cfac38d10 am: 03af209f74 am: 7959969e47 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2709434

Change-Id: I23020f2dcc69c7e8f3b53fda7ed7954117922329
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-16 15:25:10 +00:00
Inseob Kim
7959969e47 Add a comment to keep in sync with CTS am: 5cfac38d10 am: 03af209f74 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2709434

Change-Id: I15579adc5dd42b42747d69ebba92e1f3fb3037ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-16 14:38:24 +00:00
Inseob Kim
03af209f74 Add a comment to keep in sync with CTS am: 5cfac38d10 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2709434

Change-Id: I38131daf2d6fb24828cd82f8cc9af501eefe7704
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-16 13:35:07 +00:00
Inseob Kim
5cfac38d10 Add a comment to keep in sync with CTS 
Test: N/A
Change-Id: I8d8c5033bcd9553a7b33e2d3875cc387fc4ddb86
 2023-08-16 11:15:48 +09:00
Inseob Kim
aa4e4066d3 Change seapp partition log to warning am: cde31a9d4d am: 9f06a40585 am: 6d76d34364 am: 0fee82b014 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2685446

Change-Id: I052a3899aa567440c4e7b4ecdb5aa53782a5f9b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-01 11:16:38 +00:00
Inseob Kim
0fee82b014 Change seapp partition log to warning am: cde31a9d4d am: 9f06a40585 am: 6d76d34364 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2685446

Change-Id: I06a0ce738ef402163a3cc12c9e78bf481c3a6b8f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-01 10:32:27 +00:00
Inseob Kim
6d76d34364 Change seapp partition log to warning am: cde31a9d4d am: 9f06a40585 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2685446

Change-Id: Id5655ac83fba93b9f0244b338cdb50cb8925bb44
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-01 09:48:32 +00:00
Inseob Kim
9f06a40585 Change seapp partition log to warning am: cde31a9d4d 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2685446

Change-Id: Ib55f9ee9ded8069ab5d51e074e658207e0a1296c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-01 09:09:05 +00:00
Inseob Kim
cde31a9d4d Change seapp partition log to warning 
It makes more sense to print it as a warning, because it's not a hard
error for now (until we resolve all violations and create a compliance
test)

Bug: N/A
Test: boot
Change-Id: Iac5deb1f965394ecd4c2acb3711bd07317956236
 2023-08-01 01:56:20 +00:00
Inseob Kim
94c0a1f5d3 Give priority to platform side seapp_contexts am: 51fde66c16 am: 85561b366a am: fb13a306cd am: 8d73989eb3 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2671235

Change-Id: If8a49a082bb7af91f67e730f64008fb8efa8693b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 14:20:30 +00:00
Inseob Kim
8d73989eb3 Give priority to platform side seapp_contexts am: 51fde66c16 am: 85561b366a am: fb13a306cd 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2671235

Change-Id: Ia7b8018f817eb15fd15040ad90fd2df83399f10f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 13:35:54 +00:00
Inseob Kim
fb13a306cd Give priority to platform side seapp_contexts am: 51fde66c16 am: 85561b366a 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2671235

Change-Id: I2e9d919747dfda2faefc40d62ace99d9e27ecb89
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 12:52:40 +00:00
Inseob Kim
85561b366a Give priority to platform side seapp_contexts am: 51fde66c16 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2671235

Change-Id: Ifebcd36ec4e164b2e65e4e4acd35e0f85140568f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 12:09:33 +00:00
Inseob Kim
51fde66c16 Give priority to platform side seapp_contexts 
This is to remove duplicate errors while fixing seapp_contexts
violations (because old vendors still have the entries).

