tequilaOS/platform_system_sepolicy

Author	SHA1	Message	Date
Inseob Kim	ff2018fa84	Fix bpfmt Bug: N/A Test: N/A Flag: NONE trivial format change Change-Id: I8f6293dcc47a4ead347c4861ba929d4b3042c311	2024-04-17 09:55:49 +09:00
Jooyung Han	c6d23b47d8	Merge "Relax neverallows for vendor to use /system/bin/sh" into android14-tests-dev am: `a1260cfa21` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2988072 Change-Id: If21747c23ef463345f1f2e19e0c389e084b2fd90 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2024-03-06 06:58:55 +00:00
Jooyung Han	a1260cfa21	Merge "Relax neverallows for vendor to use /system/bin/sh" into android14-tests-dev	2024-03-06 06:18:53 +00:00
Treehugger Robot	9dba1b8892	Merge "Grant lockdown integrity to all processes" into android14-tests-dev	2024-03-06 06:18:07 +00:00
Jooyung Han	6ece857f4f	Relax neverallows for vendor to use /system/bin/sh Since 202404, vendor components will use /system/bin/sh for system(3), popen(3), etc. Bug: 324142245 Test: system("readlink /proc/$$/exe") in vendor HALs Change-Id: I521499678e87a7d0216a276e014888867f495803 (cherry picked from commit `f0ba322926`)	2024-03-05 19:09:05 +09:00
Thiébaud Weksteen	c1b65e5d53	Grant lockdown integrity to all processes The default policy for the "lockdown" access vector on Android was introduced in commit `bcfca1a6`. While the "confidentiality" permission was granted to all processes, the "integrity" was marked as neverallowed. Upstream, the support for that access vector was removed from kernel 5.16 onwards. It was found that the "integrity" permission either does not apply to Android or duplicates other access control (e.g., capabilities sys_admin). Instead of simply removing the neverallow rule, the access is granted to all processes. This will prevent the proliferation of references to this access vector in vendors' policies and ultimately facilitate its removal. Test: presubmit Bug: 285443587 Bug: 269377822 Bug: 319390252 Change-Id: If2ad34fbbf2c0d29ac54ab5d1be430623f86f1f7 (cherry picked from commit `99a4cbcee7`) Merged-In: If2ad34fbbf2c0d29ac54ab5d1be430623f86f1f7	2024-02-28 18:10:29 -08:00
Carmen Jackson	77b2e52f74	Add rules for Perfetto to be used from system_server This includes rules for starting Perfetto as well as rules for communicating over stdio between Perfetto and system_server. This is a cherrypick of aosp/2958867 with prebuilts updated. Bug: 325709490 Test: Presubmit Change-Id: I7e4c044a6a2afb48c33d65cc421e797d77aacc12 Merged-In: I7e4c044a6a2afb48c33d65cc421e797d77aacc12	2024-02-27 04:22:31 +00:00
Seungjae Yoo	c3052c9ab0	Introduce vendor_microdroid_file for microdroid vendor image In AVF, virtualizationmanager checks the selinux label of given disk image for proving whether the given image is edited maliciously. Existing one(vendor_configs_file, /vendor/etc/*) was too wide to use for this purpose. Bug: 325709490 Bug: 285854379 Test: m Merged-In: I6c966c92b238a2262d2eb7f41041ed4c359e9e0a Change-Id: I6c966c92b238a2262d2eb7f41041ed4c359e9e0a (cherry picked from commit `d2a0892121`)	2024-02-23 11:36:29 +09:00
Changyeon Jo	d16bdc461f	[RESTRICT AUTOMERGE] Allow dumpstate to make binder IPC to automotive display service Bug: 280837170 Bug: 313360015 Test: atest android.security.cts.SELinuxHostTest#testNoBugreportDenials Change-Id: I8239ba23bb60b95e7dd07a4c8a99167f1e08192b (cherry picked from commit `152a2f1755`)	2024-02-13 05:16:32 +00:00
Inseob Kim	f447f4a624	Remove hal_face_service virtual entry Bug: 317187030 Test: TH Change-Id: I309eb8091532a88ecd0af354399437fec3bcfa25 Merged-In: I1f61b687be4abe53c62c21769fb57dc9cf9daf45	2024-01-30 10:08:04 +09:00
Inseob Kim	4a14ebeb3e	Remove vfio_handler entry Bug: 313817413 Test: TH Change-Id: I2f68b85f3b91e687eb1f885023d374869d0a7ce5 Merged-In: I5559dfca1a29852b65481c95f37edc9977ee9d7d	2023-12-14 18:06:19 +09:00
Treehugger Robot	5732cf8282	Merge "Introduce vendor_apex_metadata_file" into android14-tests-dev	2023-12-11 23:48:39 +00:00
Treehugger Robot	8deb864534	Merge "Making sys.boot.reason.last restricted" into android14-tests-dev	2023-12-06 12:53:05 +00:00
