tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
38131 commits 1 branch 0 tags 50 MiB
Commit graph

8707 commits

Author SHA1 Message Date
Patrick Rohr
205c7123ea sepolicy: allow TUNSETLINK and TUNSETCARRIER am: 02b55354bd am: df9cd0c7bd 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2112201

Change-Id: I5dae26e8b8a707368ab36330a9850bfd78a7cbb5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 09:16:44 +00:00
Patrick Rohr
02b55354bd sepolicy: allow TUNSETLINK and TUNSETCARRIER 
This is required for testing new ethernet APIs in T.

Test: TH
Bug: 171872016
Change-Id: I1e6024d7d649be50aa2321543b289f81fcdfc483
 2022-05-31 20:36:33 -07:00
Jiakai Zhang
3cc9edd110 Allow artd to check optimization status. am: 76bfb7ecbf am: aa1673bace 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2111066

Change-Id: I61f4f01637834e7322b371fcc06c8f616b0d1fd7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-31 16:55:07 +00:00
Jiakai Zhang
76bfb7ecbf Allow artd to check optimization status. 
Bug: 233383589
Test: -
  1. adb shell pm art get-optimization-status com.google.android.youtube
  2. See no SELinux denials.
Test: -
  1. adb shell pm compile -m speed com.google.android.youtube
  2. adb shell pm art get-optimization-status com.google.android.youtube
  3. See no SELinux denials.
Test: -
  1. adb shell pm install /product/app/YouTube/YouTube.apk
  2. adb shell pm art get-optimization-status com.google.android.youtube
  3. See no SELinux denials.
Change-Id: I943ebca4ec02c356fa0399b13f6154e7623f228b
 2022-05-31 14:05:04 +01:00
Patrick Rohr
1c319bd326 Merge "Fix system server and network stack netlink permissions" am: 817d82bcf5 am: 3684e7af8f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2101773

Change-Id: I17d97fba15dcee3cb4e0b5bbbab1d445bd3e4d0e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 02:21:22 +00:00
Patrick Rohr
817d82bcf5 Merge "Fix system server and network stack netlink permissions" 2022-05-27 01:39:00 +00:00
Treehugger Robot
f60d25a494 Merge "Allow system_server to connect to artd." am: a4c30a384a am: 3aca65199c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2108124

Change-Id: I9992364429733bcca456bb6a3cf3905ad058f552
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-26 15:59:15 +00:00
Treehugger Robot
a4c30a384a Merge "Allow system_server to connect to artd." 2022-05-26 14:33:42 +00:00
Jiakai Zhang
9ed8d3c9be Allow system_server to connect to artd. 
Bug: 233915142
Test: m
Change-Id: I07dc0b7ab2e54aea21799698b13651605f4c4b4a
 2022-05-26 13:57:53 +01:00
Thiébaud Weksteen
e8d8ce83ed Merge "Revert "Remove key migration related changes"" am: cdf912f65e am: d45cc9c6da 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2107148

Change-Id: I11abb211c0c4e328763c5fb9916ad6e39a5670ae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-26 03:59:04 +00:00
Thiébaud Weksteen
cdf912f65e Merge "Revert "Remove key migration related changes"" 2022-05-26 03:08:29 +00:00
John Wu
e27f954836 Revert "Remove key migration related changes" 
This reverts commit cabed18a47.

