tequilaOS/platform_system_sepolicy

Author	SHA1	Message	Date
Hungming Chen	740b0669f0	Remove system/bin/clatd from clatd_exec Since clatd is shipped by mainline module, remove the following privs /system/bin/clatd u:object_r:clatd_exec:s0 Test: build Change-Id: Id98470fc5e641acc7e5635af02a520d2ed531cd8	2022-01-21 18:19:05 +00:00
Florian Mayer	06337c4260	Merge "Add policy for command line tool to control MTE boot state."	2022-01-21 18:11:00 +00:00
Treehugger Robot	439f17558c	Merge "Allow system_server read and open access to sys/class/net."	2022-01-21 14:47:52 +00:00
Treehugger Robot	f53bb875bb	Merge "Add Bluetooth Audio HAL rules"	2022-01-21 14:40:12 +00:00
Alan Stokes	8a881c14bf	Fix virtualizationservice denials Allow logging to statsd - see commit 3ffa832c6325bc9640baea66192e4e2c64349bc8. Allow ioctl on /dev/kvm (allowxperm isn't enough) - see commit `2dd48d0400`. Ignore spurious errors on /proc/fd/1 when running derive_classpath - see commit `3fad86bb8a`. This fixes these denials: avc: denied { write } for name="statsdw" dev="tmpfs" ino=984 scontext=u:r:virtualizationservice:s0 tcontext=u:object_r:statsdw_socket:s0 tclass=sock_file permissive=0 avc: denied { ioctl } for path="/dev/kvm" dev="tmpfs" ino=766 ioctlcmd=0xae03 scontext=u:r:virtualizationservice:s0 tcontext=u:object_r:kvm_device:s0 tclass=chr_file permissive=0 avc: denied { write } for name="fd" dev="proc" ino=63285 scontext=u:r:virtualizationservice:s0 tcontext=u:r:virtualizationservice:s0 tclass=dir permissive=0 Bug: 209008347 Bug: 210472252 Bug: 210803811 Test: Start VM, don't see denials. Change-Id: I4c67746c1312553ee1155098ac27fc0d46c6f521	2022-01-21 13:44:38 +00:00
Treehugger Robot	e939178d89	Merge "clatd: remove spurious privs"	2022-01-21 11:46:55 +00:00
Sharon Su	cedde105ae	Change in SELinux Policy for wallpaper effects generation API. Test: presubmit tests Change-Id: I02f9545376534d1570cfa270dfe15c9df6f81d47	2022-01-21 09:28:49 +00:00
Wayne Ma	27abad0dc8	Allow system_server read and open access to sys/class/net. system_server needs search/read/open access to the directory. This change gives system_server permissions to fetching the information from sys/class/net. Bug: 202086915 Test: build, flash, boot Change-Id: I7b245510efbc99427f3491c9234c45c8cc18fea1	2022-01-21 03:20:10 +00:00
Siarhei Vishniakou	c655bece6a	Add sepolicy for IInputProcessor HAL This sepolicy is needed so that the vendor can launch a new HAL process, and then this HAL process could join the servicemanager as an impl for IInputProcessor. This HAL will be used to contain the previous impl of InputClassifier and also new features that we are going to add. Bug: 210158587 Test: use together with a HAL implementation, make sure HAL runs Change-Id: I476c215ad622ea18b4ce5cba9c07ae3257a65817	2022-01-20 23:40:05 +00:00
Badhri Jagan Sridharan	c887ea3965	Add selinux rules for android.hardware.usb.IUsb AIDL migration Covers the rules needed for the default AIDL implementation. Bug: 200993386 Signed-off-by: Badhri Jagan Sridharan <badhri@google.com> Change-Id: Ib152d12686e225e3c1074295a70c624a5115e9bd	2022-01-20 23:03:26 +00:00
Treehugger Robot	85387aa219	Merge "Remove odrefresh privileges no longer needed for CompOS"	2022-01-20 20:45:43 +00:00
Florian Mayer	23173455ab	Add policy for command line tool to control MTE boot state. Bug: 206895651 Change-Id: I2e84193668dcdf24bde1c7e12b3cfd8a03954a16	2022-01-20 17:30:09 +00:00
John Reck	423f4c7e93	Merge "Add IAllocator stable-aidl"	2022-01-20 17:05:56 +00:00
George Chang	0ddfebb4e1	Add hal_nfc_service Bug: 204868826 Test: atest VtsAidlHalNfcTargetTest Change-Id: If01d1d0a74f5c787805d3744772d40a7aa7db9cb	2022-01-20 03:48:57 +00:00
Billy Lau	8bb3ed7451	Add selinux policy for new BinaryTransparencyService Bug: 197684182 Test: Manually verified that BinaryTransparencyService is correctly started and running. Change-Id: I4eaf5698dd2edb428205afcd57c22502d56d2ec2	2022-01-19 14:45:45 -08:00
Victor Hsieh	2413e27cc6	Merge "Remove compos_internal_service"	2022-01-19 21:53:03 +00:00
Huihong Luo	9f2638913d	Migrate screenshot methods to AIDL A new service, SurfaceFlingerAIDL, is added to surfaceflinger during the process of mirgrating ISurfaceComposer interface to AIDL. Once migration is complete, this service will be deleted. Bug: 211037638 Test: screencap Change-Id: I0e41700b1af1f482cda6a6d6c67b057553485cfd	2022-01-19 10:21:19 -08:00
Josh Wu	759b4ef0df	Add Bluetooth Audio HAL rules Test: manual Bug: 203490261 Change-Id: Ic9994cdb8ed690996d83b46cfefbc228e35d34c3	2022-01-19 01:32:42 -08:00
Connor O'Brien	dbe2684322	Allow bpfloader to execute btfloader btfloader is a standalone binary that receives a path to a bpf .o file from bpfloader, parses & loads the BTF type info from the file, passes BTF info back to bpfloader & exits. Include it in bpfloader's domain & grant bpfloader permission to run it. Bug: 203823368 Test: build & boot, bpfloader successfully executes btfloader Signed-off-by: Connor O'Brien <connoro@google.com> Change-Id: Ia08776a90763a8477d9f3e393d5d723b88a3176f	2022-01-18 23:02:47 -08:00
John Reck	22903f0435	Add IAllocator stable-aidl Test: Builds & boots; no sepolicy errors logged Bug: 193558894 Change-Id: I11e162310548b67addc032ccc0d499cbf391e7f9	2022-01-18 19:40:26 -05:00
Seth Moore	7e95d22296	Add keystore2 permission to get attestation keys Contexts must have this permission to fetch remotely provisioned attestation key blobs. It is expected that only credstore will have this permission. Test: manual, build and run cuttlefish Bug: 194696876 Change-Id: Ieebd552129bc8be6b8831ec2e38eb6bda522b216	2022-01-18 16:17:45 -08:00
John Wu	ce225f8bfb	Merge "Add keystore2 LIST permission to system_server"	2022-01-19 00:05:29 +00:00
Victor Hsieh	88d93b984a	Remove odrefresh privileges no longer needed for CompOS Bug: 210998077 Test: m; TH Change-Id: I4188a52c42ede9fb248b889596b91c965696fb2d	2022-01-18 12:56:27 -08:00
Victor Hsieh	6f6815efde	Remove compos_internal_service Bug: 210998077 Test: m; TH Change-Id: Id3c7fcab56de5f71b00e21bd53829b2471e07d77	2022-01-18 12:51:55 -08:00
Paul Thomson	4c834adc0a	Add additional sepolicy rules for gpuservice Allow gpuservice to access read/write BPF maps. Bug: b/213577594 Change-Id: I487754c008a53819715a6bfc5da10182d87de413	2022-01-17 16:34:03 +00:00
Andrew Walbran	a0b12be876	Merge "Allow crosvm to mlock VM memory."	2022-01-17 11:58:08 +00:00