Bug: 280547417
Test: TH
Change-Id: I8c381dad6e8bf5e91148494b55278e124b845c13
 2023-07-26 13:57:15 +09:00
Inseob Kim
55f05a5e4e Fix preinstalled app partition check am: e7d2d82bbb am: 066e9c5d2a am: 1847b12d43 am: ba4c95392d 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2672475

Change-Id: I6ec3ee9c8188d6bfac3e97fe3eb08ac8a2ed5677
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 04:23:25 +00:00
Inseob Kim
45e4f38df0 Check preinstalled app's partition am: be36d71068 am: 44b95e92a7 am: 5ad7961fff am: b777ba8580 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2670896

Change-Id: Ia3e7f3532256db6cc7c1ab16d5f412f56c3d863a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 04:23:21 +00:00
Inseob Kim
ba4c95392d Fix preinstalled app partition check am: e7d2d82bbb am: 066e9c5d2a am: 1847b12d43 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2672475

Change-Id: Icaef9dde2112eee4b0d47a16dcc6bdd1fde69dbc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 03:17:36 +00:00
Inseob Kim
b777ba8580 Check preinstalled app's partition am: be36d71068 am: 44b95e92a7 am: 5ad7961fff 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2670896

Change-Id: Idb08972e124f8f7655d9ce97d050169474bedf7d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 03:17:34 +00:00
Inseob Kim
1847b12d43 Fix preinstalled app partition check am: e7d2d82bbb am: 066e9c5d2a 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2672475

Change-Id: I6c0b1f36bfcbd3469f98f30a455131b537453cd1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 02:31:27 +00:00
Inseob Kim
5ad7961fff Check preinstalled app's partition am: be36d71068 am: 44b95e92a7 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2670896

Change-Id: I7f2e49ed1c0054ae27dae1589f4b2d7706cd2430
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 02:31:24 +00:00
Inseob Kim
066e9c5d2a Fix preinstalled app partition check am: e7d2d82bbb 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2672475

Change-Id: I21f87747dd2d9aeb46d8e086c972570c52f7ff52
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 01:23:50 +00:00
Inseob Kim
44b95e92a7 Check preinstalled app's partition am: be36d71068 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2670896

Change-Id: Ic4da60ec5b8b9af700614c41579b537aebce3f20
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 01:23:46 +00:00
Inseob Kim
e7d2d82bbb Fix preinstalled app partition check 
There is a bug on the code checking the partition, so it's printing
wrong logcat messages. This fixes it by renaming the function name for
better readability.

Also it fixes a bug that the check only happens when levelFrom != NONE.

Bug: 291005833
Test: boot and see logcat
Merged-In: I2dd51a995d76b2c50dae2b2c4af8e3a3a4599408
Change-Id: I2dd51a995d76b2c50dae2b2c4af8e3a3a4599408
(cherry picked from commit 321c025259)
 2023-07-25 10:33:06 +09:00
Inseob Kim
be36d71068 Check preinstalled app's partition 
Bug: 280547417
Test: boot pixel and cuttlefish
Change-Id: I6ed125eff392020ace6686514e0a102dab1fb10f
Merged-In: I6ed125eff392020ace6686514e0a102dab1fb10f
(cherry picked from commit dc9f3516d7)
 2023-07-25 10:32:35 +09:00
Inseob Kim
d44af41693 Fix code detecting duplicated seapp_contexts entry am: c3d1e5a24a am: 7e6718c196 am: 0a8954744d am: d600004be6 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2658206

Change-Id: Iccfb5417ea9ea942413f621f15325b3bdb63d612
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-17 13:46:30 +00:00
Inseob Kim
d600004be6 Fix code detecting duplicated seapp_contexts entry am: c3d1e5a24a am: 7e6718c196 am: 0a8954744d 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2658206

Change-Id: I5d509a734572a9b9f95d75ac65f7f6b3fe5ec3bb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-17 13:07:21 +00:00
Inseob Kim
0a8954744d Fix code detecting duplicated seapp_contexts entry am: c3d1e5a24a am: 7e6718c196 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2658206

Change-Id: I4ed3459e4b181e014bbf28ee9f88d163a46d49b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-17 12:21:21 +00:00
Inseob Kim
7e6718c196 Fix code detecting duplicated seapp_contexts entry am: c3d1e5a24a 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2658206

Change-Id: Ie55483272fdc4f99df6b7f3d800c16f8eabf60dc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-17 11:35:17 +00:00
Inseob Kim
c3d1e5a24a Fix code detecting duplicated seapp_contexts entry 
There are two problems addressed by this change.