Reason for revert: b/233922399

Change-Id: Ib371184de3c1bc4e3e0ca951e98d6b5e66952dcc
 2022-05-25 23:36:42 +00:00
John Wu
c8d2d1d258 Merge "Remove key migration related changes" 2022-05-25 17:53:17 +00:00
Mohamad Mahmoud
cee6a14e1e Merge "Allow system_server to read io and cpu pressure data Test: tested on device Bug: b/233036368" am: e7d1f32250 am: 6534eb696b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2103244

Change-Id: If215ca1b641fe83e3670f844dadd9cbf1623043b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-25 16:27:22 +00:00
Mohamad Mahmoud
e7d1f32250 Merge "Allow system_server to read io and cpu pressure data Test: tested on device Bug: b/233036368" 2022-05-25 15:49:20 +00:00
Rubin Xu
6f73a02792 Merge "Allow Bluetooth stack to read security log sysprop" am: ab73c8f1c8 am: b7a8225fd8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2096793

Change-Id: Ia80bbd0c59b6cec578cc46eabc40e6a4c69c6ffe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-25 12:20:46 +00:00
Rubin Xu
ab73c8f1c8 Merge "Allow Bluetooth stack to read security log sysprop" 2022-05-25 11:43:49 +00:00
Treehugger Robot
0f12b12c8c Merge "Add xfrm netlink permissions for system server" am: f2b91a0199 am: 5cb7ed06e3 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2101798

Change-Id: I6114c0a707d7117711f183ee9ce9a56299af8c99
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-25 02:04:54 +00:00
Treehugger Robot
f2b91a0199 Merge "Add xfrm netlink permissions for system server" 2022-05-25 01:14:25 +00:00
Benedict Wong
b25b4bf53f Add xfrm netlink permissions for system server 
This change enables xfrm netlink socket use for the system server,
and the network_stack process. This will be used by IpSecService
to configure SAs, and network stack to monitor counters & replay
bitmaps for monitoring of IPsec tunnels.

Bug: 233392908
Test: Compiled
Change-Id: I25539dc579f21d6288fa962d1fad9b51573f017d
 2022-05-25 00:02:33 +00:00
Mohamad Mahmoud
c49d582df6 Allow system_server to read io and cpu pressure data 
Test: tested on device
Bug: b/233036368

Change-Id: Ied90327f97abb771f10ec2efb659bb9090ffa88a
 2022-05-24 17:24:54 +00:00
Sanjana Sunil
79f75ae826 Merge "Allow zygote to relabel sdk_sandbox_system_data_file" am: 26750b9a0c am: 8f37c1b762 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2101653

Change-Id: Id33dbed2e2a956c4f82054a06148ba0509cc70cb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 22:54:13 +00:00
Sanjana Sunil
26750b9a0c Merge "Allow zygote to relabel sdk_sandbox_system_data_file" 2022-05-20 21:59:25 +00:00
Treehugger Robot
488da4d9f2 Merge "Remove "@1.0-" from android.system.suspend service's name" 2022-05-20 18:49:39 +00:00
Sanjana Sunil
563016314c Allow zygote to relabel sdk_sandbox_system_data_file 
To perform sdk sandbox data isolation, the zygote gets the selinux label
of SDK sandbox storage (e.g. /data/misc_{ce,de}/<user-id>/sdksandbox)
before tmpfs is mounted onto /data/misc_{ce,de} (or other volumes). It
relabels it back once bind mounting of required sandbox data is done.
This change allows for the zygote to perform these operations.

Bug: 214241165
Test: atest SdkSandboxStorageHostTest
Change-Id: I28d1709ab4601f0fb1788435453ed19d023dc80b
 2022-05-20 11:24:32 +00:00
Samiul Islam
61bd67072c Merge "Create a separate label for sandbox root directory" 2022-05-20 07:21:19 +00:00
Patrick Rohr
ab02397814 Fix system server and network stack netlink permissions 
Give system_server and network_stack the same permissions as netd.
This is needed as we are continuously moving code out of netd into
network_stack and system_server.

