tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
35362 commits 1 branch 0 tags 50 MiB
Commit graph

8180 commits

Author SHA1 Message Date
Treehugger Robot
7b7a42e6cf Merge "bluetooth.device.class_of_device should be type string" 2022-02-04 00:38:52 +00:00
Seth Moore
a75cad0d0a Add remotely provisioned key pool se policy 
Keystore now hosts a native binder for the remotely provisioned key
pool, which is used to services such as credstore to lookup remotely
provisioned keys.

Add a new service context and include it in the keystore services.

Add a dependency on this new service for credstore. Also include a
credstore dependency on IRemotelyProvisionedComponent, as it's needed
to make use of the key pool.

Bug: 194696876
Test: CtsIdentityTestCases
Change-Id: I0fa71c5be79922a279eb1056305bbd3e8078116e
 2022-02-02 15:07:26 -08:00
Sal Savage
724381a97a bluetooth.device.class_of_device should be type string 
Bug: 217452259
Test: Manual, set property in system.prop, build, flash, make sure value
is reflected in getprop | grep bluetooth.device

Change-Id: Id4bfebb4da5bcd64ea4bac8e3c9e9754c96256c6
 2022-02-02 14:13:41 -08:00
Bart Van Assche
be3ff9b93a Grant system_app permission to access cgroup_v2 directories 
Without this change, the migration of the blkio controller to the cgroup
v2 hierarchy triggers the following denials:

01-31 19:00:59.086  4494  4494 I auditd  : type=1400 audit(0.0:7): avc: denied { write } for comm=4173796E635461736B202331 name="pid_4494" dev="cgroup2" ino=3545 scontext=u:r:system_app:s0 tcontext=u:object_r:cgroup_v2:s0 tclass=dir permissive=0
01-31 19:00:59.086  4494  4494 I auditd  : type=1400 audit(0.0:8): avc: denied { write } for comm=4173796E635461736B202331 name="pid_4494" dev="cgroup2" ino=3545 scontext=u:r:system_app:s0 tcontext=u:object_r:cgroup_v2:s0 tclass=dir permissive=0
01-31 19:00:59.086  4494  4494 I auditd  : type=1400 audit(0.0:7): avc: denied { write } for comm=4173796E635461736B202331 name="pid_4494" dev="cgroup2" ino=3545 scontext=u:r:system_app:s0 tcontext=u:object_r:cgroup_v2:s0 tclass=dir permissive=0
01-31 19:00:59.086  4494  4494 I auditd  : type=1400 audit(0.0:8): avc: denied { write } for comm=4173796E635461736B202331 name="pid_4494" dev="cgroup2" ino=3545 scontext=u:r:system_app:s0 tcontext=u:object_r:cgroup_v2:s0 tclass=dir permissive=0

Bug: 213617178
Test: Booted Android in the Cuttlefish emulator.
Change-Id: I20f136d5cd58fa4ebabbb5a328fc6001b11110d7
Signed-off-by: Bart Van Assche <bvanassche@google.com>
 2022-02-02 17:37:45 +00:00
Andrew Scull
7e07941d3d Merge changes I82f0c2ef,I013894de 
* changes:
  Let VirtualizationService access hypervisor properties
  Tag new hypervisor properties
 2022-02-02 13:54:11 +00:00
Andrew Scull
792b03ddb5 Let VirtualizationService access hypervisor properties 
VirtualizationService uses the properties to discover hypervisor
capabilities. Allow it access for this purpose.

Bug: 216639283
Test: build
Change-Id: I82f0c2ef30c8fb2eefcac1adf83531dd3917fdb8
 2022-02-02 13:53:50 +00:00
Lalit Maganti
fb9d097d03 Merge "sepolicy: Allow system domains to be profiled" 2022-02-02 12:04:38 +00:00
Andrew Walbran
48cf9591f6 Merge "virtualizationservice no longer tries to check for pKVM extension." 2022-02-02 09:08:18 +00:00
Andrew Scull
87ac3c3f80 Tag new hypervisor properties 
The properties that report hypervisor capabilities are grouped with the
other hypervisor properties for sepolicy.

Bug: 216639283
Test: buid
Change-Id: I013894de637bb7e40a450df6439ebbd5cba28c2b
 2022-02-01 18:17:10 +00:00
Andrew Walbran
2f27f96022 virtualizationservice no longer tries to check for pKVM extension. 
This was fixed in https://r.android.com/1963701, as it never worked.
This partially reverts commit 2dd48d0400.