Jooyung Han	157848354e	Introduce vendor_apex_metadata_file A new label for ./apex_manifest.pb and ./ entries in vendor apexes. This is read-allowed by a few system components which need to read "apex" in general. For example, linkerconfig needs to read apex_manifest.pb from all apexes including vendor apexes. Previously, these entries were labelled as system_file even for vendor apexes. Bug: 285075529 Bug: 308058980 Test: m && launch_cvd Test: atest VendorApexHostTestsCases Change-Id: Icc234bf604e3cafe6da81d21db744abfaa524dcf Merged-In: Icc234bf604e3cafe6da81d21db744abfaa524dcf	2023-12-05 15:42:14 +11:00
Alexei Nicoara	c2af2e2ec4	Making sys.boot.reason.last restricted sys.boot.reason.last needs to be readable by SysUI to correctly display the reason why authentication is required to unlock the phone. Bug: 299327097 Bug: 308058980 Test: presubmit Change-Id: I9f83ade92858056609bc665ecb6ce9b93eb051e4 Merged-In: I9f83ade92858056609bc665ecb6ce9b93eb051e4	2023-12-05 14:56:03 +11:00
Jeff Pu	e0755e0d68	Add biometric face virtual hal service Bug: 228638448 Bug:313817413 Test: Manually following face virtual hal provisioning procedure Change-Id: I1f61b687be4abe53c62c21769fb57dc9cf9daf45 Merged-In: I1f61b687be4abe53c62c21769fb57dc9cf9daf45	2023-12-01 03:16:38 +00:00
Thiébaud Weksteen	efa4cf8469	Prebuilt updates am: `448968a6d1` am: `084b293596` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2848878 Change-Id: If8cc1dbc910cb2fec2d4996c1a2f8fef602472cc Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-11-29 06:56:58 +00:00
Thiébaud Weksteen	084b293596	Prebuilt updates am: `448968a6d1` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2848878 Change-Id: I991e63e36e9e680edfd21e4a20293ae779caffcb Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-11-29 06:25:40 +00:00
Yu-Ting Tseng	086e1f0eaa	Revert "Revert "SELinux policy changes for uprobe."" This reverts commit `e2bd44d48d`. Reason for revert: 2nd attempt to add the policy change Bug: 308058980 Test: m selinux_policy Change-Id: I5b9a102879a65917d496ba2194187ddd2b4545d1 Merged-In: I5b9a102879a65917d496ba2194187ddd2b4545d1	2023-11-29 06:12:36 +00:00
Thiébaud Weksteen	448968a6d1	Prebuilt updates Bug: 308058980 Test: m selinux_policy Change-Id: I23b2265340002b4b9f8d15ad0a8e8324aa0f94e1	2023-11-29 06:01:56 +00:00
Thiébaud Weksteen	fa2999a627	Revert^2 "Add permission for VFIO device binding" This reverts commit `c6227550f7`. Reason for revert: Faulty merging paths have been removed Change-Id: Icf56c2e977c5517af63e206a0090159e43dd71eb Merged-In: Ie947adff00d138426d4703cbb8e7a8cd429c2272	2023-11-21 02:18:30 +00:00
Thiébaud Weksteen	90945326cd	Revert "Prebuilt updates for aosp/2827450" am: `b460885e50` am: `c541c1eb80` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2830890 Change-Id: I6d5f197c9cb4a1728e0bd6bc9acf220f05ed05de Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-11-15 03:34:07 +00:00
Thiébaud Weksteen	c541c1eb80	Revert "Prebuilt updates for aosp/2827450" am: `b460885e50` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2830890 Change-Id: Ief55d435dff2e58e463d4498fb3cf5740af8d21d Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-11-15 03:02:23 +00:00
Thiébaud Weksteen	b460885e50	Revert "Prebuilt updates for aosp/2827450" This reverts commit `74ec7d8343`. Reason for revert: Tests are still failing Change-Id: Ic7dcd5fb4703cfe476f74835782b99d5848ed738	2023-11-14 23:37:47 +00:00
Sandro Montanari	8dab5407de	Prebuilt updates for aosp/2827450 am: `74ec7d8343` am: `20d6a0ec30` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2828198 Change-Id: I7780eb835be7dafc39865ac6446b416c7d96ed77 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-11-14 18:51:08 +00:00
Sandro Montanari	20d6a0ec30	Prebuilt updates for aosp/2827450 am: `74ec7d8343` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2828198 Change-Id: Idce3a100d6c6db0d90f21142baf1158185bd97e1 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-11-14 18:16:13 +00:00
Sandro Montanari	74ec7d8343	Prebuilt updates for aosp/2827450 Bug: 295861450 Test: presubmits Merged-In: I3d36a17697623f51618913d16ed4d3ea2ccf923b Change-Id: I3f031449457a7cf8912b17c3eac4b7aa82710d58	2023-11-14 15:07:54 +00:00
Inseob Kim	c6227550f7	Revert "Add permission for VFIO device binding" This reverts commit `901385f711`. Reason for revert: breaking build Change-Id: Ib936ca7c347b657b94bb44692cd0e9ceee5db55a Merged-In: Ie947adff00d138426d4703cbb8e7a8cd429c2272	2023-11-14 08:41:48 +00:00
