tequilaOS/platform_system_sepolicy

Author SHA1 Message Date

Author	SHA1	Message	Date
Alex Klyubin	f5446eb148	Vendor domains must not use Binder On PRODUCT_FULL_TREBLE devices, non-vendor domains (except vendor apps) are not permitted to use Binder. This commit thus: * groups non-vendor domains using the new "coredomain" attribute, * adds neverallow rules restricting Binder use to coredomain and appdomain only, and * temporarily exempts the domains which are currently violating this rule from this restriction. These domains are grouped using the new "binder_in_vendor_violators" attribute. The attribute is needed because the types corresponding to violators are not exposed to the public policy where the neverallow rules are. Test: mmm system/sepolicy Test: Device boots, no new denials Test: In Chrome, navigate to ip6.me, play a YouTube video Test: YouTube: play a video Test: Netflix: play a movie Test: Google Camera: take a photo, take an HDR+ photo, record video with sound, record slow motion video with sound. Confirm videos play back fine and with sound. Bug: 35870313 Change-Id: I0cd1a80b60bcbde358ce0f7a47b90f4435a45c95	2017-03-24 07:54:00 -07:00
Josh Gao	3067af1436	Revert "crash_dump: temporarily make permissive." This reverts commit `9cfe34b5ee`. Bug: http://b/34978531 Change-Id: I0702641c48fad273f16fa1a5f0e4483dfe408c05	2017-02-14 16:13:30 -08:00
Josh Gao	9cfe34b5ee	crash_dump: temporarily make permissive. Test: policy compiles. Bug: http://b/34450704 Change-Id: I1381f9de8e4c8cdde4920be423ab32adc2f7a8a2	2017-01-19 10:28:43 -08:00

Alex Klyubin

f5446eb148

Vendor domains must not use Binder

On PRODUCT_FULL_TREBLE devices, non-vendor domains (except vendor
apps) are not permitted to use Binder. This commit thus:
* groups non-vendor domains using the new "coredomain" attribute,
* adds neverallow rules restricting Binder use to coredomain and
  appdomain only, and
* temporarily exempts the domains which are currently violating this
  rule from this restriction. These domains are grouped using the new
  "binder_in_vendor_violators" attribute. The attribute is needed
  because the types corresponding to violators are not exposed to the
  public policy where the neverallow rules are.

Test: mmm system/sepolicy
Test: Device boots, no new denials
Test: In Chrome, navigate to ip6.me, play a YouTube video
Test: YouTube: play a video
Test: Netflix: play a movie
Test: Google Camera: take a photo, take an HDR+ photo, record video with
      sound, record slow motion video with sound. Confirm videos play
      back fine and with sound.
Bug: 35870313
Change-Id: I0cd1a80b60bcbde358ce0f7a47b90f4435a45c95

2017-03-24 07:54:00 -07:00

Josh Gao

3067af1436

Revert "crash_dump: temporarily make permissive."

This reverts commit 9cfe34b5ee.

Bug: http://b/34978531
Change-Id: I0702641c48fad273f16fa1a5f0e4483dfe408c05

2017-02-14 16:13:30 -08:00

Josh Gao

9cfe34b5ee

crash_dump: temporarily make permissive.

Test: policy compiles.
Bug: http://b/34450704
Change-Id: I1381f9de8e4c8cdde4920be423ab32adc2f7a8a2

2017-01-19 10:28:43 -08:00

3 commits