Change-Id: I6e7096e20fd594465fb1574b11d6fecc82f5d82f
 2022-02-01 16:37:13 +00:00
Lalit Maganti
bb197bba02 sepolicy: Allow system domains to be profiled 
Bug: 217368496
Doc: go/field-tracing-t
Change-Id: Ie95c0cc2b1f9e8fa03f6112818936af692edf584
 2022-02-01 16:27:26 +00:00
Treehugger Robot
108fdbc5f7 Merge "Adds selinux rules for ICarDisplayProxy service" 2022-01-31 21:52:46 +00:00
Changyeon Jo
66eba13833 Adds selinux rules for ICarDisplayProxy service 
Bug: 170401743
Test: m -j selinux_policy
Change-Id: Idf3f09d0bcf24de18d6eddb05e51991b4c5edbe8
 2022-01-31 19:40:20 +00:00
Thiébaud Weksteen
79ff061802 Merge "Grant getpgid to system_server on zygote" 2022-01-30 21:59:04 +00:00
Huihong Luo
9b82051367 Merge "Migrate screenshot methods to AIDL" 2022-01-29 21:17:18 +00:00
Etienne Ruffieux
f3acf42a4c Merge "Bluetooth boot time start service" 2022-01-28 20:13:35 +00:00
Treehugger Robot
d3d214482f Merge "Move pf_key socket creation permission to system_server" 2022-01-28 19:01:36 +00:00
Robert Shih
d70f0af2bf Merge "Add sepolicy for DRM AIDL HAL" 2022-01-28 18:40:53 +00:00
Ken Chen
1aed006a77 Move pf_key socket creation permission to system_server 
Allow system_server to trigger the kernel synchronize rcu with open and
close pf_key socket. This action was previously done by netd but now
it need to be done by system_server instead because the handling code in
netd are moved to mainline module which will be loaded by system_server
in JNI mode.

Note: the permission will be removed from netd once all bpf interactions
have moved out of netd.

Bug: 202086915
Test: android.app.usage.cts.NetworkUsageStatsTest
      android.net.cts.TrafficStatsTest
Change-Id: I440e0c87193775115a9b9ffb19270c47b01b082e
 2022-01-28 17:12:51 +01:00
Etienne Ruffieux
cdd0c11743 Bluetooth boot time start service 
Added new sysprops to retrieve Bluetooth configs

Tag: #feature
Test: manual
Bug: 216497194
Change-Id: I94c771f87fdeb5497b81d2098193b4cd230654b6
 2022-01-28 14:44:15 +00:00
Lalit Maganti
34fb0d8933 Merge "sepolicy: add permissions for trace reporting" 2022-01-28 12:15:57 +00:00
Thiébaud Weksteen
6390b3f090 Grant getpgid to system_server on zygote 
Should system_server kill zygote on crashes, it will attempt to kill any
process in the same process group. This ensures that no untracked
children are left.

Bug: 216097542
Test: m selinux_policy
Change-Id: Ie16074f76e351d80d9f17be930a731f923f99835
 2022-01-28 13:47:20 +11:00
Treehugger Robot
27416257f3 Merge "Changes in SELinux Policy for cloudsearch API naming" 2022-01-28 01:45:02 +00:00
Hui Wu
42d24fd59d Changes in SELinux Policy for cloudsearch API naming 
Bug: 216507592
Test: Presubmit Tests
Change-Id: I5aa647d146cfea0b44efb4c247d9856e0666ea86
 2022-01-27 13:42:17 -08:00
Robert Shih
4968374205 Add sepolicy for DRM AIDL HAL 
Bug: 208486736
Test: atest VtsAidlHalDrmTargetTest
Change-Id: Ia2b1488a564d94384d183d30291fbf5a6d2df4ab
 2022-01-27 01:51:05 -08:00
Sal Savage
568662f953 Add sepolicy for new bluetooth device/profile sysprops 
Bug: 215225542
Test: make -j; atest BluetoothInstrumentationTests
Change-Id: Ia532eca413a778b46ea392586d7affc2fd43b90b
 2022-01-26 13:09:17 -08:00
Treehugger Robot
6003019fa8 Merge "Move mtectrl to private" 2022-01-26 09:30:59 +00:00
Inseob Kim
3bd63cc206 Move mtectrl to private 
Because mtectrl is a system internal domain, and we don't need to expose
the type to vendor.

Test: build and boot
Change-Id: Idb5c4a4c6f175e338722971944bf08ba99835476
 2022-01-26 08:59:55 +09:00
Florian Mayer
0f30f3d8ff Merge "[mte] add property to globally enable mte." 2022-01-25 23:59:01 +00:00
Treehugger Robot
fabaac131a Merge "Delete more unused policies by CompOS" 2022-01-25 20:54:41 +00:00
Florian Mayer
be3197c996 [mte] add property to globally enable mte. 
Bug: 216305376

Change-Id: I25d0b3c9d0e7e6bba14eedf9b833c5e07786ec71
 2022-01-25 17:21:58 +00:00
Victor Hsieh
ea38d6925d Delete more unused policies by CompOS 
Bug: 205750213
Test: TH
Change-Id: Ie08465e8801a74d61f85715e85a856293c4232d5
 2022-01-25 08:40:46 -08:00
Etienne Ruffieux
0a19dbdcd3 Merge "Added new context declaration for Bluetooth configs" 2022-01-25 14:00:08 +00:00
Seth Moore
883c50c443 Merge "Add keystore2 permission to get attestation keys" 2022-01-25 13:11:34 +00:00
Treehugger Robot
d9befdb685 Merge "Add use_bionic_libs macro" 2022-01-25 04:37:07 +00:00
Paul Hu
415a2f9b58 Merge "Add sepolicy for mdns service" 2022-01-25 02:35:42 +00:00
Maciej Żenczykowski
fa7683c9ad Merge "Allow bpfloader to execute btfloader" 2022-01-25 02:31:59 +00:00
Etienne Ruffieux
bde2fc6c48 Added new context declaration for Bluetooth configs 
As we need to create new sysprops for Bluetooth mainline
configs, we need to have a property context available to
vendors and be able to access configs from other packages.