Hungming Chen	7f4a2ab9fe	clatd: remove spurious privs Since the clatd has some code cleanup, these privs are not required anymore. Bug: 212345928 Test: manual test 1. Connect to ipv6-only wifi. 2. Try IPv4 traffic. $ ping 8.8.8.8 Change-Id: Ib801a190f9c14ee488bc77a43ac59c78c44773ab	2022-01-16 14:28:57 +08:00
Yabin Cui	f17fb4270c	Add sepolicy for simpleperf_boot. simpleperf_boot is the secontext used to run simpleperf from init, to generate boot-time profiles. Bug: 214731005 Test: run simpleperf manually Change-Id: I6f37515681f4963faf84cb1059a8d5845c2fe5a5	2022-01-15 16:12:51 -08:00
Treehugger Robot	e646c94505	Merge "Add sepolicy for logd and logcat services" am: `d6a5b604ce` am: `47f5daf227` am: `75852fc484` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1948849 Change-Id: I88b72c854112c6ef91cb4c08f997e03bb818fabc	2022-01-14 21:31:45 +00:00
Treehugger Robot	d6a5b604ce	Merge "Add sepolicy for logd and logcat services"	2022-01-14 20:44:35 +00:00
Nikita Ioffe	f2814d13d9	Merge "Move allow rules from public/app.te to private/app.te" am: `52e44e8022` am: `b5e83ea3cf` am: `a30e3c50df` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1949596 Change-Id: I20dfbdee289aa328219b1a7f20caad386f6898ff	2022-01-14 18:37:09 +00:00
Nikita Ioffe	52e44e8022	Merge "Move allow rules from public/app.te to private/app.te"	2022-01-14 17:47:29 +00:00
Andrew Walbran	ed82cc82be	Allow crosvm to mlock VM memory. Bug: 204298056 Change-Id: I5b00273ffa37d4c1ea2f26bb40822abd0d094d90	2022-01-14 13:47:05 +00:00
Akilesh Kailash	20cc7e22c7	Merge "New property to control Async I/O for snapuserd" am: `9de6ad61ff` am: `f3262f89ef` am: `5a333c328c` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1936919 Change-Id: Iafd1a572298d93c5c050d1a1ccfd2e2cc986f81d	2022-01-14 00:58:34 +00:00
Akilesh Kailash	9de6ad61ff	Merge "New property to control Async I/O for snapuserd"	2022-01-14 00:06:23 +00:00
Nikita Ioffe	269e7cfc51	Move allow rules from public/app.te to private/app.te Allow rules in public/.te can only reference types defined in public/.te files. This can be quite cumbersome in cases a rule needs to be updated to reference a type that is only defined in private/*.te. This change moves all the allow rules from public/app.te to private/app.te to make it possible to reference private types in the allow rules. Bug: 211761016 Test: m Test: presubmit Change-Id: I0c4a3f1ef568bbfdfb2176869fcd92ee648617fa Merged-In: I0c4a3f1ef568bbfdfb2176869fcd92ee648617fa	2022-01-13 22:56:14 +00:00
John Wu	cd5cf383f1	Add keystore2 LIST permission to system_server This is required for listing all key aliases of other APP domains' keys in order to migrate keys on behalf of the updated app by PMS. Test: builds Bug: 211665859 Change-Id: I541fb81e6186288a1e852ce60882651f838e36dc	2022-01-13 14:26:28 -08:00
Wenhao Wang	6a656c0b67	Add sepolicy for logd and logcat services The logd binder service is on logd side. The logcat binder service is on system_server side. These two binder services facilitate the binder RPC between logd and system_server. Bug: 197901557 Test: manual Change-Id: I5f08bbb44a88dc72302331ab11c7d54f94db16ac	2022-01-13 11:38:43 -08:00
Akilesh Kailash	5c5fd255d2	New property to control Async I/O for snapuserd io_uring_setup() system call requires ipc_lock. (avc: denied { ipc_lock } for comm="snapuserd" capability=14 scontext=u:r:snapuserd:s0 tcontext=u:r:snapuserd:s0 tclass=capability permissive=0) Add selinux policy. Bug: 202784286 Test: OTA tests Signed-off-by: Akilesh Kailash <akailash@google.com> Change-Id: I806714c7ade0a5d4821b061396c9f064ee5ed8b6	2022-01-13 06:27:46 +00:00
Jeremy Meyer	81670747b9	Merge "Add resources_manager_service" am: `0f72360b2f` am: `bebb429e43` am: `4833a09ba8` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1944288 Change-Id: I87d82d23a76eb297cc797d6a451e97acb27b0f1e	2022-01-12 21:35:19 +00:00
Jeremy Meyer	0f72360b2f	Merge "Add resources_manager_service"	2022-01-12 20:41:28 +00:00
Yabin Cui	f09314ba84	Restrict write access to etm sysfs interface. am: `927d7a752b` am: `f288523c0c` am: `f8a7b98ff6` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1945414 Change-Id: Ic0d7cb272cd972b85632d071a800d403986c6b1a	2022-01-12 18:51:24 +00:00
Yabin Cui	927d7a752b	Restrict write access to etm sysfs interface. Bug: 213519191 Test: boot device Change-Id: I40d110baea5593a597efa3c14fd0adecee23fc0f	2022-01-11 14:12:52 -08:00
Jeremy Meyer	d8a3c2b156	Add resources_manager_service Test: manual, calling the service with `adb shell cmd` works Bug: 206615535 Change-Id: I8d3b945f6abff352991446e5d88e5a535a7f9ccf	2022-01-10 23:03:42 +00:00
Michael Rosenfeld	f964ce2aeb	Merge "Allow the shell to disable charging." am: `30aace3ebe` am: `bd58116534` am: `dea57851db` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1899603 Change-Id: I9a31175cface1004efc6c6c4797533b142395b5a	2022-01-10 22:53:37 +00:00
Florian Mayer	26f18902d4	Merge "[MTE] Allow system_app to write memtag property." am: `11db93a15b` am: `4cb849bc8f` am: `b59cf00842` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1931217 Change-Id: Iddfe8df9b46bb85ddc489cb7ba1f06d7214e2e8e	2022-01-10 22:53:13 +00:00
Michael Rosenfeld	30aace3ebe	Merge "Allow the shell to disable charging."	2022-01-10 22:18:49 +00:00
Florian Mayer	11db93a15b	Merge "[MTE] Allow system_app to write memtag property."	2022-01-10 21:12:02 +00:00
Michael Rosenfeld	5425c870f9	Allow the shell to disable charging. Bug: 204184680 Test: manual and through instrumentation Change-Id: I1fe9b35d51140eccba9c05c956875c512de447b1	2022-01-10 10:36:01 -08:00
Florian Mayer	39f29f758e	[MTE] Allow system_app to write memtag property. Bug: 206895651 Change-Id: I6463965c094b9b3c4f3f70929a09e109ee9c84b9	2022-01-07 11:39:10 -08:00
Treehugger Robot	77297a2015	Merge "Allow VS to run derive_classpath" am: `46680d001f` am: `a3723d7061` am: `7c16b6a2c7` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1934974 Change-Id: I91d7abce3155575dc5b811c40aa0043a305d8d21	2022-01-07 09:52:35 +00:00
Treehugger Robot	46680d001f	Merge "Allow VS to run derive_classpath"	2022-01-07 09:11:08 +00:00
Xinyi Zhou	38da50d9ba	Merge "Allow system app to find NearbyManager" am: `b6a6ff20ef` am: `ee85803987` am: `82606f8c6b` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1937217 Change-Id: Ie56ef6e1598d3c733584db6c7c4cda56ffa7f4c5	2022-01-06 20:22:21 +00:00
Xinyi Zhou	b6a6ff20ef	Merge "Allow system app to find NearbyManager"	2022-01-06 19:28:05 +00:00
