From 95206efda891cc051c23974a9da1ba798e18eb0c Mon Sep 17 00:00:00 2001 From: Nick Kralevich Date: Fri, 3 Aug 2018 09:16:16 -0700 Subject: [PATCH 1/2] Change priv-apps /home/home labels to privapp_data_file Currently, both untrusted apps and priv-apps use the SELinux file label "app_data_file" for files in their /data/data directory. This is problematic, as we really want different rules for such files. For example, we may want to allow untrusted apps to load executable code from priv-app directories, but disallow untrusted apps from loading executable code from their own home directories. Commit 23c9d91b46352bd91cdc58f33d55378e5567dc1c introduced a new type called privapp_data_file and added rules necessary to preserve compatibility. However, that change did not relabel any existing files, so effectively the change was a no-op. This change performs the switch, relabeling priv-app's /data/data files from app_data_file to privapp_data_file. Due to the compatibility rules added in 23c9d91b46352bd91cdc58f33d55378e5567dc1c, there should be no noticeable effect from this change. Test: Factory reset and boot - no problems on fresh install. Test: Upgrade to new version and test. No compatibility problems on filesystem upgrade. Change-Id: I9a476726bf01f4bcc7952d11fd57dba803a9fd8d --- private/seapp_contexts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/private/seapp_contexts b/private/seapp_contexts index c21d49f2a..418150e71 100644 --- a/private/seapp_contexts +++ b/private/seapp_contexts @@ -112,7 +112,7 @@ user=_isolated domain=isolated_app levelFrom=all user=_app seinfo=media domain=mediaprovider name=android.process.media type=app_data_file levelFrom=user user=_app seinfo=platform domain=platform_app type=app_data_file levelFrom=user user=_app isV2App=true isEphemeralApp=true domain=ephemeral_app type=app_data_file levelFrom=all -user=_app isPrivApp=true domain=priv_app type=app_data_file levelFrom=user +user=_app isPrivApp=true domain=priv_app type=privapp_data_file levelFrom=user user=_app minTargetSdkVersion=28 domain=untrusted_app type=app_data_file levelFrom=all user=_app minTargetSdkVersion=26 domain=untrusted_app_27 type=app_data_file levelFrom=user user=_app domain=untrusted_app_25 type=app_data_file levelFrom=user From 1b517d0e6a0efb75a91dbc3cada972c57d6df089 Mon Sep 17 00:00:00 2001 From: Felipe Leme Date: Mon, 3 Dec 2018 17:35:05 -0800 Subject: [PATCH 2/2] DO NOT MERGE - Renamed "intelligence" to "content_capture" This cherry-pick exists to update pi-dev-plus-aosp sepolicy files to look like the ones in master and aosp. It looks like it was an overlook this patch was merged with DO NOT MERGE instead of only Merged-In. Bug: 111276913 Test: manual verification Merged-In: If76dc7bfdad87789a58fc94e0fd280deae1a41ab Change-Id: If76dc7bfdad87789a58fc94e0fd280deae1a41ab (cherry picked from commit 73e7fa884bb4d47db2b6394a6b234b40811733de) --- private/compat/26.0/26.0.ignore.cil | 2 +- private/compat/27.0/27.0.ignore.cil | 2 +- private/compat/28.0/28.0.ignore.cil | 2 +- private/service_contexts | 2 +- public/service.te | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil index 9a6de98b1..91724c079 100644 --- a/private/compat/26.0/26.0.ignore.cil +++ b/private/compat/26.0/26.0.ignore.cil @@ -30,6 +30,7 @@ broadcastradio_service cgroup_bpf color_display_service + content_capture_service crossprofileapps_service ctl_interface_restart_prop ctl_interface_start_prop @@ -96,7 +97,6 @@ heapprofd_socket incident_helper incident_helper_exec - intelligence_service iorapd iorapd_data_file iorapd_exec diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil index 5bb1e659d..ff1c85781 100644 --- a/private/compat/27.0/27.0.ignore.cil +++ b/private/compat/27.0/27.0.ignore.cil @@ -28,6 +28,7 @@ bpfloader_exec cgroup_bpf color_display_service + content_capture_service crossprofileapps_service ctl_interface_restart_prop ctl_interface_start_prop @@ -87,7 +88,6 @@ heapprofd_socket incident_helper incident_helper_exec - intelligence_service iorapd iorapd_data_file iorapd_exec diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil index 22b0efa9c..4f9a65724 100644 --- a/private/compat/28.0/28.0.ignore.cil +++ b/private/compat/28.0/28.0.ignore.cil @@ -19,6 +19,7 @@ apexd_tmpfs biometric_service content_suggestions_service + content_capture_service cpu_variant_prop dev_cpu_variant device_config_boot_count_prop @@ -46,7 +47,6 @@ heapprofd_prop heapprofd_socket idmap_service - intelligence_service iris_service iris_vendor_data_file llkd diff --git a/private/service_contexts b/private/service_contexts index 9ab0b0a35..47604529f 100644 --- a/private/service_contexts +++ b/private/service_contexts @@ -33,6 +33,7 @@ connmetrics u:object_r:connmetrics_service:s0 consumer_ir u:object_r:consumer_ir_service:s0 content u:object_r:content_service:s0 content_suggestions u:object_r:content_suggestions_service:s0 +content_capture u:object_r:content_capture_service:s0 contexthub u:object_r:contexthub_service:s0 country_detector u:object_r:country_detector_service:s0 coverage u:object_r:coverage_service:s0 @@ -81,7 +82,6 @@ iphonesubinfo2 u:object_r:radio_service:s0 iphonesubinfo u:object_r:radio_service:s0 ims u:object_r:radio_service:s0 imms u:object_r:imms_service:s0 -intelligence u:object_r:intelligence_service:s0 ipsec u:object_r:ipsec_service:s0 iris u:object_r:iris_service:s0 isms_msim u:object_r:radio_service:s0 diff --git a/public/service.te b/public/service.te index ed5f1768c..b21de1d33 100644 --- a/public/service.te +++ b/public/service.te @@ -66,6 +66,7 @@ type connectivity_service, app_api_service, ephemeral_app_api_service, system_se type connmetrics_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; type consumer_ir_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; type content_suggestions_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; +type content_capture_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; type content_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; type country_detector_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; # Note: The coverage_service should only be enabled for userdebug / eng builds that were compiled @@ -100,7 +101,6 @@ type hdmi_control_service, system_api_service, system_server_service, service_ma type imms_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; type input_method_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; type input_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; -type intelligence_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; type ipsec_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type; type iris_service, app_api_service, system_server_service, service_manager_type; type jobscheduler_service, app_api_service, ephemeral_app_api_service, system_server_service, service_manager_type;