1) qsort doesn't compare all pairs of elements having the same
   precedence. We can't rely only on qsort's comparator to detect
   duplicates.

2) comparing logic is broken. For example,

        s1->isPrivAppSet && s1->isPrivApp == s2->isPrivApp

   really should be

        !s1->isPrivAppSet || s1->isPrivApp == s2->isPrivApp

Bug: 291528964
Test: manually create two duplicated entries and boot
Change-Id: Ieae4a7f5419e18636bb2fd5f70700faa4fa8acf1
 2023-07-17 10:04:00 +00:00
Nikita Ioffe
32f3437e65 selinux_android_restorecon: log if selinux is disabled am: f8cf22eba8 am: 7acef81958 am: bff9fe164f am: f684be58ea am: 62bfd9b17c 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2628031

Change-Id: I6221b5d9dda09d5b5e9f07fe465305ae0fd2a034
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-16 17:35:07 +00:00
Nikita Ioffe
62bfd9b17c selinux_android_restorecon: log if selinux is disabled am: f8cf22eba8 am: 7acef81958 am: bff9fe164f am: f684be58ea 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2628031

Change-Id: I5e1e7eb088d2534ad84f5ba299beac3dd27dde06
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-16 16:55:29 +00:00
Nikita Ioffe
f684be58ea selinux_android_restorecon: log if selinux is disabled am: f8cf22eba8 am: 7acef81958 am: bff9fe164f 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2628031

Change-Id: I844493a1abd5a36a47cf0ff7d1b07a1bc2b91865
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-16 16:10:38 +00:00
Nikita Ioffe
bff9fe164f selinux_android_restorecon: log if selinux is disabled am: f8cf22eba8 am: 7acef81958 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2628031

Change-Id: Ic724498e45e5b98e7d8071f31db1c59a0efbf309
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-16 15:21:14 +00:00
Nikita Ioffe
7acef81958 selinux_android_restorecon: log if selinux is disabled am: f8cf22eba8 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2628031

Change-Id: Iec5a861f6a1305e86a0afdd00191734ad967c9b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-16 14:38:58 +00:00
Nikita Ioffe
f8cf22eba8 selinux_android_restorecon: log if selinux is disabled 
Right now selinux_android_restorecon will silently succeed if selinux is
disabled which is confusing.

This change adds a log statement that should help with debugging issues
related to disabled selinux (see attached bug).

Bug: 284277137
Test: presubmit
Change-Id: I4ebc6400ac7188660658ef3cccfb7cbdc76c0f22
 2023-06-16 12:59:16 +01:00
Mugdha Lakhani
2ab7070ca4 [automerger skipped] Add applySdkSandboxNextRestrictions flag am: 8c40c00f3d am: 38bf716c63 am: 614a8b6985 -s ours 
am skip reason: Merged-In I175229d135d99516dd6f38b8963d0ccc93a61a4f with SHA-1 8c40c00f3d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/selinux/+/23149989

Change-Id: I32559987d9970726859168e6c18f70f5ec9d24de
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-13 01:32:05 +00:00
Mugdha Lakhani
ee7d8c6539 [automerger skipped] Add applySdkSandboxNextRestrictions flag am: 8c40c00f3d -s ours am: ae7e95128b -s ours am: c535a1e4af -s ours 
am skip reason: Merged-In I175229d135d99516dd6f38b8963d0ccc93a61a4f with SHA-1 e1c842285b is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/selinux/+/23149989

Change-Id: I4fa7f87a95c0a2a05d6979e5aba52f9989b290c3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-13 01:27:02 +00:00
Mugdha Lakhani
3a2538d5f2 [automerger skipped] Add applySdkSandboxNextRestrictions flag am: 8c40c00f3d am: 38bf716c63 -s ours am: 79f2b6dca5 -s ours 
am skip reason: Merged-In I175229d135d99516dd6f38b8963d0ccc93a61a4f with SHA-1 e1c842285b is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/selinux/+/23149989