Tag: #feature
Bug: 211570675
Test: Added overlays and logs
Change-Id: If9c61f251578b61c070619069519e0aa563a9573
 2022-01-25 01:18:05 +00:00
Hunsuk Choi
5c27113222 Merge "Combining hal_radio_*_service into hal_radio_service" 2022-01-25 00:49:58 +00:00
Jiyong Park
16c1ae3a3d Add use_bionic_libs macro 
... to dedupe rules for allowing access to bootstrap bionic libraries.

Bug: N/A
Test: m
Change-Id: I575487416a356c22f5f06f1713032f11d979d7d4
 2022-01-25 09:47:56 +09:00
Yabin Cui
40d41f7639 Merge "Add sepolicy for simpleperf_boot." 2022-01-25 00:29:09 +00:00
Treehugger Robot
9acd00484b Merge "Fix virtualizationservice denials" 2022-01-25 00:26:11 +00:00
Hunsuk Choi
7938201cbb Combining hal_radio_*_service into hal_radio_service 
Test: build and flash
Bug: 198331673
Change-Id: Id5d699ffc77f708e2144ffea6d2a6805822e7f50
 2022-01-24 19:42:42 +00:00
paulhu
70b0a77ee0 Add sepolicy for mdns service 
mdns service is a subset of netd-provided services, so it gets
the same treatment as netd_service or dnsresolver_service

Bug: 209894875
Test: built, flashed, booted
Change-Id: I33de769c4fff41e816792a34015a70f89e4b8a8c
 2022-01-25 00:50:21 +08:00
Treehugger Robot
7423beb1bd Merge "Remove system/bin/clatd from clatd_exec" 2022-01-23 13:25:16 +00:00
George Chang
95113bbbed Merge "Add hal_nfc_service" 2022-01-22 01:46:41 +00:00
Sharon Su
0cd7ba7617 Merge "Change in SELinux Policy for wallpaper effects generation API. Test: presubmit tests" 2022-01-22 00:06:00 +00:00
Treehugger Robot
c23930818d Merge "Add sepolicy for IInputProcessor HAL" 2022-01-21 22:45:52 +00:00
Kathy Chen
082263f3bc SELinux policy changes for AmbientContext system API. 
Context about this is on ag/16302285

Test: Ensure no build failures, ensure no SecurityException on boot
Bug: 192476579
Change-Id: If5ba2fa41975acf91c0002a0f301da11eaebd6d2
 2022-01-21 20:12:54 +00:00
Treehugger Robot
158927ed5c Merge "Add selinux policy for new BinaryTransparencyService" 2022-01-21 19:10:31 +00:00
Hungming Chen
740b0669f0 Remove system/bin/clatd from clatd_exec 
Since clatd is shipped by mainline module, remove the following privs
/system/bin/clatd      u:object_r:clatd_exec:s0

Test: build
Change-Id: Id98470fc5e641acc7e5635af02a520d2ed531cd8
 2022-01-21 18:19:05 +00:00
Florian Mayer
06337c4260 Merge "Add policy for command line tool to control MTE boot state." 2022-01-21 18:11:00 +00:00
Treehugger Robot
439f17558c Merge "Allow system_server read and open access to sys/class/net." 2022-01-21 14:47:52 +00:00
Treehugger Robot
f53bb875bb Merge "Add Bluetooth Audio HAL rules" 2022-01-21 14:40:12 +00:00
Alan Stokes
8a881c14bf Fix virtualizationservice denials 
Allow logging to statsd - see
commit 3ffa832c6325bc9640baea66192e4e2c64349bc8.

Allow ioctl on /dev/kvm (allowxperm isn't enough) - see
commit 2dd48d0400.

Ignore spurious errors on /proc/fd/1 when running derive_classpath - see
commit 3fad86bb8a.

This fixes these denials:
avc: denied { write } for name="statsdw" dev="tmpfs" ino=984 scontext=u:r:virtualizationservice:s0 tcontext=u:object_r:statsdw_socket:s0 tclass=sock_file permissive=0
avc: denied { ioctl } for path="/dev/kvm" dev="tmpfs" ino=766 ioctlcmd=0xae03 scontext=u:r:virtualizationservice:s0 tcontext=u:object_r:kvm_device:s0 tclass=chr_file permissive=0
avc: denied { write } for name="fd" dev="proc" ino=63285 scontext=u:r:virtualizationservice:s0 tcontext=u:r:virtualizationservice:s0 tclass=dir permissive=0

Bug: 209008347
Bug: 210472252
Bug: 210803811
Test: Start VM, don't see denials.
Change-Id: I4c67746c1312553ee1155098ac27fc0d46c6f521
 2022-01-21 13:44:38 +00:00
Treehugger Robot
e939178d89 Merge "clatd: remove spurious privs" 2022-01-21 11:46:55 +00:00
Sharon Su
cedde105ae Change in SELinux Policy for wallpaper effects generation API. 
Test: presubmit tests

Change-Id: I02f9545376534d1570cfa270dfe15c9df6f81d47
 2022-01-21 09:28:49 +00:00
Wayne Ma
27abad0dc8 Allow system_server read and open access to sys/class/net. 
system_server needs search/read/open access to the directory.
This change gives system_server permissions to fetching the
information from sys/class/net.