Alan Stokes	3fad86bb8a	Allow VS to run derive_classpath We run it in our domain since it requires fairly minimal access. Bug: 210472252 Test: atest virtualizationservice_device_test Test: composd_cmd test-compile Change-Id: Ia770cd38bda67f79f56549331d3a36d7979a5d5b	2022-01-06 15:58:59 +00:00
Josh Yang	12daae5d79	Merge "Label /data/bootanim with bootanim_data_file." am: `0d721a105f` am: `85cb406b59` am: `3e9883668f` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1933017 Change-Id: I0cec046e72cf1f8c331f270425d73c5c385c4819	2022-01-06 04:01:28 +00:00
Josh Yang	0d721a105f	Merge "Label /data/bootanim with bootanim_data_file."	2022-01-06 03:17:58 +00:00
Treehugger Robot	f5fb14c0be	Merge "Allow untrusted apps to access incidentcompanion" am: `f650c54ee1` am: `5e310aa786` am: `9edd7274c4` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1913754 Change-Id: I3fd2066ddd912a8b03c3bc2eb715e050c508837f	2022-01-05 22:08:12 +00:00
Treehugger Robot	f650c54ee1	Merge "Allow untrusted apps to access incidentcompanion"	2022-01-05 21:10:55 +00:00
Xinyi Zhou	e9857ab5cf	Allow system app to find NearbyManager Bug: 189954300 Test: -build, flash, boot Change-Id: Ia21b10213311b0639f320b559e78963d562f30a3	2022-01-05 11:57:44 -08:00
Lalit Maganti	b549e2d837	sepolicy: add permissions for trace reporting Bug: 205892741 Change-Id: I1b6b2ebeae99ca6a9725f24564386cea78403c6d	2022-01-04 14:02:20 +00:00
Treehugger Robot	3c03397821	Merge "Allow composd to delete ART staging files" am: `3a7e19c3d4` am: `87e317d603` am: `b8386e1027` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1925960 Change-Id: I7a1fdfc7b86f8b3da065f4ce6a6faabf9edc396b	2022-01-04 11:43:29 +00:00
Andrew Walbran	3d0e9e4857	Merge "Add comment explaining why crosvm shouldn't be allowed to open files." am: `d020fc05f3` am: `0ae5a68417` am: `9508489a72` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1925961 Change-Id: Ia8cea576cc80d5dbdc00e53f40308143f847c379	2022-01-04 11:43:20 +00:00
Treehugger Robot	3a7e19c3d4	Merge "Allow composd to delete ART staging files"	2022-01-04 11:13:55 +00:00
Andrew Walbran	d020fc05f3	Merge "Add comment explaining why crosvm shouldn't be allowed to open files."	2022-01-04 10:40:23 +00:00
Alan Stokes	ce6e2987de	Allow composd to delete ART staging files If the directory is non-empty when we start we need to delete everything in it, but didn't have enough access: avc: denied { getattr } for path="/data/misc/apexdata/com.android.art/staging/boot-framework.art" dev="dm-37" ino=57755 scontext=u:r:composd:s0 tcontext=u:object_r:apex_art_staging_data_file:s0 tclass=file permissive=0 Bug: 205750213 Test: create files in staging/, composd_cmd test-compile Change-Id: I3a66db7f5fbff82abcf547cb1c2b24e9c53ab158	2022-01-04 09:14:05 +00:00
Jiyong Park	2ce78c5735	Merge "Allow virtualizationservice to check for PKVM extension" am: `0878ac4c47` am: `32c7795f17` am: `d06a7c1749` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1934161 Change-Id: Ic3f7eca0ad39e1d56017314ab29abcc4074c86fa	2022-01-03 09:51:24 +00:00
Jiyong Park	0878ac4c47	Merge "Allow virtualizationservice to check for PKVM extension"	2022-01-03 09:30:05 +00:00
Jiyong Park	2dd48d0400	Allow virtualizationservice to check for PKVM extension Bug: 210803811 Test: watch TH for all our tests Change-Id: Iac4528fa2a0dbebeca4504469624f50832689f43	2022-01-03 14:59:58 +09:00
Maciej Żenczykowski	389fc497d0	Merge "[NC#3] clatd: remove raw and packet socket creation privs" am: `0f1b55ee24` am: `7d517a3712` am: `b2425a8e56` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1903467 Change-Id: I2b3b6af74e202b53dbf3c9c343b83576511d81bb	2021-12-30 20:06:44 +00:00
Maciej Żenczykowski	0f1b55ee24	Merge "[NC#3] clatd: remove raw and packet socket creation privs"	2021-12-30 19:50:00 +00:00
Inseob Kim	9d7e9a3491	Merge "Allow app to get dck_prop"	2021-12-28 01:55:30 +00:00
Treehugger Robot	8bf0d2c1dc	Merge "Make surface_flinger_native_boot_prop a system_restricted_prop for ADPF" am: `96c5222c94` am: `6cd97931e3` am: `be132f1e8a` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1931900 Change-Id: If86a0c21131caf2fe880f82ee514e2da969639b6	2021-12-28 01:41:32 +00:00
Treehugger Robot	96c5222c94	Merge "Make surface_flinger_native_boot_prop a system_restricted_prop for ADPF"	2021-12-28 00:54:22 +00:00
Matt Buckley	964c68b02d	Make surface_flinger_native_boot_prop a system_restricted_prop for ADPF Test: manual Bug: b/195990840 Change-Id: Icb758c48a1faa8901a1d2c2c442451c42fc3b5b1	2021-12-27 18:24:12 +00:00
Andrew Walbran	8191dc07cc	Add comment explaining why crosvm shouldn't be allowed to open files. Bug: 192453819 Test: No code change Change-Id: Iebaa1db2e8eed81122e64999ef58b728e1bf95cc	2021-12-24 13:13:53 +00:00
Thierry Strudel	aa383c8bd3	Allow app to get dck_prop am: `f4e3b06683` Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/16530469 Change-Id: I87df425d523b3ed82abf5560cb63543287471222	2021-12-24 06:51:28 +00:00
Thierry Strudel	195149fcf8	Allow app to get dck_prop Bug: 208742539 Test: gts-tradefed run gts -m GtsDckTestCases --log-level-display DEBUG Merged-In: Ie3f7c54805b9947fd43fe5118fd4808b4744664d Signed-off-by: Thierry Strudel <tstrudel@google.com> Change-Id: Ie3f7c54805b9947fd43fe5118fd4808b4744664d	2021-12-24 06:50:53 +00:00
Thierry Strudel	f4e3b06683	Allow app to get dck_prop Ignore-AOSP-First: Touches prebuilts/api/32.0/private/app.te Bug: 208742539 Test: gts-tradefed run gts -m GtsDckTestCases --log-level-display DEBUG Signed-off-by: Thierry Strudel <tstrudel@google.com> Change-Id: Ie3f7c54805b9947fd43fe5118fd4808b4744664d	2021-12-24 06:22:31 +00:00
Josh Yang	1d967dd697	Label /data/bootanim with bootanim_data_file. Bug: 16529906 Test: /data/bootanim is labeled correctly. BootAnimation can access this folder. Change-Id: Ic6a438d7a139b4864c4795dcac613cb819a81631	2021-12-23 15:00:31 -08:00
Devin Moore	6026ac4077	Merge "Add policy for new AIDL IR hal" am: `4f85138c08` am: `4e044e5893` am: `570c442620` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1886401 Change-Id: Id1f7af95e63981f4ae420e9ffe8959411dfb6a44	2021-12-22 22:20:10 +00:00
Devin Moore	4f85138c08	Merge "Add policy for new AIDL IR hal"	2021-12-22 21:44:17 +00:00
Hui Wu	82f06faacd	Merge "Changes in SELinux Policy for cloudsearch API" am: `c66fb7aefc` am: `39e16393b7` am: `9f75793c0f` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1927577 Change-Id: I209b092bc400731a61847c5aa3852815888a6a1d	2021-12-17 04:06:19 +00:00