Inseob Kim	901385f711	Add permission for VFIO device binding vfio_handler will bind platform devices to VFIO driver, and then return a file descriptor containing DTBO. This change adds permissions needed for that. Bug: 278008182 Bug: 308058980 Test: adb shell /apex/com.android.virt/bin/vm run-microdroid \ --devices /sys/bus/platform/devices/16d00000.eh --protected Change-Id: Ie947adff00d138426d4703cbb8e7a8cd429c2272 Merged-In: Ie947adff00d138426d4703cbb8e7a8cd429c2272 (cherry picked from commit `825056de9a`)	2023-11-14 01:56:24 +00:00
Rhed Jao	ebe1316695	Create sepolicy for allowing system_server rw in /metadata/repair-mode Bug: 277561275 Test: ls -all -Z /metadata/repair-mode Change-Id: Ie27b6ef377bb3503e87fbc5bb2446bc0de396123	2023-10-23 13:38:38 +11:00
Thiébaud Weksteen	642a37cf31	Update 34.0 prebuilts for gmscore_app am: `26b0676c04` am: `f71e64f518` am: `f23fbc9242` Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/24965007 Change-Id: I40810d10ef0ae524b427cdb2480139fc80ef0dac Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-10-06 11:01:21 +00:00
Thiébaud Weksteen	f23fbc9242	Update 34.0 prebuilts for gmscore_app am: `26b0676c04` am: `f71e64f518` Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/24965007 Change-Id: I88db0dd48363b77710701f64e09befa802155de1 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-10-06 10:27:06 +00:00
Thiébaud Weksteen	f71e64f518	Update 34.0 prebuilts for gmscore_app am: `26b0676c04` Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/24965007 Change-Id: I902e0afc48e14b22f415451386948f3b9eb969d3 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-10-06 09:50:55 +00:00
Thiébaud Weksteen	26b0676c04	Update 34.0 prebuilts for gmscore_app Bug: 303768123 Test: m selinux_policy Ignore-AOSP-First: prebuilts update only Change-Id: Iab041f3fa8d27f815c8fc1a21934216d1ad40917	2023-10-06 17:53:08 +11:00
wufei3	d2c42ca105	Add remaining attestation properties to selinux Add "ro.product.device_for_attestation" and "ro.product.manufacturer_for_attestation" prop to selinux permissions. Bug:294190893 Test: atest CtsKeystoreTestCases:android.keystore.cts.DeviceOwnerKeyManagementTest#testAllVariationsOfDeviceIdAttestation Signed-off-by: wufei3 <wufei3@xiaomi.corp-partner.google.com> (cherry picked from https://android-review.googlesource.com/q/commit:50a326d04af16a2c566f8e98726ad31e900955a1) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:258bdd7d6cf4110d51622903b833ec100965b43e) Merged-In: I71ee17ab59838680199acc9a7c209deba756f603 Change-Id: I71ee17ab59838680199acc9a7c209deba756f603	2023-09-08 18:16:22 +00:00
Treehugger Robot	c836bdb702	Merge "Use prebuilts for compat test if prebuilts exist" into main am: `6952d2f612` am: `8d022b888c` am: `11d5dd1de3` am: `7e45e06d5b` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2746580 Change-Id: I772b3412b14bc9ba69f8a98f77ddba0548a7729e Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-09-08 06:50:59 +00:00
Treehugger Robot	7e45e06d5b	Merge "Use prebuilts for compat test if prebuilts exist" into main am: `6952d2f612` am: `8d022b888c` am: `11d5dd1de3` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2746580 Change-Id: If59fceb48ced4fd37f3c672e48d847e8effc26b3 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-09-08 06:13:26 +00:00
Treehugger Robot	8d022b888c	Merge "Use prebuilts for compat test if prebuilts exist" into main am: `6952d2f612` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2746580 Change-Id: I920639164d6e304b50046a17506be2972ee1199f Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-09-08 05:18:40 +00:00
Inseob Kim	2aac33597d	Use prebuilts for compat test if prebuilts exist system/sepolicy should support both REL build and ToT build. That means that system/sepolicy and prebuilts may differ. As the frozen sepolicy is what vendor sepolicy uses, so we need to use prebuilts to run Treble compat test. Bug: 296875906 Test: m selinux_policy on REL Change-Id: I4b290266ba87e3f011d640bec133fc88359ea52f	2023-09-08 10:44:49 +09:00
