tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "sepolicy: Allow system_server to use execmem in emulator builds with software rendering."

Browse source 
am: a1f3cae304

Change-Id: I55b7f80eadadf9872b3bceeebccaab99d30e612b
This commit is contained in:
Peter Collingbourne 2019-11-14 18:54:48 -08:00 committed by android-build-merger
commit b3b9adcb7f
2 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
definitions.mk
View file

@ -13,6 +13,7 @@ $(hide) $(M4) --fatal-warnings $(PRIVATE_ADDITIONAL_M4DEFS) \
-D target_compatible_property=$(PRIVATE_COMPATIBLE_PROPERTY) \ -D target_compatible_property=$(PRIVATE_COMPATIBLE_PROPERTY) \
-D target_treble_sysprop_neverallow=$(PRIVATE_TREBLE_SYSPROP_NEVERALLOW) \ -D target_treble_sysprop_neverallow=$(PRIVATE_TREBLE_SYSPROP_NEVERALLOW) \
-D target_exclude_build_test=$(PRIVATE_EXCLUDE_BUILD_TEST) \ -D target_exclude_build_test=$(PRIVATE_EXCLUDE_BUILD_TEST) \
-D target_requires_insecure_execmem_for_swiftshader=$(PRODUCT_REQUIRES_INSECURE_EXECMEM_FOR_SWIFTSHADER) \
$(PRIVATE_TGT_RECOVERY) \ $(PRIVATE_TGT_RECOVERY) \
-s $(PRIVATE_POLICY_FILES) > $@ -s $(PRIVATE_POLICY_FILES) > $@
endef endef

7
private/system_server.te
View file

@ -983,7 +983,12 @@ neverallow system_server { dev_type -frp_block_device }:blk_file no_rw_file_perm
# system_server should never use JIT functionality # system_server should never use JIT functionality
# See https://googleprojectzero.blogspot.com/2016/12/bitunmap-attacking-android-ashmem.html # See https://googleprojectzero.blogspot.com/2016/12/bitunmap-attacking-android-ashmem.html
# in the section titled "A Short ROP Chain" for why. # in the section titled "A Short ROP Chain" for why.
neverallow system_server self:process execmem; # However, in emulator builds without OpenGL passthrough, we use software
# rendering via SwiftShader, which requires JIT support. These builds are
# never shipped to users.
ifelse(target_requires_insecure_execmem_for_swiftshader, `true',
`allow system_server self:process execmem;',
`neverallow system_server self:process execmem;')
neverallow system_server ashmem_device:chr_file execute; neverallow system_server ashmem_device:chr_file execute;
# TODO: deal with tmpfs_domain pub/priv split properly # TODO: deal with tmpfs_domain pub/priv split properly