Bug: 202086915
Test: build, flash, boot
Change-Id: I7b245510efbc99427f3491c9234c45c8cc18fea1
 2022-01-21 03:20:10 +00:00
Siarhei Vishniakou
c655bece6a Add sepolicy for IInputProcessor HAL 
This sepolicy is needed so that the vendor can launch a new HAL process,
and then this HAL process could join the servicemanager as an impl for
IInputProcessor. This HAL will be used to contain the previous impl of
InputClassifier and also new features that we are going to add.

Bug: 210158587
Test: use together with a HAL implementation, make sure HAL runs
Change-Id: I476c215ad622ea18b4ce5cba9c07ae3257a65817
 2022-01-20 23:40:05 +00:00
Badhri Jagan Sridharan
c887ea3965 Add selinux rules for android.hardware.usb.IUsb AIDL migration 
Covers the rules needed for the default AIDL implementation.

Bug: 200993386
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: Ib152d12686e225e3c1074295a70c624a5115e9bd
 2022-01-20 23:03:26 +00:00
Treehugger Robot
85387aa219 Merge "Remove odrefresh privileges no longer needed for CompOS" 2022-01-20 20:45:43 +00:00
Florian Mayer
23173455ab Add policy for command line tool to control MTE boot state. 
Bug: 206895651

Change-Id: I2e84193668dcdf24bde1c7e12b3cfd8a03954a16
 2022-01-20 17:30:09 +00:00
John Reck
423f4c7e93 Merge "Add IAllocator stable-aidl" 2022-01-20 17:05:56 +00:00
George Chang
0ddfebb4e1 Add hal_nfc_service 
Bug: 204868826
Test: atest VtsAidlHalNfcTargetTest
Change-Id: If01d1d0a74f5c787805d3744772d40a7aa7db9cb
 2022-01-20 03:48:57 +00:00
Billy Lau
8bb3ed7451 Add selinux policy for new BinaryTransparencyService 
Bug: 197684182

Test: Manually verified that BinaryTransparencyService is correctly
started and running.

Change-Id: I4eaf5698dd2edb428205afcd57c22502d56d2ec2
 2022-01-19 14:45:45 -08:00
Victor Hsieh
2413e27cc6 Merge "Remove compos_internal_service" 2022-01-19 21:53:03 +00:00
Huihong Luo
9f2638913d Migrate screenshot methods to AIDL 
A new service, SurfaceFlingerAIDL, is added to surfaceflinger during
the process of mirgrating ISurfaceComposer interface to AIDL.
Once migration is complete, this service will be deleted.

Bug: 211037638
Test: screencap

Change-Id: I0e41700b1af1f482cda6a6d6c67b057553485cfd
 2022-01-19 10:21:19 -08:00
Josh Wu
759b4ef0df Add Bluetooth Audio HAL rules 
Test: manual
Bug: 203490261
Change-Id: Ic9994cdb8ed690996d83b46cfefbc228e35d34c3
 2022-01-19 01:32:42 -08:00
Connor O'Brien
dbe2684322 Allow bpfloader to execute btfloader 
btfloader is a standalone binary that receives a path to a bpf .o file
from bpfloader, parses & loads the BTF type info from the file, passes
BTF info back to bpfloader & exits. Include it in bpfloader's domain &
grant bpfloader permission to run it.

Bug: 203823368
Test: build & boot, bpfloader successfully executes btfloader
Signed-off-by: Connor O'Brien <connoro@google.com>
Change-Id: Ia08776a90763a8477d9f3e393d5d723b88a3176f
 2022-01-18 23:02:47 -08:00
John Reck
22903f0435 Add IAllocator stable-aidl 
Test: Builds & boots; no sepolicy errors logged
Bug: 193558894
Change-Id: I11e162310548b67addc032ccc0d499cbf391e7f9
 2022-01-18 19:40:26 -05:00
Seth Moore
7e95d22296 Add keystore2 permission to get attestation keys 
Contexts must have this permission to fetch remotely provisioned
attestation key blobs. It is expected that only credstore will have
this permission.

Test: manual, build and run cuttlefish
Bug: 194696876
Change-Id: Ieebd552129bc8be6b8831ec2e38eb6bda522b216
 2022-01-18 16:17:45 -08:00
John Wu
ce225f8bfb Merge "Add keystore2 LIST permission to system_server" 2022-01-19 00:05:29 +00:00
Victor Hsieh
88d93b984a Remove odrefresh privileges no longer needed for CompOS 
Bug: 210998077
Test: m; TH
Change-Id: I4188a52c42ede9fb248b889596b91c965696fb2d
 2022-01-18 12:56:27 -08:00
Victor Hsieh
6f6815efde Remove compos_internal_service 
Bug: 210998077
Test: m; TH
Change-Id: Id3c7fcab56de5f71b00e21bd53829b2471e07d77
 2022-01-18 12:51:55 -08:00
Paul Thomson
4c834adc0a Add additional sepolicy rules for gpuservice 
Allow gpuservice to access read/write BPF maps.

Bug: b/213577594
Change-Id: I487754c008a53819715a6bfc5da10182d87de413
 2022-01-17 16:34:03 +00:00
Andrew Walbran
a0b12be876 Merge "Allow crosvm to mlock VM memory." 2022-01-17 11:58:08 +00:00
Hungming Chen
7f4a2ab9fe clatd: remove spurious privs 
Since the clatd has some code cleanup, these privs are not required
anymore.