Test: TH
Bug: 233300834
Change-Id: I9559185081213fdeb33019733654ce95af816d99
 2022-05-19 22:07:49 -07:00
Thiébaud Weksteen
a6355c36e5 Merge "Ignore access from system_app to sysfs_zram" am: 9b12638488 am: 23fbdc809e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2097197

Change-Id: Idc115f2e1a51d2c147d65d29c95cf9eeec0e65b5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 00:30:05 +00:00
Thiébaud Weksteen
9b12638488 Merge "Ignore access from system_app to sysfs_zram" 2022-05-19 23:35:21 +00:00
Nicolas Geoffray
36c1ef6672 sysfs_fs_f2fs for zygote. 
Test: boot
Bug: 223366272

(cherry picked from commit d68b089d59)

Merged-In: I163c343d8af9c578c840d7c710854fce15c29903
Change-Id: Ia67bbe89d61e8badb128d4c13570d8049f91d7a2
 2022-05-19 16:53:41 +01:00
Mohammad Samiul Islam
d2ffd35cc0 Create a separate label for sandbox root directory 
Currently, app process can freely execute path at
`/data/misc_ce/0/sdksandbox/<package-name>` since it's labeled as system
file. They can't read or write, but use 403/404
error to figure out if an app is installed or not.

By changing the selinux label of the parent directory:
`/data/misc_ce/0/sdksandbox`, we can restrict app process from executing
inside the directory and avoid the privacy leak.

Sandbox process should only have "search" permission on the new label so
that it can pass through it to its data directory located in
`/data/misc_ce/0/sdksandbox/<package-name>/<per-sdk-dir>`.

Bug: 214241165
Test: atest SdkSandboxStorageHostTest
Test: `adb shell cd /data/misc_ce/0/sdksandbox` gives error
Test: manual test to verify webview still works
Change-Id: Id8771b322d4eb5532eaf719f203ca94035e2a8ed
Merged-In: Id8771b322d4eb5532eaf719f203ca94035e2a8ed
 2022-05-19 16:01:15 +01:00
Nicolas Geoffray
e8d4a6077b Merge "sysfs_fs_f2fs for zygote." into tm-dev am: 5c8171c478 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/18437090

Change-Id: I873b65d3fa0a409d4010e0c09e8f1f78296eeb7a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 14:10:06 +00:00
Nicolas Geoffray
5c8171c478 Merge "sysfs_fs_f2fs for zygote." into tm-dev 2022-05-19 13:39:17 +00:00
Samiul Islam
d8ffd4cdd8 Merge "Create a separate label for sandbox root directory" into tm-dev am: 7accd9ad70 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/18344445

Change-Id: I07313fb72cd13e9ae2ab24e1b72e0b211f353468
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 13:24:36 +00:00
Treehugger Robot
3e78ff7f5d Merge "Iorapd and friends have been removed" am: f6fefa9d61 am: 74607b608e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2098987

Change-Id: I6582ca6634d76a54e73900d76b9f3534cb04c192
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 09:57:40 +00:00
Treehugger Robot
f6fefa9d61 Merge "Iorapd and friends have been removed" 2022-05-19 08:58:37 +00:00
Thiébaud Weksteen
bcc7cc1606 Ignore access from system_app to sysfs_zram 
avc: denied { search } for name="zram0" dev="sysfs" ino=59188 scontext=u:r:system_app:s0 tcontext=u:object_r:sysfs_zram:s0 tclass=dir permissive=0

Bug: 227231787
Test: build policy
Change-Id: I3c53784ef5ea85a95e1e517007df2814803b3271
 2022-05-19 14:38:50 +10:00
John Wu
cabed18a47 Remove key migration related changes 
Migrating keys across UIDs is no longer required

Test: m
Bug: 228999189
Change-Id: Ic58a77285e105328a1f56ad9a8ca5d80bb559d83
 2022-05-18 21:49:28 +00:00
Nicolas Geoffray
d68b089d59 sysfs_fs_f2fs for zygote. 
Test: boot
Bug: 223366272
Ignore-AOSP-First: will merge in aosp
Change-Id: I163c343d8af9c578c840d7c710854fce15c29903
 2022-05-18 17:24:44 +01:00
Bram Bonné
d3d5ff11d4 Merge "Enforce MAC address restrictions for priv apps." am: 6b2fefbf46 am: a9723095c7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2098955

