Commit graph

9 commits

Author SHA1 Message Date
Roopa Sattiraju
f227d0d99e Changing selinux policy for privapps for new certs.
Bug: 220807590
Test: build and boot
Change-Id: Ib24fed5e4980b0c8bb4df658a961346c5b4730ad
2022-04-05 17:31:49 -07:00
Nikita Ioffe
e2da633ef7 Rename SupplementalProcess to SdkSandbox
Ignore-AOSP-First: sepolicy is not in aosp, yet
Bug: 220320098
Test: presubmit
Change-Id: I9fb98e0caee75bdaaa35d11d174004505f236799
2022-02-23 20:44:20 +00:00
Nikita Ioffe
4ffa0c939e Switch from DEFAULT_SYSTEM_DEV_CERTIFICATE to MAINLINE_SEPOLICY_DEV_CERTIFICATES
Using DEFAULT_SYSTEM_DEV_CERTIFICATE didn't work (supplemental process
was running under platform_app) domain. Changing to
MAINLINE_SEPOLICY_DEV_CERTIFICATES (this also aligns with network stack
configuration) seems to fix this.

Ignore-AOSP-First: Feature is developed in internal branch
Bug: 204989872
Test: Run manual e2e test for supplemental process
Test: adb shell ps -Z | grep sup
Test: verify that process is running under supplemental_process domain
Change-Id: Ibf478466e5d6ab0ee08fca4da3b4bae974a82db0
2021-12-21 01:14:22 +00:00
RafayKamran
6ea56f6b6d Added supplemental key to the sepolicy
Allows apps to be signed with the supplemental key

Bug: 203670791
Test: Make, device boots
Ignore-AOSP-First: Feature is developed in internal branch

Change-Id: I2215ffe74e0fa19ff936e90c08c4ebfd177e5258
2021-11-23 10:59:59 +00:00
Ashwini Oruganti
04f771dee4 Don't require seinfo for priv-apps
Relax the requirement to have both seinfo and name specified for
privapps. The original reason for requiring both was because, normally,
a package can only be uniquely specified by both name and signature,
otherwise package squatting could occur. However, privapps are
pre-installed, so the concerns about the potential for package squatting
are eliminated. This change will drastically simplify sepolicy
configuration for priv-apps.

Bug: 142672293
Test: Flashed a device with this build and verified
com.google.android.permissioncontroller still  runs in the
permissioncontroller_app domain.
Change-Id: I5bb2bf84b9db616c4492bd1402550821c70fdd07
2019-11-06 08:37:03 -08:00
Ashwini Oruganti
9bc81125ef Create a separate domain for permissioncontroller
This creates an SELinux domain for permissioncontroller and moves it out of the
priv_app SELinux domain.

Bug: 142672293
Test: Flashed a device with this build and verified
com.google.android.permissioncontroller runs in the
permissioncontroller_app domain.
Change-Id: Ieb2e4cb806d18aaeb2e5c458e138975d1d5b64fe
2019-10-30 14:59:12 -07:00
Remi NGUYEN VAN
bd3ab0278b Add MAINLINE_SEPOLICY_DEV_CERTIFICATES to keys.conf
DEFAULT_SYSTEM_DEV_CERTIFICATE is not appropriate as some OEMs may need
to change only the certificates used to generate
plat_mac_permissions.xml for mainline modules.

Test: m, checked output plat_mac_permissions.xml
Bug: 138097611
Bug: 134995443
Change-Id: Ie19130a243db043f432039c54c379f06e60ab6c6
2019-08-07 18:23:47 +09:00
Remi NGUYEN VAN
3b006d9bd4 sepolicy change for NetworkStack signature
Update the seinfo to the new network_stack seinfo, as the network stack
is now using its own certificate.
Remove the hard-coded package name, which may differ depending on
devices, and specify (uid, signature, priv-app) instead.

Bug: 124033493
Test: m
Change-Id: If3bbc21cf83f5d17406e9615833ee43011c9c9bc
2019-02-14 07:58:13 +09:00
dcashman
cc39f63773 Split general policy into public and private components.
Divide policy into public and private components.  This is the first
step in splitting the policy creation for platform and non-platform
policies.  The policy in the public directory will be exported for use
in non-platform policy creation.  Backwards compatibility with it will
be achieved by converting the exported policy into attribute-based
policy when included as part of the non-platform policy and a mapping
file will be maintained to be included with the platform policy that
maps exported attributes of previous versions to the current platform
version.

Eventually we would like to create a clear interface between the
platform and non-platform device components so that the exported policy,
and the need for attributes is minimal.  For now, almost all types and
avrules are left in public.

Test: Tested by building policy and running on device.

Change-Id: Idef796c9ec169259787c3f9d8f423edf4ce27f8c
2016-10-06 13:09:06 -07:00
Renamed from keys.conf (Browse further)