Hui Wu	c66fb7aefc	Merge "Changes in SELinux Policy for cloudsearch API"	2021-12-17 03:04:08 +00:00
Treehugger Robot	5fe9254482	Merge "zygote: Add setattr permission to cgroup" am: `d831f2a2f5` am: `ea5fa49446` am: `334d3c7c85` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1927857 Change-Id: I6c3858322dcac0ab8a738179aea6780e469dc639	2021-12-17 01:13:21 +00:00
Treehugger Robot	d831f2a2f5	Merge "zygote: Add setattr permission to cgroup"	2021-12-17 00:10:25 +00:00
Greg Kaiser	ed71842c6d	zygote: Add setattr permission to cgroup Credit to Himanshu Agrawal <quic_hagraw@quicinc.com> for this fix. Like we do with cgroup_v2, we set attribute permission to cgroup as well. Test: On a Go device, which uses cgroup instead of cgroup_v2 Bug: 211037424 Change-Id: I5d58c9f549d205f1a8bdce6c5fba1cc833f2b492 Merged-In: I5d58c9f549d205f1a8bdce6c5fba1cc833f2b492	2021-12-16 22:55:34 +00:00
Victor Hsieh	19ec555037	Merge "Allow composd to delete odrefresh target files" am: `5601d70743` am: `e642210a9a` am: `969b41347c` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1927358 Change-Id: Id416af36683f735562b74122ee27af9357ced964	2021-12-16 22:40:40 +00:00
Greg Kaiser	f62ef0d798	zygote: Add setattr permission to cgroup Credit to Himanshu Agrawal <quic_hagraw@quicinc.com> for this fix. Like we do with cgroup_v2, we set attribute permission to cgroup as well. Test: On a Go device, which uses cgroup instead of cgroup_v2 Bug: 209933729 Change-Id: I5d58c9f549d205f1a8bdce6c5fba1cc833f2b492	2021-12-16 14:14:29 -08:00
Victor Hsieh	5601d70743	Merge "Allow composd to delete odrefresh target files"	2021-12-16 21:45:43 +00:00
Treehugger Robot	01aca6282a	Merge "Add apexd_payload_metadata_prop" am: `a6d6b6aee8` am: `a4e0ed83dc` am: `ebd1ff5b25` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1885013 Change-Id: I04921eee21ea7a5f1020c83ed560dd811d0562d4	2021-12-16 20:46:04 +00:00
Devin Moore	978b9e5d1c	Add policy for new AIDL IR hal IR interface is converted to AIDL and this contains the necessary permissions for the default service to serve the interface. Test: atest VtsHalIrTargetTest hal_implementation_test Test: check for permission issues after tests Bug: 205000342 Change-Id: I8d9d81d957bf6ef3c6d815ce089549f8f5337555	2021-12-16 20:24:27 +00:00
Hui Wu	f3e29c7066	Changes in SELinux Policy for cloudsearch API Bug: 210528288 Test: Presubmit Tests Change-Id: I344d28a95bf7d466620fced9cc85b50bbfcd1947	2021-12-16 19:31:53 +00:00
Alan Stokes	2914610f17	Allow composd to delete odrefresh target files We need to remove any existing files (and the directory) to allow odrefresh in the VM to re-create them via authfs. But we don't need, and shouldn't have, any other access to them. Bug: 210460516 Test: composd_cmd async-odrefresh Change-Id: Iaafe33934146a6b8dda7c28cc1239c2eed167379	2021-12-16 16:24:56 +00:00
Ramji Jiyani	dec6b44ee4	Merge "Add selinux context for /system_dlkm" am: `e3f20ee1e6` am: `aaa5919f26` am: `5efbce0fa1` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1899605 Change-Id: Ia23423b9cc4e45ff8fc65e9b1ac987a945bd5896	2021-12-16 03:39:05 +00:00
Richard Fung	0c7c2679b0	Add apexd_payload_metadata_prop This should be read-only and corresponds to apexd.payload_metadata.path Bug: 191097666 Test: android-sh -c 'setprop apexd.payload_metadata.path' See permission denied atest MicrodroidHostTestCases Change-Id: Ifcb7da1266769895974d4fef86139bad5891a4ec	2021-12-16 03:00:06 +00:00
Ramji Jiyani	e3f20ee1e6	Merge "Add selinux context for /system_dlkm"	2021-12-16 02:41:25 +00:00
Etienne Ruffieux	6b40b2a548	Merge "Adding Bluetooth module sysprop" am: `ac45ef86f5` am: `b24560a1a3` am: `409e13a954` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1924341 Change-Id: I90173e9518b4c9ca9197e943bad3d97fd6604798	2021-12-15 20:33:32 +00:00
Etienne Ruffieux	ac45ef86f5	Merge "Adding Bluetooth module sysprop"	2021-12-15 19:14:41 +00:00
Etienne Ruffieux	9203c915d1	Adding Bluetooth module sysprop Added Bluetooth sysprop to be able to remove calls to SystemProperty.set in Bluetooth module. Tag: #feature Bug: 197210455 Test: set/get sysprop with SystemProperties Merged-In: I8070a493fa082ddaa16cd793ed25ad99971950c0 Change-Id: Ia390bd8b3bb064fcae252edb6307e26f07bd53e7	2021-12-15 13:44:33 +00:00
Treehugger Robot	bd22ea499a	Merge "Allow compos_fd_server to create artifacts" am: `afc596f8f8` am: `29a90d33cb` am: `3ad3f0b50c` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1922442 Change-Id: If6cea92ebaccb027cab762722b8fd3351ca73dbe	2021-12-15 12:08:07 +00:00
Treehugger Robot	afc596f8f8	Merge "Allow compos_fd_server to create artifacts"	2021-12-15 11:09:24 +00:00
Treehugger Robot	497884ce80	Merge "Add rule for new gesture_prop." am: `ac9f469ff0` am: `29be9a0edf` am: `f3ece72da2` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1918579 Change-Id: I95521666de397326e70f296aa8abaf71ba77d388	2021-12-15 05:53:21 +00:00
Treehugger Robot	ac9f469ff0	Merge "Add rule for new gesture_prop."	2021-12-15 05:03:42 +00:00
Super Liu	078141a921	Add rule for new gesture_prop. Bug: 209713977 Bug: 193467627 Test: local build and manual check. Signed-off-by: Super Liu <supercjliu@google.com> Change-Id: Ib1d2d6dcc7d6ddc6243c806a883d9252d7c081af	2021-12-15 09:32:01 +08:00
Jeff Vander Stoep	13fb51ea0b	Policy for using Apex sepolicy am: `bc0fa66cbe` am: `00573254ac` am: `f8dfd28b19` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1907858 Change-Id: Iaa5cbfb4efa17e048fd93167e6da9a77ef20b43e	2021-12-14 19:03:58 +00:00
Alan Stokes	8dc7800578	Allow compos_fd_server to create artifacts Previously this was always done by odrefresh. But now we are running odrefresh in the VM we need to allow FD server to do it as its proxy. Bug: 209572241 Bug: 209572296 Test: composd_cmd forced-oderefresh Change-Id: I4bc10d6a3ec73789721a0541f04dd7e3865fe826	2021-12-14 16:06:31 +00:00
Jeff Vander Stoep	bc0fa66cbe	Policy for using Apex sepolicy Bug: 199914227 Test: aosp/1910032 Change-Id: I0726facbf0c28c486ef6501718a6013a040e4b0e	2021-12-14 13:54:03 +01:00
Treehugger Robot	9412cfc810	Merge "[NC#2] clatd: allow clatd access raw and packet socket inherited from netd" am: `7c5faaf3d2` am: `8d35437e6a` am: `f419c0e3a4` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1903466 Change-Id: I12e337664f09b7661ad63f9824f0918a37c7b9de	2021-12-13 09:01:54 +00:00
Treehugger Robot	7c5faaf3d2	Merge "[NC#2] clatd: allow clatd access raw and packet socket inherited from netd"	2021-12-13 08:16:26 +00:00