Change-Id: I5b1c5f62b0f8273423dce851f3997db4fd2c0f7b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-13 01:26:29 +00:00
Mugdha Lakhani
c535a1e4af [automerger skipped] Add applySdkSandboxNextRestrictions flag am: 8c40c00f3d -s ours am: ae7e95128b -s ours 
am skip reason: Merged-In I175229d135d99516dd6f38b8963d0ccc93a61a4f with SHA-1 e1c842285b is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/selinux/+/23149989

Change-Id: If267af1dfb59a6f93d8827d0edc60ab9f42fe3cd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-13 00:47:23 +00:00
Mugdha Lakhani
614a8b6985 Add applySdkSandboxNextRestrictions flag am: 8c40c00f3d am: 38bf716c63 
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/selinux/+/23149989

Change-Id: I033e49e688ef83baca718d28b3d33df98dd98aa3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-13 00:47:18 +00:00
Mugdha Lakhani
79f2b6dca5 [automerger skipped] Add applySdkSandboxNextRestrictions flag am: 8c40c00f3d am: 38bf716c63 -s ours 
am skip reason: Merged-In I175229d135d99516dd6f38b8963d0ccc93a61a4f with SHA-1 e1c842285b is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/selinux/+/23149989

Change-Id: Idce0e7ece54bf7f66de1e5e3337789bdf5c1e08e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-13 00:43:08 +00:00
Mugdha Lakhani
38bf716c63 Add applySdkSandboxNextRestrictions flag am: 8c40c00f3d 
Original change: https://googleplex-android-review.googlesource.com/c/platform/external/selinux/+/23149989

Change-Id: I7f3e8d9168d80e3384ee4e9c4c6617ce4a1784fe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-13 00:04:16 +00:00
Mugdha Lakhani
ae7e95128b [automerger skipped] Add applySdkSandboxNextRestrictions flag am: 8c40c00f3d -s ours 
am skip reason: Merged-In I175229d135d99516dd6f38b8963d0ccc93a61a4f with SHA-1 e1c842285b is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/external/selinux/+/23149989

Change-Id: I424096c54e2704b550904d6356910d0f9b042e80
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-12 23:59:26 +00:00
Mugdha Lakhani
2e9deaf50f Add applySdkSandboxNextRestrictions flag am: e1c842285b am: 630c8c01c5 am: d5783f3391 am: 263eed616d am: d0de07ad56 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2584678

Change-Id: I858727d6522c7a106411ed24e6801dbd9fd24d0c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-12 13:21:11 +00:00
Mugdha Lakhani
d0de07ad56 Add applySdkSandboxNextRestrictions flag am: e1c842285b am: 630c8c01c5 am: d5783f3391 am: 263eed616d 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2584678

Change-Id: I7f1d5f8feb6494f0b7b1d2c04d97d00eed98f080
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-12 12:43:55 +00:00
Mugdha Lakhani
263eed616d Add applySdkSandboxNextRestrictions flag am: e1c842285b am: 630c8c01c5 am: d5783f3391 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2584678

Change-Id: I5616bebdc478d6c6ad98a7d8aee93366d0f0511d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-12 12:42:39 +00:00
Mugdha Lakhani
d5783f3391 Add applySdkSandboxNextRestrictions flag am: e1c842285b am: 630c8c01c5 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2584678

Change-Id: I93b0b5bd53a32e662f5489502c7261a25802a747
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-12 11:56:58 +00:00
Mugdha Lakhani
630c8c01c5 Add applySdkSandboxNextRestrictions flag am: e1c842285b 
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2584678

Change-Id: I813a7f18bc14084a7a81cb7a61804356981908f6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-12 11:18:03 +00:00
Mugdha Lakhani
8c40c00f3d Add applySdkSandboxNextRestrictions flag 
seapp_context_lookup_internal applies a flag that is referenced in
seapp_contexts based on the seInfo string passed to it.

This enables testers to test out the set of restriction planned the
next SDK version and give feedback before we decide on the actual
restrictions for the next release.

Bug: b/270148964
Test: manual test app and adb shell ps -Z
Change-Id: I175229d135d99516dd6f38b8963d0ccc93a61a4f
Merged-In: I175229d135d99516dd6f38b8963d0ccc93a61a4f
 2023-05-11 18:07:06 +00:00