tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
42695 commits 1 branch 0 tags 50 MiB
Commit graph

9604 commits

Author SHA1 Message Date
Maciej Żenczykowski
47675624b5 Merge "clatd.te - no longer need netlink" 2023-03-16 23:18:42 +00:00
Vikram Gaur
09e0bba45b Add set property permissions to RKPD application. am: 01390087b1 am: 507df367fc am: a6c082cb8c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2491884

Change-Id: Ib5d5cd6285852fae74c17bdea445add6cea41013
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 23:11:08 +00:00
Vikram Gaur
01390087b1 Add set property permissions to RKPD application. 
Test: atest RkpdAppGoogleIntegrationTests
Change-Id: Ib1680319f7299b27aab2cc36cc917a8da35ec216
 2023-03-16 18:05:10 +00:00
Maciej Żenczykowski
737ee6ee89 clatd.te - no longer need netlink 
After:
  https://android-review.git.corp.google.com/c/platform/external/android-clat/+/2491075
  clatd: remove ipv6 address monitoring

clatd no longer does any netlink.

Test: TreeHugger, ping 1.1.1.1 on ipv6-only network works
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Id1c87b926a75c94f3c0ede04effd73c25844fefd
 2023-03-16 10:53:18 +00:00
Treehugger Robot
9190b33f7b Merge "Allow composd to enable fs-verity to compiled artifacts" am: 15c64f5a21 am: 05d1c76bf9 am: 964872fbe5 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2488601

Change-Id: Ib6e4ce1025298aaa09f1430e245e26dcfff20fd6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 19:02:43 +00:00
Treehugger Robot
15c64f5a21 Merge "Allow composd to enable fs-verity to compiled artifacts" 2023-03-15 17:04:04 +00:00
Victor Hsieh
a115d49cd6 Allow composd to enable fs-verity to compiled artifacts 
Bug: 272587415
Test: com.android.tests.odsign.CompOsSigningHostTest
Change-Id: Icfdf72478481492a18a231e63faac0492a1e4536
 2023-03-15 08:14:52 -07:00
Treehugger Robot
a6a5b67a6f Merge "Move cardisplayproxyd to system_ext" am: a5dbf64602 am: eb879ba0b1 am: e8776c20b6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2486580

Change-Id: Ic8d2d952a6e1ada0c799d9279824f7333de844b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 07:21:48 +00:00
Treehugger Robot
a5dbf64602 Merge "Move cardisplayproxyd to system_ext" 2023-03-15 05:31:20 +00:00
Tri Vo
4bb2d30701 Remove RemoteProvisioner and remoteprovisioning services 
Bug: 273325840
Test: keystore2_test
Change-Id: I295ccdda5a3d87b568098fdf97b0ca5923e378bf
 2023-03-14 15:45:35 -07:00
Changyeon Jo
fc0b3da21f Move cardisplayproxyd to system_ext 
Bug: 218588089
Bug: 273324345
Test: 1. m -j selinux_policy
      2. Build cf_x86_64_auto lunch target.
      3. Launch cvd in the accelerated graphics mode.
      4. Run evs_app and confirm the color bar pattern is shown on the
         display.
         > adb root && adb shell evs_app --test
      6. Do the same on sdk_car_x86_64 lunch target.
Change-Id: I1f570e7d43981ce2f5a7ae0d78ee3d5bfa8c7576
 2023-03-14 14:28:28 +00:00
Ioannis Ilkos
900d221a1f Fix incorrect domain used in system_server.te 
This was accidentally copied and pasted from the app domain. The intent
was for system_server to be able to read the prop.

Test: manually
Bug: 269246893
Bug: 272719059
Ignore-AOSP-First: tm-qpr-dev backport
Change-Id: I78d5fa62a2e112d3bf363b8d96348a645ef4caaa
Merged-In: I78d5fa62a2e112d3bf363b8d96348a645ef4caaa
 2023-03-13 17:45:42 +00:00
Ioannis Ilkos
ddd99acbb8 Sysprop for the count of active OOME tracing sessions 
In order for ART code to call perfetto DataSource::Trace() we need to
wait for all data source instances to have completed their setup. To do
so, we need to know how many of them exist.

This introduces a new sysprop traced.oome_heap_session.count, writeable
by perfetto traced and readable by apps and system_server that can be
used to communicate this.

See go/art-oom-heap-dump for more details

Test: manual, atest HeapprofdJavaCtsTest
Bug: 269246893
Bug: 272719059
Ignore-AOSP-First: tm-qpr-dev backport
Change-Id: Ib8220879a40854f98bc2f550ff2e7ebf3e077756
Merged-In: Ib8220879a40854f98bc2f550ff2e7ebf3e077756
 2023-03-13 17:45:35 +00:00
Ryan Savitski
b2fecc3954 tm-qpr backport: allow perfetto profiling of system_server and sys/platform apps 
This is a reduced backport of aosp/2419280, as the full change adds
domain-wide allow rules as well as neverallows, and we want to avoid
conflicts against pre-existing TM vendor policies.

This backport is downscoped to:
* system_server.te:  allow profiling system_server, runs as "system".
* system_app.te:     allow profiling all other apps running as "system",
                     e.g. com.android.settings.
* platform_app.te:   for platform-signed apps running in the normal app
                     UID range, e.g. com.android.systemui.

Merging logistics:
* AOSP and udc-dev have the full change, so prevent automerged conflicts
  via Merged-In.
* api=33 sepolicy prebuilts are in a stacked patch as those should flow
  into downstream branches, and afaiu will need to be CP'd to AOSP.