Change-Id: I6024b6780c5b3f3aef269af848a28b61bcb24347
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-18 13:56:49 +00:00
Steven Moreland
d89e80bf50 Merge "Revert "crosvm: netlink perms for acpi"" am: 4e2817251d am: 5035ed4ec7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2099443

Change-Id: Iad318312a969c5c6dbf0adf4e6ea3766fe69370e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-18 13:56:32 +00:00
Richard Chang
07e43db528 Merge "Update sepolicy prebuilts to sync vendor_system_native prop changes" am: e14ad82c98 am: 8073874dc4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2098910

Change-Id: Ia9908a6a616d83bf8b0cb7761e5b81f71c8b589d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-18 13:56:00 +00:00
Bram Bonné
6b2fefbf46 Merge "Enforce MAC address restrictions for priv apps." 2022-05-18 12:33:53 +00:00
Jeff Vander Stoep
b07c12c39d Iorapd and friends have been removed 
Remove references in sepolicy. Leave a few of the types defined since
they're public and may be used in device-specific policy.

Bug: 211461392
Test: build/boot cuttlefish
Change-Id: I615137b92b82b744628ab9b7959ae5ff28001169
 2022-05-18 12:07:39 +02:00
Frederick Mayle
a405b140f7 Remove "@1.0-" from android.system.suspend service's name 
Bug: 232447926
Test: TH
Test: boot cuttlefish
Ignore-AOSP-First: Need to submit together with internal changes. Will cherry pick to AOSP quickly afterwards.
Change-Id: I8699daf48599f9dd913821911702408acc650de9
 2022-05-17 22:30:56 +00:00
Steven Moreland
4e2817251d Merge "Revert "crosvm: netlink perms for acpi"" 2022-05-17 17:43:25 +00:00
Mohammad Samiul Islam
ef1698a878 Create a separate label for sandbox root directory 
Currently, app process can freely execute path at
`/data/misc_ce/0/sdksandbox/<package-name>` since it's labeled as system
file. They can't read or write, but use 403/404
error to figure out if an app is installed or not.

By changing the selinux label of the parent directory:
`/data/misc_ce/0/sdksandbox`, we can restrict app process from executing
inside the directory and avoid the privacy leak.

Sandbox process should only have "search" permission on the new label so
that it can pass through it to its data directory located in
`/data/misc_ce/0/sdksandbox/<package-name>/<per-sdk-dir>`.

Bug: 214241165
Test: atest SdkSandboxStorageHostTest
Test: `adb shell cd /data/misc_ce/0/sdksandbox` gives error
Test: manual test to verify webview still works
Ignore-AOSP-First: Test is missing in AOSP. Will cherry-pick to AOSP
                   once merged here.
Change-Id: Id8771b322d4eb5532eaf719f203ca94035e2a8ed
 2022-05-17 17:23:31 +00:00
Bram Bonne
af609b2f3c Enforce MAC address restrictions for priv apps. 
Bug: 230733237
Test: atest NetlinkSocketTest NetworkInterfaceTest
  bionic-unit-tests-static CtsSelinuxTargetSdkCurrentTestCases
  CtsSelinuxTargetSdk29TestCases CtsSelinuxTargetSdk27TestCases
Change-Id: I1d66ae7849e950612f3b6693216ec8c84e942640
 2022-05-17 14:36:15 +02:00
Richard Chang
e14ad82c98 Merge "Update sepolicy prebuilts to sync vendor_system_native prop changes" 2022-05-17 10:56:44 +00:00
Steven Moreland
0e15d77240 Revert "crosvm: netlink perms for acpi" 
This reverts commit c1e8eb5226.

Reason for revert: b/228077254

Change-Id: I49f6f3c93b02d6e92d1bc7eace8994834e56ec2c
 2022-05-17 00:56:17 +00:00