Bug: 212345928
Test: manual test
1. Connect to ipv6-only wifi.
2. Try IPv4 traffic.
   $ ping 8.8.8.8

Change-Id: Ib801a190f9c14ee488bc77a43ac59c78c44773ab
 2022-01-16 14:28:57 +08:00
Yabin Cui
f17fb4270c Add sepolicy for simpleperf_boot. 
simpleperf_boot is the secontext used to run simpleperf from init,
to generate boot-time profiles.

Bug: 214731005
Test: run simpleperf manually
Change-Id: I6f37515681f4963faf84cb1059a8d5845c2fe5a5
 2022-01-15 16:12:51 -08:00
Treehugger Robot
e646c94505 Merge "Add sepolicy for logd and logcat services" am: d6a5b604ce am: 47f5daf227 am: 75852fc484 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1948849

Change-Id: I88b72c854112c6ef91cb4c08f997e03bb818fabc
 2022-01-14 21:31:45 +00:00
Treehugger Robot
d6a5b604ce Merge "Add sepolicy for logd and logcat services" 2022-01-14 20:44:35 +00:00
Nikita Ioffe
f2814d13d9 Merge "Move allow rules from public/app.te to private/app.te" am: 52e44e8022 am: b5e83ea3cf am: a30e3c50df 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1949596

Change-Id: I20dfbdee289aa328219b1a7f20caad386f6898ff
 2022-01-14 18:37:09 +00:00
Nikita Ioffe
52e44e8022 Merge "Move allow rules from public/app.te to private/app.te" 2022-01-14 17:47:29 +00:00
Andrew Walbran
ed82cc82be Allow crosvm to mlock VM memory. 
Bug: 204298056
Change-Id: I5b00273ffa37d4c1ea2f26bb40822abd0d094d90
 2022-01-14 13:47:05 +00:00
Akilesh Kailash
20cc7e22c7 Merge "New property to control Async I/O for snapuserd" am: 9de6ad61ff am: f3262f89ef am: 5a333c328c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1936919

Change-Id: Iafd1a572298d93c5c050d1a1ccfd2e2cc986f81d
 2022-01-14 00:58:34 +00:00
Akilesh Kailash
9de6ad61ff Merge "New property to control Async I/O for snapuserd" 2022-01-14 00:06:23 +00:00
Nikita Ioffe
269e7cfc51 Move allow rules from public/app.te to private/app.te 
Allow rules in public/*.te can only reference types defined in
public/*.te files. This can be quite cumbersome in cases a rule needs to
be updated to reference a type that is only defined in private/*.te.

This change moves all the allow rules from public/app.te to
private/app.te to make it possible to reference private types in the
allow rules.

Bug: 211761016
Test: m
Test: presubmit
Change-Id: I0c4a3f1ef568bbfdfb2176869fcd92ee648617fa
Merged-In: I0c4a3f1ef568bbfdfb2176869fcd92ee648617fa
 2022-01-13 22:56:14 +00:00
John Wu
cd5cf383f1 Add keystore2 LIST permission to system_server 
This is required for listing all key aliases of other APP domains' keys
in order to migrate keys on behalf of the updated app by PMS.

Test: builds
Bug: 211665859
Change-Id: I541fb81e6186288a1e852ce60882651f838e36dc
 2022-01-13 14:26:28 -08:00
Wenhao Wang
6a656c0b67 Add sepolicy for logd and logcat services 
The logd binder service is on logd side.
The logcat binder service is on system_server side.
These two binder services facilitate the binder RPC
between logd and system_server.

Bug: 197901557
Test: manual
Change-Id: I5f08bbb44a88dc72302331ab11c7d54f94db16ac
 2022-01-13 11:38:43 -08:00
Akilesh Kailash
5c5fd255d2 New property to control Async I/O for snapuserd 
io_uring_setup() system call requires ipc_lock.

(avc: denied { ipc_lock } for comm="snapuserd" capability=14 scontext=u:r:snapuserd:s0 tcontext=u:r:snapuserd:s0 tclass=capability permissive=0)

Add selinux policy.

Bug: 202784286
Test: OTA tests
Signed-off-by: Akilesh Kailash <akailash@google.com>
Change-Id: I806714c7ade0a5d4821b061396c9f064ee5ed8b6
 2022-01-13 06:27:46 +00:00
Jeremy Meyer
81670747b9 Merge "Add resources_manager_service" am: 0f72360b2f am: bebb429e43 am: 4833a09ba8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1944288

Change-Id: I87d82d23a76eb297cc797d6a451e97acb27b0f1e
 2022-01-12 21:35:19 +00:00
Jeremy Meyer
0f72360b2f Merge "Add resources_manager_service" 2022-01-12 20:41:28 +00:00
Yabin Cui
f09314ba84 Restrict write access to etm sysfs interface. am: 927d7a752b am: f288523c0c am: f8a7b98ff6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1945414

Change-Id: Ic0d7cb272cd972b85632d071a800d403986c6b1a
 2022-01-12 18:51:24 +00:00
Yabin Cui
927d7a752b Restrict write access to etm sysfs interface. 
Bug: 213519191
Test: boot device
Change-Id: I40d110baea5593a597efa3c14fd0adecee23fc0f
 2022-01-11 14:12:52 -08:00
Jeremy Meyer
d8a3c2b156 Add resources_manager_service 
Test: manual, calling the service with `adb shell cmd` works
Bug: 206615535
Change-Id: I8d3b945f6abff352991446e5d88e5a535a7f9ccf
 2022-01-10 23:03:42 +00:00
Michael Rosenfeld
f964ce2aeb Merge "Allow the shell to disable charging." am: 30aace3ebe am: bd58116534 am: dea57851db 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1899603