Treehugger Robot	2880a5cd82	Merge "Add hal_vehicle_service for AIDL VHAL service." am: `885bc3ca66` am: `e197d7519c` am: `908395f200` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1914197 Change-Id: I255ad9d053d2a217ec03d06b48229d2c337adfd8	2021-12-11 01:58:30 +00:00
Treehugger Robot	885bc3ca66	Merge "Add hal_vehicle_service for AIDL VHAL service."	2021-12-11 00:49:12 +00:00
Hungming Chen	e544438399	[NC#3] clatd: remove raw and packet socket creation privs Don't need these permission anymore because the raw and packet socket setup are moved from clatd to netd. Test: manual test 1. Connect to ipv6-only wifi. 2. Try IPv4 traffic. $ ping 8.8.8.8 Change-Id: I07d890df2d1b8d9c1736aa5e6dc36add4f46345b	2021-12-10 20:42:27 +08:00
Hungming Chen	cef08e5d58	[NC#2] clatd: allow clatd access raw and packet socket inherited from netd Needed because the raw and packet socket setup are moved from clatd to netd. Netd pass the configured raw and packet sockets to clatd. clatd needs the permission to access inherited objects. Test: manual test 1. Connect to ipv6-only wifi. 2. Try IPv4 traffic. $ ping 8.8.8.8 Test: Change-Id: If6479f815a37f56715d7650c714202fcc1ec466b	2021-12-10 20:42:00 +08:00
Joanne Chung	89a1a242a9	Add rule for new system service am: `eed1918f7f` am: `f9637630c6` am: `025b236f3b` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1891636 Change-Id: I1352ed54f8968e191e25a2a40b291d111d691a89	2021-12-10 09:46:02 +00:00
Joanne Chung	eed1918f7f	Add rule for new system service Update policy for new system service, used for Apps to present the toolbar UI. Bug: 190030331 Bug: 205822301 Test: manual. Can boot to home and get manager successfully. Change-Id: Iee88681a93ae272a90896ccd2a6b64c26c809e82	2021-12-10 13:30:55 +08:00
Treehugger Robot	12ac324619	Merge "[NC#1] netd: allow netd to setup packet socket for clatd" am: `f128becfa4` am: `14c5d92e83` am: `ac796a4553` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1903465 Change-Id: I265b83cb1e900cbf69a60bd00f79aec731efa621	2021-12-10 05:24:11 +00:00
Treehugger Robot	f128becfa4	Merge "[NC#1] netd: allow netd to setup packet socket for clatd"	2021-12-10 04:33:13 +00:00
Yi-yo Chiang	a01429ce0b	Merge "Add system_ext_userdebug_plat_sepolicy.cil for GSI" into sc-v2-dev	2021-12-10 04:05:11 +00:00
Treehugger Robot	e1a8cb87f1	Merge "Add charger_vendor type" am: `0ce3e70c84` am: `9f386d408d` am: `246b50221e` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1870393 Change-Id: I4730ed60e8eff5bbf29400a5be15d8c921c32953	2021-12-10 03:17:56 +00:00
Treehugger Robot	0ce3e70c84	Merge "Add charger_vendor type"	2021-12-10 02:16:55 +00:00
Treehugger Robot	bad60fa933	Merge "sepolicy: Fix potential avc denials" am: `69faf0b8d1` am: `0dda08cf20` am: `1a22e0fc5b` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1903290 Change-Id: I1df09ecb1ff7fac41ca0e1965b30b29d828d5741	2021-12-08 08:16:08 +00:00
Yu Shan	78be3081e7	Add hal_vehicle_service for AIDL VHAL service. Add selinux policy for AIDL Vehicel HAL service. This CL mostly follows https://android-review.googlesource.com/c/platform/system/sepolicy/+/1541205/. Test: Manually test on emulator, verify AIDL VHAL service is up and accessible by client. Bug: 209718034 Change-Id: Icad92e357dacea681b8539f6ebe6110a8ca8b357	2021-12-07 22:23:50 -08:00
Rick Yiu	8cb0bb81f0	sepolicy: Fix potential avc denials Bug: 206970384 Test: make selinux_policy pass Change-Id: I2516987ea609b4328951b519f437405bef7a78d5	2021-12-08 10:24:30 +08:00
Treehugger Robot	7598aae806	Merge changes I81ab0a73,Ia66015b7 am: `9a93d79a92` am: `b7b5c14e40` am: `71f5e42ae0` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1908178 Change-Id: Icd9048dfe4b1f8288b95589c3d038de3316f18fe	2021-12-08 01:22:01 +00:00
Yifan Hong	035ce4b7f4	Add charger_vendor type This is the context when health HAL runs in offline charging mode. This has the same permissions as the health HAL, but is also able to do charger specific things. Also restrict neverallow rules in charger_type. Test: manual in offline charging mode Bug: 203246116 Change-Id: I6034853c113dff95b26461153501ad0528d10279	2021-12-07 16:24:23 -08:00
Jeffrey Huang	d93b2e18c3	Allow untrusted apps to access incidentcompanion Bug: 206548410 Test: m -j Change-Id: I93b9e983149ab5b303bc34e3de094c1481c35dc9	2021-12-07 12:20:11 -08:00
Victor Hsieh	90b7b00391	Allow composd to run fd_server Besides the basic execution that is similar to the (deprecating) odrefresh case, fd_server also needs to be able to create and change files in the output directory. Bug: 205750213 Test: /apex/com.android.compos/bin/composd_cmd forced-odrefresh # Saw composd started the fd_server and the VM Change-Id: Ia66015b72c4bd232c623604be326c7d7145c0a38	2021-12-07 08:07:50 -08:00
Treehugger Robot	e6651d2589	Merge "Allow composd to create odrefresh staging directory" am: `edf5fa0091` am: `9cdacff2aa` am: `081892a97d` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1910491 Change-Id: Ife93def4025b5993c6306ba26c627a808f193232	2021-12-07 01:59:47 +00:00
Alessio Balsini	658439fe02	mediaprovider_app can access BPF resources am: `fd3e9d838e` am: `27b2b6d8f5` am: `42216b5975` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1907857 Change-Id: I3a798c37a5200f90f55367ccddeb29404c170cb3	2021-12-07 01:19:32 +00:00
Treehugger Robot	edf5fa0091	Merge "Allow composd to create odrefresh staging directory"	2021-12-07 01:07:08 +00:00
Alessio Balsini	fd3e9d838e	mediaprovider_app can access BPF resources The FUSE daemon in MediaProvider needs to access the file descriptor of its pinned BPF program and the maps used to commuicate with the kernel. Bug: 202785178 Test: adb logcat FuseDaemon:V \*:S (in git_master) Ignore-AOSP-First: mirroring AOSP for prototyping Signed-off-by: Alessio Balsini <balsini@google.com> Change-Id: I99d641658d37fb765ecc5d5c0113962f134ee1ae	2021-12-06 19:12:55 +00:00
Victor Hsieh	33aa1a3c52	Allow composd to create odrefresh staging directory composd in responsible to prepare the staging directory for odrefresh (in the VM) to write the output to. Temporary output should be put in a staged directory with a temporary apex_art_staging_data_file context. When a compilation is finished, the files can then be moved to the final directory with the final context. Bug: 205750213 Test: No denials Change-Id: I9444470b31518242c1bb84fc755819d459d21d68	2021-12-06 08:41:31 -08:00