Treehugger Robot	3149017ddb	Merge changes Ia2c07331,I93f0d222 into main am: `f476f5c8f1` am: `31406c242e` am: `0f0286303f` am: `332e63bee5` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2742356 Change-Id: I057521eaa91d120a5131ec0a86d8b43de6889f0a Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-09-07 10:43:34 +00:00
Treehugger Robot	332e63bee5	Merge changes Ia2c07331,I93f0d222 into main am: `f476f5c8f1` am: `31406c242e` am: `0f0286303f` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2742356 Change-Id: If45b9540924a95c8d91255920f565f51fa99dc9e Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-09-07 10:05:57 +00:00
Treehugger Robot	31406c242e	Merge changes Ia2c07331,I93f0d222 into main am: `f476f5c8f1` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2742356 Change-Id: If3a6af8553b6d645653ae38e898c3770b7dab868 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-09-07 09:14:47 +00:00
Inseob Kim	0d49b9bc28	Use only public cil files for Treble compat test Rationale for this change: 1) Vendors use only public files, so we should be able to use only public cil files for compatibility test. 2) treble_sepolicy_tests_for_release.mk is too complex, because it requires compiled sepolicy. Reducing the complexity will help migrate into REL build. 3) This fixes a tiny bug of treble_sepolicy_tests that it can't catch public types being moved to private types, and then removed. 29.0.cil and 30.0.cil change contains such missing public types. Bug: 296875906 Test: m selinux_policy (with/without intentional breakage) Change-Id: Ia2c0733176df898f268b5680195da25b588b09c7	2023-09-07 16:35:08 +09:00
Inseob Kim	5d7423ff3d	Build prebuilt policy with Soong ... and remove redundant Makefile codes. This also updates commit hook as we now only use Soong to build sepolicy. Bug: 296875906 Test: m selinux_policy Change-Id: I93f0d222a0c10e31c51c9380780a8927c47d62b1	2023-09-07 16:32:30 +09:00
Treehugger Robot	6c5dbcc0f5	Merge "Relax freeze_test to check only compatibility" into main am: `b316f8bf95` am: `d1710c749b` am: `a05b914242` am: `f64415ac50` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2737118 Change-Id: Ib391ca3a54b164945f61045b89bb798dbc03833e Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-09-05 08:39:44 +00:00
Treehugger Robot	f64415ac50	Merge "Relax freeze_test to check only compatibility" into main am: `b316f8bf95` am: `d1710c749b` am: `a05b914242` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2737118 Change-Id: I5bed312ebf4fb1dbf4a582e8db42528e0a300da7 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-09-05 08:02:22 +00:00
Treehugger Robot	d1710c749b	Merge "Relax freeze_test to check only compatibility" into main am: `b316f8bf95` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2737118 Change-Id: I575c28928e4c5690fc1b87ee09938cf0ed451476 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-09-05 07:06:46 +00:00
Inseob Kim	36d9d39e6e	Relax freeze_test to check only compatibility For now, freeze_test compares prebuilts against sources with diff, to ensure that sources are identical to prebuilts. However, it could be the case that the branch should be able to build both REL and ToT. In that case, changes to the sources are inevitable and the freeze test will fail. To fix the issue, freeze_test will now only check compatibility. To be specific, it will check if any public types or attributes are removed. Contexts files and neverallow rules are not checked, but they may be added later. Also to support the new freeze_test - build_files module is changed to use glob (because REL version won't be in compat versions list) - plat_pub_policy modules are added under prebuilts/api (because freeze_test needs that) Bug: 296875906 Test: m selinux_policy Change-Id: I39c40992965b98664facea3b760d9d6be1f6b87e	2023-09-05 03:37:18 +00:00
Xin Li	e07dbe0a63	Merge Android U (ab/10368041) Bug: 291102124 Merged-In: Id2cc5dbbafffb4633706e5cc728cb44abd417340 Change-Id: I77e68f17a1273958bcdc32b5a4b6a0ff3ffdfd2a	2023-08-23 17:20:59 -07:00
Alfred Piccioni	967f1d0e6c	Merge "Revert ntfs file context changes" into main am: `ee7e77ba63` am: `600d05a08e` am: `9bbd7edcf6` am: `22061e8600` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2722017 Change-Id: Ic527ba04b7775ec4bf6c2bfd4da7e9c4eaac1cdf Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-08-23 15:16:37 +00:00

1 2 3 4

193 commits