Change-Id: I9a31175cface1004efc6c6c4797533b142395b5a
 2022-01-10 22:53:37 +00:00
Florian Mayer
26f18902d4 Merge "[MTE] Allow system_app to write memtag property." am: 11db93a15b am: 4cb849bc8f am: b59cf00842 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1931217

Change-Id: Iddfe8df9b46bb85ddc489cb7ba1f06d7214e2e8e
 2022-01-10 22:53:13 +00:00
Michael Rosenfeld
30aace3ebe Merge "Allow the shell to disable charging." 2022-01-10 22:18:49 +00:00
Florian Mayer
11db93a15b Merge "[MTE] Allow system_app to write memtag property." 2022-01-10 21:12:02 +00:00
Michael Rosenfeld
5425c870f9 Allow the shell to disable charging. 
Bug: 204184680
Test: manual and through instrumentation
Change-Id: I1fe9b35d51140eccba9c05c956875c512de447b1
 2022-01-10 10:36:01 -08:00
Florian Mayer
39f29f758e [MTE] Allow system_app to write memtag property. 
Bug: 206895651
Change-Id: I6463965c094b9b3c4f3f70929a09e109ee9c84b9
 2022-01-07 11:39:10 -08:00
Treehugger Robot
77297a2015 Merge "Allow VS to run derive_classpath" am: 46680d001f am: a3723d7061 am: 7c16b6a2c7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1934974

Change-Id: I91d7abce3155575dc5b811c40aa0043a305d8d21
 2022-01-07 09:52:35 +00:00
Treehugger Robot
46680d001f Merge "Allow VS to run derive_classpath" 2022-01-07 09:11:08 +00:00
Xinyi Zhou
38da50d9ba Merge "Allow system app to find NearbyManager" am: b6a6ff20ef am: ee85803987 am: 82606f8c6b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1937217

Change-Id: Ie56ef6e1598d3c733584db6c7c4cda56ffa7f4c5
 2022-01-06 20:22:21 +00:00
Xinyi Zhou
b6a6ff20ef Merge "Allow system app to find NearbyManager" 2022-01-06 19:28:05 +00:00
Alan Stokes
3fad86bb8a Allow VS to run derive_classpath 
We run it in our domain since it requires fairly minimal access.

Bug: 210472252
Test: atest virtualizationservice_device_test
Test: composd_cmd test-compile
Change-Id: Ia770cd38bda67f79f56549331d3a36d7979a5d5b
 2022-01-06 15:58:59 +00:00
Josh Yang
12daae5d79 Merge "Label /data/bootanim with bootanim_data_file." am: 0d721a105f am: 85cb406b59 am: 3e9883668f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1933017

Change-Id: I0cec046e72cf1f8c331f270425d73c5c385c4819
 2022-01-06 04:01:28 +00:00
Josh Yang
0d721a105f Merge "Label /data/bootanim with bootanim_data_file." 2022-01-06 03:17:58 +00:00
Treehugger Robot
f5fb14c0be Merge "Allow untrusted apps to access incidentcompanion" am: f650c54ee1 am: 5e310aa786 am: 9edd7274c4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1913754

Change-Id: I3fd2066ddd912a8b03c3bc2eb715e050c508837f
 2022-01-05 22:08:12 +00:00
Treehugger Robot
f650c54ee1 Merge "Allow untrusted apps to access incidentcompanion" 2022-01-05 21:10:55 +00:00
Xinyi Zhou
e9857ab5cf Allow system app to find NearbyManager 
Bug: 189954300
Test: -build, flash, boot
Change-Id: Ia21b10213311b0639f320b559e78963d562f30a3
 2022-01-05 11:57:44 -08:00
Lalit Maganti
b549e2d837 sepolicy: add permissions for trace reporting 
Bug: 205892741
Change-Id: I1b6b2ebeae99ca6a9725f24564386cea78403c6d
 2022-01-04 14:02:20 +00:00
Treehugger Robot
3c03397821 Merge "Allow composd to delete ART staging files" am: 3a7e19c3d4 am: 87e317d603 am: b8386e1027 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1925960

Change-Id: I7a1fdfc7b86f8b3da065f4ce6a6faabf9edc396b
 2022-01-04 11:43:29 +00:00
Andrew Walbran
3d0e9e4857 Merge "Add comment explaining why crosvm shouldn't be allowed to open files." am: d020fc05f3 am: 0ae5a68417 am: 9508489a72 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1925961

Change-Id: Ia8cea576cc80d5dbdc00e53f40308143f847c379
 2022-01-04 11:43:20 +00:00
Treehugger Robot
3a7e19c3d4 Merge "Allow composd to delete ART staging files" 2022-01-04 11:13:55 +00:00
Andrew Walbran
d020fc05f3 Merge "Add comment explaining why crosvm shouldn't be allowed to open files." 2022-01-04 10:40:23 +00:00
Alan Stokes
ce6e2987de Allow composd to delete ART staging files 
If the directory is non-empty when we start we need to delete
everything in it, but didn't have enough access:

avc: denied { getattr } for
path="/data/misc/apexdata/com.android.art/staging/boot-framework.art"
dev="dm-37" ino=57755 scontext=u:r:composd:s0
tcontext=u:object_r:apex_art_staging_data_file:s0 tclass=file
permissive=0