Victor Hsieh	9a2f1760cd	Allow composd to read ART's properties am: `1f117c26c6` am: `7b8647e628` am: `dac35aea0c` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1908176 Change-Id: I24e150c61ae4ada129c3e94f262f37c19f3c5c53	2021-12-03 21:13:19 +00:00
Victor Hsieh	1f117c26c6	Allow composd to read ART's properties Only ro.zygote is currently used, though we'll need to a few others of the same property context. Bug: 205750213 Test: composd_cmd forced-odrefresh # less SELinux denial Change-Id: I2efbbc1637142f522a66c47bdd17471c4bde227a	2021-12-02 17:58:23 -08:00
Treehugger Robot	471829bb7b	Merge "Remove 26.0 and 27.0 compat support" am: `26950bb361` am: `f4d3471aac` am: `cc93d7690f` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1903972 Change-Id: I6608f3a2e3cda124893e42aef86e7c63783b6853	2021-12-02 07:18:15 +00:00
Treehugger Robot	26950bb361	Merge "Remove 26.0 and 27.0 compat support"	2021-12-02 06:26:58 +00:00
Treehugger Robot	20b9fca8e9	Merge "Add logd.ready" am: `f5646ff42b` am: `9a922c3ce2` am: `cfc47ad673` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1895329 Change-Id: Id40bcdff34faf77ccd910f46281a8df4d003c304	2021-12-02 04:24:44 +00:00
Treehugger Robot	f5646ff42b	Merge "Add logd.ready"	2021-12-02 03:34:00 +00:00
Inseob Kim	6303d4df9d	Merge "Add hal_dumpstate_service to ignore" am: `7182b2e56b` am: `ae574d77d3` am: `f91a52bc59` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1908650 Change-Id: I11fdbe81c2bfc2ab62cc047a44c482ed4c6bc1e8	2021-12-02 01:36:57 +00:00
Inseob Kim	9dc6d70044	Remove 26.0 and 27.0 compat support Treble doesn't support T system + O vendor, so removing 26.0 (N) and 27.0 (O) prebuilts and compat files. Bug: 207815515 Test: build Change-Id: I98d5972221a8e77f3c45fc48ff50bb2b8eb94275	2021-12-02 10:22:10 +09:00
Inseob Kim	a00439e69a	Add hal_dumpstate_service to ignore Bug: 208705795 Test: build Change-Id: I211e6e0b98c964ba34db5ffd4bcf7a3cf959a8b5	2021-12-02 09:23:06 +09:00
Treehugger Robot	5397c5e66d	Merge "Add 32.0 mapping files" am: `6cf460c45e` am: `b5bf051407` am: `7bab865c6e` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1906312 Change-Id: Id2a2afbf3798fcf786fb105641dbf02d1b3b57d7	2021-12-02 00:01:05 +00:00
Treehugger Robot	6cf460c45e	Merge "Add 32.0 mapping files"	2021-12-01 23:10:38 +00:00
Kedar Chitnis	3f32fe230b	Merge "Update sepolicy to add dumpstate device service for AIDL HAL" am: `bb0315bab9` am: `3591bd6749` am: `e09c5cdd49` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1895075 Change-Id: I852de6b372cad65c2efee3bfe0cfaca1c9ad4f8f	2021-12-01 12:59:46 +00:00
Kedar Chitnis	bb0315bab9	Merge "Update sepolicy to add dumpstate device service for AIDL HAL"	2021-12-01 12:16:33 +00:00
Inseob Kim	bee558e4bb	Add 32.0 mapping files Steps taken to produce the mapping files: 1. Add prebuilts/api/32.0/plat_pub_versioned.cil from the /vendor/etc/selinux/plat_pub_versioned.cil file built on sc-v2-dev with lunch target aosp_arm64-eng. Add prebuilts/api/32.0/vendor_sepolicy.cil as an empty file. When adding plat_pub_versioned.cil, leave only type and typeattribute statements, removing the other statements: allow, neverallow, role, etc. 2. Add new file private/compat/32.0/32.0.cil by doing the following: - copy /system/etc/selinux/mapping/32.0.cil from sc-v2-dev aosp_arm64-eng device to private/compat/32.0/32.0.cil - remove all attribute declaration statement (typeattribute ...) and sort lines alphabetically - some selinux types were added/renamed/deleted w.r.t 32 sepolicy. Find all such types using treble_sepolicy_tests_32.0 test. - for all these types figure out where to map them by looking at 31.0.[ignore.]cil files and add approprite entries to 32.0.[ignore.]cil. This change also enables treble_sepolicy_tests_32.0 and installs 32.0.cil mapping file onto the device. Bug: 206330997 Test: m treble_sepolicy_tests_32.0 Test: m 32.0_compat_test Test: m selinux_policy Change-Id: I8b2991e64e2f531ce12db7aaacad955e4e8ed687	2021-12-01 10:58:25 +09:00
Treehugger Robot	e6099835f2	Merge "Restrict system_server_startup domain" am: `825936c473` am: `5607594999` am: `137cf89a16` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1903593 Change-Id: I4807f343da9b75ce9abaf169add70f5e16d3963a	2021-11-30 11:18:54 +00:00
Treehugger Robot	825936c473	Merge "Restrict system_server_startup domain"	2021-11-30 10:29:10 +00:00
Ramji Jiyani	32646fe4c7	Add selinux context for /system_dlkm Bug: 200082547 Test: Manual Signed-off-by: Ramji Jiyani <ramjiyani@google.com> Change-Id: I2207e0b3d508f9a97374724e72fd428a0eae480c	2021-11-30 06:20:47 +00:00
Jiyong Park	ff3048349a	Add logd.ready logd.ready is a system property that logd sets when it is ready to serve incoming socket requests for reading and writing logs. Clients of logd (e.g. logcat) can use this to synchronize with logd, otherwise they may experience a crash due to the refused socket connection to logd when they are started before logd is ready. Bug: 206826522 Test: run microdroid. see logcat logs are shown immediately Change-Id: Iee13485b0f4c2beda9bc8434f514c4e32e119492	2021-11-30 15:10:53 +09:00
Inseob Kim	212e65cbe8	Make 31.0 compat files up to date Bug: 208126864 Test: m selinux_policy 31.0_compat_test treble_sepolicy_tests_31.0 Merged-In: Ic97d17b39f7307ed5af200c97c8c09ca0511c216 Change-Id: I75d139412686ae13dddf5b99c505becc8638558a	2021-11-30 10:13:34 +09:00
Treehugger Robot	fea7cd0639	Merge "Grant BetterBug access ot WM traces attributes" am: `53b6de0642` am: `2c95edf2af` am: `af4b21ef5b` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1903230 Change-Id: I030d720d48ada6d4c377e193c0bbcf081e4388a0	2021-11-29 19:28:02 +00:00
Treehugger Robot	53b6de0642	Merge "Grant BetterBug access ot WM traces attributes"	2021-11-29 18:38:12 +00:00
Nataniel Borges	6b624a5a0c	Grant BetterBug access ot WM traces attributes Currently BetterBug (privileged app) cannot access the details form /data/misc/wmtrace. Test: access a trace from /data/misc/wmtrace/ in betterbug Change-Id: I4cf864ab4729e85f05df8f9e601a75ff8b92bdc8	2021-11-29 18:22:58 +01:00
Paul Lawrence	4f319f3e0a	Merge "Allow bpfloader to read fuse's bpf_prog number" am: `04cddf8af2` am: `b669669504` am: `139264aea6` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1894198 Change-Id: Ie0405e68732848529bb6b043b831b3d915a0102e	2021-11-29 16:58:46 +00:00
Paul Lawrence	04cddf8af2	Merge "Allow bpfloader to read fuse's bpf_prog number"	2021-11-29 16:18:42 +00:00
Treehugger Robot	14daffc5e8	Merge "Make 31.0 prebuilts and compat files up to date" am: `906797a9bc` am: `7d68e1e458` am: `15dfe5051d` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1903979 Change-Id: Iac623c1979233f1b39ab7e024ce204b17040b7f1	2021-11-29 13:53:26 +00:00
Treehugger Robot	906797a9bc	Merge "Make 31.0 prebuilts and compat files up to date"	2021-11-29 13:03:45 +00:00
sunliang	514cb3c5af	Change the label of /product/overlay to u:object_r:system_file:s0 am: `e8d1e97ef2` am: `fd0be879cc` am: `254815456a` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1903975 Change-Id: Iebce589d1c1ace4d2b73101f83db51bb95f1a321	2021-11-29 12:10:41 +00:00
Inseob Kim	5a8afdcfa6	Make 31.0 prebuilts and compat files up to date Bug: 208126864 Test: m selinux_policy 31.0_compat_test treble_sepolicy_tests_31.0 Change-Id: Ic97d17b39f7307ed5af200c97c8c09ca0511c216	2021-11-29 19:40:59 +09:00
sunliang	e8d1e97ef2	Change the label of /product/overlay to u:object_r:system_file:s0 Overlayfs product/overlay in init first stage is allowed in AndroidS. product/overlay directory contains RRO apks, it is plausible to allow dumpstate to access it since dumpstate will call df command. Or there will be an avc denial: 01-01 07:09:37.234 13582 13582 W df : type=1400 audit(0.0:1717): avc: denied { getattr } for path="/product/overlay" dev="overlay" ino=2 scontext=u:r:dumpstate:s0 tcontext=u:object_r:vendor_overlay_file:s0 tclass=dir permissive=0 Actually, it is more reasonable to set /product/overlay to u:object_r:system_file:s0 since there already had definiitions releated to /product/overlay /mnt/scratch/overlay/(system\|product)/upper u:object_r:system_file:s0 /(product\|system/product)/vendor_overlay/[0-9]+/.* u:object_r:vendor_file:s0 Bug: https://b.corp.google.com/u/0/issues/186342252 Signed-off-by: sunliang <sunliang@oppo.com> Change-Id: I493fab20b5530c6094bd80767a24f3250d7117a8	2021-11-29 08:24:37 +00:00
Hungming Chen	ffa08bbd21	[NC#1] netd: allow netd to setup packet socket for clatd Needed because the packet socket setup has been moved from clatd to netd. Test: manual test 1. Connect to ipv6-only wifi. 2. Try IPv4 traffic. $ ping 8.8.8.8 Change-Id: If6c3ba70cd7b3a44a31b8deab088303c22838da8	2021-11-26 20:28:29 +08:00
Alan Stokes	665c295efc	Restrict system_server_startup domain This seems like an oversight when system_server_startup was introduced (commit `caf42d615d`). Test: Presubmits Change-Id: Ia371caa8dfc2c250d6ca6f571cf002e25703e793	2021-11-26 11:41:51 +00:00
Jiyong Park	a177fa560c	Merge "app_data_file is the only app_data_file_type that is allowed for crosvm" am: `cc82a6ae89` am: `7dec0b50f6` am: `874c8fb416` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1903450 Change-Id: Ib0f3f03a12c951391c38fd8bc5435203b5ee80da	2021-11-26 06:57:44 +00:00
Jiyong Park	cc82a6ae89	Merge "app_data_file is the only app_data_file_type that is allowed for crosvm"	2021-11-26 06:11:03 +00:00
Jiyong Park	028e722934	app_data_file is the only app_data_file_type that is allowed for crosvm Bug: 204852957 Test: monitor TH Change-Id: Ie92aa25336087519661002624b486cb35740cda6	2021-11-26 01:20:20 +09:00
Kedar Chitnis	a465cbc194	Update sepolicy to add dumpstate device service for AIDL HAL - Add hal_dumpstate_service AIDL service to hal_dumpstate.te, service.te - Add default example hal_dumpstate service to file_contexts, service_contexts - Adde hal_dumpstate_service to API level 31 compatibility ignore list (31.0.ignore.cil) Bug: 205760700 Test: VtsHalDumpstateTargetTest, dumpstate, dumpstate_test, dumpsys Change-Id: If49fa16ac5ab1d3a1930bb800d530cbd32c5dec1	2021-11-25 07:52:32 +00:00
Navinprashath	e7fae4b66b	sepolicy: Add badge for gsm properties Add badge for gsm.operator.iso-country and gsm.sim.operator.iso-country. Test: Manual test Bug: 205807505 Ignore-AOSP-First: already merged in AOSP; this is a reland Change-Id: If4f399cd97b2297094ef9431450f29e0a91e5300 Merged-In: If4f399cd97b2297094ef9431450f29e0a91e5300	2021-11-25 14:04:56 +08:00
Navinprashath	98e74881cf	sepolicy: Add badge for gsm properties am: `d35bd44109` am: `f924bd13f9` am: `c8f99840b8` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1901412 Change-Id: I12da2746152a44f133f4aaca79642f0cd5fca847	2021-11-24 11:59:41 +00:00
Navinprashath	d35bd44109	sepolicy: Add badge for gsm properties Add badge for gsm.operator.iso-country and gsm.sim.operator.iso-country. Test: Manual test Bug: 205807505 Change-Id: If4f399cd97b2297094ef9431450f29e0a91e5300	2021-11-24 16:46:55 +08:00
Yi-Yo Chiang	0b240d0270	Add system_ext_userdebug_plat_sepolicy.cil for GSI system_ext_userdebug_plat_sepolicy.cil is a copy of userdebug_plat_sepolicy.cil (debug_ramdisk) that's installed in the system_ext partition. The build rule is gated by a BoardConfig variable, so products other than GSI cannot accidentally install this module. Unclean cherry-pick prebuilts/api/32.0/private/file_contexts is updated in this change, which is not in the original change. Bug: 188067818 Test: Flash RQ2A.201207.001 bramble-user with debug ramdisk & flash gsi_arm64-user from master, device can boot and `adb root` works Change-Id: I43adc6adad5e08dcc8e106d18fdacef962310883 Merged-In: I43adc6adad5e08dcc8e106d18fdacef962310883 (cherry picked from commit `814f3deb94`)	2021-11-24 14:43:03 +08:00
Jack Yu	256bb6d01c	Merge changes from topic "OMAPI_VNTF" am: `b25774f53c` am: `55cd3d5260` am: `9c4918ca8d` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1897109 Change-Id: I71bf639469f71051409a39fc4729ac69e6b1291c	2021-11-23 05:41:56 +00:00
Jack Yu	b25774f53c	Merge changes from topic "OMAPI_VNTF" * changes: Added sepolicy rule for vendor uuid mapping config Support for OMAPI Vendor stable interface	2021-11-23 04:54:02 +00:00
Richard Fung	636a591f9c	Merge "Support reading block apexes from system_server" am: `6d3bc08dbb` am: `4ead13bfc9` am: `4412c7d16f` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1899604 Change-Id: I1d50c4ce6f15acebcafd0bde19461cd5c46a7408	2021-11-23 04:06:30 +00:00
Richard Fung	6d3bc08dbb	Merge "Support reading block apexes from system_server"	2021-11-23 03:19:05 +00:00
Richard Fung	d34435c257	Support reading block apexes from system_server This relaxes the neverallow so that it is possible to write a new SELinux allow for system_server to read /dev/block/vd*. It still isn't possible unless a vendor enables it. Bug: 196965847 Test: m -j local_test_runner arc.Boot.vm Change-Id: Idad79284778cf02066ff0b982480082828f24e19	2021-11-22 21:18:54 +00:00