Bug: 205750213
Test: create files in staging/, composd_cmd test-compile
Change-Id: I3a66db7f5fbff82abcf547cb1c2b24e9c53ab158
 2022-01-04 09:14:05 +00:00
Jiyong Park
2ce78c5735 Merge "Allow virtualizationservice to check for PKVM extension" am: 0878ac4c47 am: 32c7795f17 am: d06a7c1749 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1934161

Change-Id: Ic3f7eca0ad39e1d56017314ab29abcc4074c86fa
 2022-01-03 09:51:24 +00:00
Jiyong Park
0878ac4c47 Merge "Allow virtualizationservice to check for PKVM extension" 2022-01-03 09:30:05 +00:00
Jiyong Park
2dd48d0400 Allow virtualizationservice to check for PKVM extension 
Bug: 210803811
Test: watch TH for all our tests
Change-Id: Iac4528fa2a0dbebeca4504469624f50832689f43
 2022-01-03 14:59:58 +09:00
Maciej Żenczykowski
389fc497d0 Merge "[NC#3] clatd: remove raw and packet socket creation privs" am: 0f1b55ee24 am: 7d517a3712 am: b2425a8e56 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1903467

Change-Id: I2b3b6af74e202b53dbf3c9c343b83576511d81bb
 2021-12-30 20:06:44 +00:00
Maciej Żenczykowski
0f1b55ee24 Merge "[NC#3] clatd: remove raw and packet socket creation privs" 2021-12-30 19:50:00 +00:00
Inseob Kim
9d7e9a3491 Merge "Allow app to get dck_prop" 2021-12-28 01:55:30 +00:00
Treehugger Robot
8bf0d2c1dc Merge "Make surface_flinger_native_boot_prop a system_restricted_prop for ADPF" am: 96c5222c94 am: 6cd97931e3 am: be132f1e8a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1931900

Change-Id: If86a0c21131caf2fe880f82ee514e2da969639b6
 2021-12-28 01:41:32 +00:00
Treehugger Robot
96c5222c94 Merge "Make surface_flinger_native_boot_prop a system_restricted_prop for ADPF" 2021-12-28 00:54:22 +00:00
Matt Buckley
964c68b02d Make surface_flinger_native_boot_prop a system_restricted_prop for ADPF 
Test: manual
Bug: b/195990840
Change-Id: Icb758c48a1faa8901a1d2c2c442451c42fc3b5b1
 2021-12-27 18:24:12 +00:00
Andrew Walbran
8191dc07cc Add comment explaining why crosvm shouldn't be allowed to open files. 
Bug: 192453819
Test: No code change
Change-Id: Iebaa1db2e8eed81122e64999ef58b728e1bf95cc
 2021-12-24 13:13:53 +00:00
Thierry Strudel
aa383c8bd3 Allow app to get dck_prop am: f4e3b06683 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/16530469

Change-Id: I87df425d523b3ed82abf5560cb63543287471222
 2021-12-24 06:51:28 +00:00
Thierry Strudel
195149fcf8 Allow app to get dck_prop 
Bug: 208742539
Test: gts-tradefed run gts -m GtsDckTestCases --log-level-display DEBUG
Merged-In: Ie3f7c54805b9947fd43fe5118fd4808b4744664d
Signed-off-by: Thierry Strudel <tstrudel@google.com>
Change-Id: Ie3f7c54805b9947fd43fe5118fd4808b4744664d
 2021-12-24 06:50:53 +00:00
Thierry Strudel
f4e3b06683 Allow app to get dck_prop 
Ignore-AOSP-First: Touches prebuilts/api/32.0/private/app.te
Bug: 208742539
Test: gts-tradefed run gts -m GtsDckTestCases --log-level-display DEBUG
Signed-off-by: Thierry Strudel <tstrudel@google.com>
Change-Id: Ie3f7c54805b9947fd43fe5118fd4808b4744664d
 2021-12-24 06:22:31 +00:00
Josh Yang
1d967dd697 Label /data/bootanim with bootanim_data_file. 
Bug: 16529906
Test: /data/bootanim is labeled correctly. BootAnimation can access this
folder.

Change-Id: Ic6a438d7a139b4864c4795dcac613cb819a81631
 2021-12-23 15:00:31 -08:00
Devin Moore
6026ac4077 Merge "Add policy for new AIDL IR hal" am: 4f85138c08 am: 4e044e5893 am: 570c442620 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1886401

Change-Id: Id1f7af95e63981f4ae420e9ffe8959411dfb6a44
 2021-12-22 22:20:10 +00:00
Devin Moore
4f85138c08 Merge "Add policy for new AIDL IR hal" 2021-12-22 21:44:17 +00:00
Hui Wu
82f06faacd Merge "Changes in SELinux Policy for cloudsearch API" am: c66fb7aefc am: 39e16393b7 am: 9f75793c0f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1927577

Change-Id: I209b092bc400731a61847c5aa3852815888a6a1d
 2021-12-17 04:06:19 +00:00
Hui Wu
c66fb7aefc Merge "Changes in SELinux Policy for cloudsearch API" 2021-12-17 03:04:08 +00:00
Treehugger Robot
5fe9254482 Merge "zygote: Add setattr permission to cgroup" am: d831f2a2f5 am: ea5fa49446 am: 334d3c7c85 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1927857

Change-Id: I6c3858322dcac0ab8a738179aea6780e469dc639
 2021-12-17 01:13:21 +00:00
Treehugger Robot
d831f2a2f5 Merge "zygote: Add setattr permission to cgroup" 2021-12-17 00:10:25 +00:00
Greg Kaiser
ed71842c6d zygote: Add setattr permission to cgroup 
Credit to Himanshu Agrawal <quic_hagraw@quicinc.com> for this fix.

Like we do with cgroup_v2, we set attribute permission to cgroup
as well.

Test: On a Go device, which uses cgroup instead of cgroup_v2
Bug: 211037424
Change-Id: I5d58c9f549d205f1a8bdce6c5fba1cc833f2b492
Merged-In: I5d58c9f549d205f1a8bdce6c5fba1cc833f2b492
 2021-12-16 22:55:34 +00:00
Victor Hsieh
19ec555037 Merge "Allow composd to delete odrefresh target files" am: 5601d70743 am: e642210a9a am: 969b41347c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1927358

Change-Id: Id416af36683f735562b74122ee27af9357ced964
 2021-12-16 22:40:40 +00:00
Greg Kaiser
f62ef0d798 zygote: Add setattr permission to cgroup 
Credit to Himanshu Agrawal <quic_hagraw@quicinc.com> for this fix.

Like we do with cgroup_v2, we set attribute permission to cgroup
as well.

Test: On a Go device, which uses cgroup instead of cgroup_v2
Bug: 209933729
Change-Id: I5d58c9f549d205f1a8bdce6c5fba1cc833f2b492
 2021-12-16 14:14:29 -08:00
Victor Hsieh
5601d70743 Merge "Allow composd to delete odrefresh target files" 2021-12-16 21:45:43 +00:00
Treehugger Robot
01aca6282a Merge "Add apexd_payload_metadata_prop" am: a6d6b6aee8 am: a4e0ed83dc am: ebd1ff5b25 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1885013

Change-Id: I04921eee21ea7a5f1020c83ed560dd811d0562d4
 2021-12-16 20:46:04 +00:00
Devin Moore
978b9e5d1c Add policy for new AIDL IR hal 
IR interface is converted to AIDL and this contains the necessary
permissions for the default service to serve the interface.

Test: atest VtsHalIrTargetTest hal_implementation_test
Test: check for permission issues after tests
Bug: 205000342
Change-Id: I8d9d81d957bf6ef3c6d815ce089549f8f5337555
 2021-12-16 20:24:27 +00:00
Hui Wu
f3e29c7066 Changes in SELinux Policy for cloudsearch API 
Bug: 210528288
Test: Presubmit Tests

Change-Id: I344d28a95bf7d466620fced9cc85b50bbfcd1947
 2021-12-16 19:31:53 +00:00
Alan Stokes
2914610f17 Allow composd to delete odrefresh target files 
We need to remove any existing files (and the directory) to allow
odrefresh in the VM to re-create them via authfs.

But we don't need, and shouldn't have, any other access to them.

Bug: 210460516
Test: composd_cmd async-odrefresh
Change-Id: Iaafe33934146a6b8dda7c28cc1239c2eed167379
 2021-12-16 16:24:56 +00:00
Ramji Jiyani
dec6b44ee4 Merge "Add selinux context for /system_dlkm" am: e3f20ee1e6 am: aaa5919f26 am: 5efbce0fa1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1899605

Change-Id: Ia23423b9cc4e45ff8fc65e9b1ac987a945bd5896
 2021-12-16 03:39:05 +00:00
Richard Fung
0c7c2679b0 Add apexd_payload_metadata_prop 
This should be read-only and corresponds to apexd.payload_metadata.path

Bug: 191097666
Test: android-sh -c 'setprop apexd.payload_metadata.path'
See permission denied
atest MicrodroidHostTestCases

Change-Id: Ifcb7da1266769895974d4fef86139bad5891a4ec
 2021-12-16 03:00:06 +00:00
Ramji Jiyani
e3f20ee1e6 Merge "Add selinux context for /system_dlkm" 2021-12-16 02:41:25 +00:00
Etienne Ruffieux
6b40b2a548 Merge "Adding Bluetooth module sysprop" am: ac45ef86f5 am: b24560a1a3 am: 409e13a954 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1924341

Change-Id: I90173e9518b4c9ca9197e943bad3d97fd6604798
 2021-12-15 20:33:32 +00:00
Etienne Ruffieux
ac45ef86f5 Merge "Adding Bluetooth module sysprop" 2021-12-15 19:14:41 +00:00
Etienne Ruffieux
9203c915d1 Adding Bluetooth module sysprop 
Added Bluetooth sysprop to be able to remove calls to
SystemProperty.set in Bluetooth module.

Tag: #feature
Bug: 197210455
Test: set/get sysprop with SystemProperties
Merged-In: I8070a493fa082ddaa16cd793ed25ad99971950c0
Change-Id: Ia390bd8b3bb064fcae252edb6307e26f07bd53e7
 2021-12-15 13:44:33 +00:00