Akilesh Kailash	fb1cf1f0c1	Merge "New property to control virtual a/b user-space snapshots" am: `b295d44694` am: `ec750298c3` am: `328ce9cccb` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1885106 Change-Id: Ib77dd526257fa5b399adeaccd3cc412e916a36c6	2021-11-22 20:59:46 +00:00
Akilesh Kailash	b295d44694	Merge "New property to control virtual a/b user-space snapshots"	2021-11-22 20:16:06 +00:00
Treehugger Robot	cb8e5617b2	Merge "Mark safety_center_service as app_api_service in SELinux Policy." am: `441be957ca` am: `db3248e228` am: `addafb6515` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1899011 Change-Id: I74a8268dfb9f230241110a5985c07ea88b27586d	2021-11-22 13:32:51 +00:00
Treehugger Robot	441be957ca	Merge "Mark safety_center_service as app_api_service in SELinux Policy."	2021-11-22 12:54:32 +00:00
Inseob Kim	451eeed439	Add 31.0 mapping files Steps taken to produce the mapping files: 1. Add prebuilts/api/31.0/plat_pub_versioned.cil from the /vendor/etc/selinux/plat_pub_versioned.cil file built on sc-dev with lunch target aosp_arm64-eng. Add prebuilts/api/31.0/vendor_sepolicy.cil as an empty file. 2. Add new file private/compat/31.0/31.0.cil by doing the following: - copy /system/etc/selinux/mapping/31.0.cil from sc-dev aosp_arm64-eng device to private/compat/31.0/31.0.cil - remove all attribute declaration statement (typeattribute ...) and sort lines alphabetically - some selinux types were added/renamed/deleted w.r.t 31 sepolicy. Find all such types using treble_sepolicy_tests_31.0 test. - for all these types figure out where to map them by looking at 30.0.[ignore.]cil files and add approprite entries to 31.0.[ignore.]cil. This change also enables treble_sepolicy_tests_31.0 and installs 31.0.cil mapping file onto the device. Bug: 189161483 Bug: 207344718 Test: m treble_sepolicy_tests_31.0 Test: m 31.0_compat_test Test: m selinux_policy Change-Id: I6264b9cf77b80543dfea93157b45b864157e2b14 Merged-In: I6264b9cf77b80543dfea93157b45b864157e2b14 (cherry picked from commit `4f20ff73ee`)	2021-11-22 12:11:07 +00:00
Treehugger Robot	f619dc9cc5	Merge "Split composd's service in two" am: `6d485dfd89` am: `c995fd7ac3` am: `3ecbd02bf9` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1897594 Change-Id: I8c054f8ea596cd147149651c0616b32b3f5978e7	2021-11-22 11:52:47 +00:00
Treehugger Robot	6d485dfd89	Merge "Split composd's service in two"	2021-11-22 11:19:40 +00:00
Alan Stokes	8788f7afe2	Split composd's service in two They are served by the same process but have different clients: - the main interface is exposed to system server; - the internal interface is called by odrefresh when spawned by composd. Test: compos_cmd forced-compile-test Bug: 199147668 Change-Id: Ie1561b7700cf633d7d5c8df68ff58797a8d8bced	2021-11-22 09:36:45 +00:00
Treehugger Robot	fec2a2166f	Merge "recovery init domain_trans to health HAL." am: `d6c57bb99d` am: `5d0c815440` am: `49675e8a82` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1893225 Change-Id: Iea81757ee48aba67f1d1ed10b61a621e7afbb075	2021-11-20 02:31:48 +00:00
Rajesh Nyamagoud	ce542660c9	Added sepolicy rule for vendor uuid mapping config New type added in sepolicy to restrict Vendor defined uuid mapping config file access to SecureElement. Bug: b/180639372 Test: Run OMAPI CTS and VTS tests Change-Id: I81d715fa5d5a72c893c529eb542ce62747afcd03	2021-11-20 01:08:11 +00:00
Rajesh Nyamagoud	453dcf6752	Support for OMAPI Vendor stable interface Label defined for OMAPI Vendor Stable Interface Bug: b/180639372 Test: Run OMAPI CTS and VTS tests Change-Id: Ifa67a22c85ffb38cb377a6e347b0e1f18af1d0f8	2021-11-20 01:05:07 +00:00
Elliot Sisteron	6703102c79	Mark safety_center_service as app_api_service in SELinux Policy. This is to make the SafetyCenterManager usable in CTS tests. Test: SafetyCenterManager CTS test in ag/16284943 Bug: 203098016 Change-Id: I28a42da32f1f7f93c45294c7e984e6d1fd2cdd8d	2021-11-20 00:14:50 +00:00
Akilesh Kailash	8a9ec2a496	New property to control virtual a/b user-space snapshots Bug: 193863443 Test: OTA on pixel Signed-off-by: Akilesh Kailash <akailash@google.com> Change-Id: I89e5d105071c2529c9ceb661c04588ff88ffdd76	2021-11-19 23:35:32 +00:00
Treehugger Robot	d6c57bb99d	Merge "recovery init domain_trans to health HAL."	2021-11-19 21:25:33 +00:00
Elliot Sisteron	04b94a68d0	SELinux policy changes for SafetyCenter APIs. am: `67cedde1fe` am: `1e50a0757d` am: `752ac29b40` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1897505 Change-Id: I23683c633511d58ad3484ce21a89474524f79874	2021-11-19 16:52:16 +00:00
Elliot Sisteron	67cedde1fe	SELinux policy changes for SafetyCenter APIs. Context about this is on ag/16182563. Test: Ensure no build failures, ensure no SecurityException on boot when SafetyCenterService is added as boot phase Bug: 203098016 Change-Id: I4c20980301a3d0f53e6d8cba0b56ae0992833c30	2021-11-19 14:32:11 +00:00
Yifan Hong	705db2b7e8	recovery init domain_trans to health HAL. Test: run health HAL in recovery Bug: 177269435 Bug: 170338625 Change-Id: Iac800463d4d29c56466a6671929a51139ca3fde7	2021-11-18 18:16:09 -08:00
Paul Lawrence	e3e26b7bea	Allow bpfloader to read fuse's bpf_prog number Bug: 202785178 Test: Along with rest of topic, file /sys/fs/bpf/prog_fuse_media_fuse_media appears on boot with fuse-bpf in kernel Merged-In: Ibccdf177c75fef0314c86319be3f0b0f249ce59d Change-Id: Ibccdf177c75fef0314c86319be3f0b0f249ce59d	2021-11-19 01:43:58 +00:00
Treehugger Robot	3b5dd9e542	Merge "Sepolicy for StatsBootstrapAtomService" am: `b8f39c49f5` am: `ad9ebec821` am: `eb4e7c5aeb` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1885105 Change-Id: Ic0a86828349a7136cb2401538465cc4b9eeed8c9	2021-11-19 00:22:12 +00:00
Treehugger Robot	b8f39c49f5	Merge "Sepolicy for StatsBootstrapAtomService"	2021-11-18 23:25:21 +00:00
Treehugger Robot	9242d55513	Merge "Allow system server to access composd." am: `c1ebd11f2c` am: `5446b99782` am: `60f40b146d` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1892440 Change-Id: I3d35edec6323a54afcf716115803e19514513d48	2021-11-18 13:41:32 +00:00
Treehugger Robot	c1ebd11f2c	Merge "Allow system server to access composd."	2021-11-18 13:03:01 +00:00
Yifan Hong	2d0724d76f	Add recovery service_contexts files. am: `d6b2901748` am: `546678089a` am: `a22b1f5d79` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1891582 Change-Id: If501cab99ec8d3bbd1d5f8a62516da60c4fdbaf5	2021-11-18 05:34:45 +00:00

... 2 3 4 5 6 ...

8180 commits