Bug: 272719059
Ignore-AOSP-First: tm-qpr-dev backport
Merged-In: I792ec1812d94b4fa9a8688ed74f2f62f6a7f33a6
Change-Id: I5de4a39b002baabad7ef9e5a21c10dc6d87295eb
 2023-03-13 17:13:54 +00:00
Ioannis Ilkos
dbf6264e06 Fix incorrect domain used in system_server.te am: 0e978ba9f1 am: e8c801ee24 am: 77d6fce233 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2470105

Change-Id: I2b16840a4d94d71e51475f94717cef60e9e84e52
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 23:45:12 +00:00
Ioannis Ilkos
e8c801ee24 Fix incorrect domain used in system_server.te am: 0e978ba9f1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2470105

Change-Id: Ib00319669b979ddf0c8fd888d9d5c2c9eae60cb8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 22:16:15 +00:00
Ioannis Ilkos
0e978ba9f1 Fix incorrect domain used in system_server.te 
This was accidentally copied and pasted from the app domain. The intent
was for system_server to be able to read the prop.

Test: manually
Bug: 269246893
Change-Id: I78d5fa62a2e112d3bf363b8d96348a645ef4caaa
 2023-03-06 18:31:25 +00:00
David Brazdil
e814592cfe Allow system_server to kill crosvm/virtualizationmanager am: f3a922c453 am: 4bbcdf55e8 am: 1fefb129c1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2456048

Change-Id: I2ee230d0a235ee17a797ba87517abb57c6af7bf0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 18:18:38 +00:00
David Brazdil
4bbcdf55e8 Allow system_server to kill crosvm/virtualizationmanager am: f3a922c453 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2456048

Change-Id: I6b8e4c9f04f2956c95652776c75573e977d79696
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 16:28:17 +00:00
David Brazdil
f3a922c453 Allow system_server to kill crosvm/virtualizationmanager 
VirtualizationManager (and indirectly crosvm) now runs as a child
process of the client, which could be a process forked from zygote.
As a result, these get tracked as phantom processes of the client and
system_server will try to kill them if it chooses to kill the client.

Currently this does not work because system_server is not allowed
sigkill for the corresponding domains. In theory, that should not be
a problem because virtualizationmanager will automatically kill any
crosvm instances and terminate itself if its parent dies, but we should
not rely on that fact and instead give system_server the ultimate
control over app process termination.

Bug: 269461627
Test: atest MicrodroidTestApp
Change-Id: Ie0ba5388d00a51812c9424c37f2f74983bea9db8
 2023-03-06 14:31:51 +00:00
Treehugger Robot
ae046ff758 Merge "Add ro.boot.serialconsole property" am: fcf62c8cf4 am: b5f39da9c9 am: 944863e08e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2450910

Change-Id: I129d04639ad0fb4c2e4ea1899a39ea4bc8779cbd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-03 16:53:07 +00:00
Treehugger Robot
b5f39da9c9 Merge "Add ro.boot.serialconsole property" am: fcf62c8cf4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2450910

Change-Id: I316ee9fc0db8abae6bab40b19acb560239d89c9f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 20:29:11 +00:00
Treehugger Robot
fcf62c8cf4 Merge "Add ro.boot.serialconsole property" 2023-03-02 20:04:33 +00:00
Charles Chen
826f9993fd Merge "Enable NNAPI for isolated compute app" am: 19f9c34d2c am: d2473045b5 am: 4e8f4e99a2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2464353

Change-Id: I05522d5865abf12af7f3ccbf49eafe737744b901
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 19:13:33 +00:00
Charles Chen
d2473045b5 Merge "Enable NNAPI for isolated compute app" am: 19f9c34d2c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2464353

Change-Id: Ieca26d4fca6fd39ee293ce7609ceb619a87c1637
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 18:00:37 +00:00
Paul Lawrence
6b5da95419 Use kernel sys/fs/fuse/features/fuse_bpf flag to enable fuse_bpf 
Bug: 262887267
Test: ro.fuse.bpf.is_running is true
Change-Id: I9c4a54e9ac232e9f35a6be5b3bcc3cc040d64b47
 2023-03-01 14:45:57 -08:00
Alistair Delva
902ca66bb8 Add ro.boot.serialconsole property 
Bootloaders on Android 14 devices will set this.

Bug: 266982931
Bug: 223797063
Bug: 267428635
Change-Id: I45981baf5123090188f7b700bf5987b1ca897490
 2023-03-01 20:53:38 +00:00
Charles Chen
31a7fb09be Enable NNAPI for isolated compute app 
Need access to TPU/GPU for neural models in isolated_compute_app.

Bug: 266923392
Test: m
Change-Id: I2ea7c551b5fe678f383d3854ae295b448e78b460
 2023-03-01 20:27:13 +00:00
Seth Moore
0093abc3e8 Allow shell to change RKP properties am: d3bd68607e am: 98524e7333 am: 8a022760a0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2456270

Change-Id: I37569abad4666ac5a348531ec4cea110a9813867
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-25 06:24:54 +00:00
Seth Moore
98524e7333 Allow shell to change RKP properties am: d3bd68607e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2456270

Change-Id: I2cf629ec5325c22199dcfe4619441a6e3d67add9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-25 04:56:10 +00:00
Seth Moore
d3bd68607e Allow shell to change RKP properties 
This way, we can change things like the RKP hostname or enablement
from the shell for tests.

Bug: 265196434
Test: manual (adb shell setprop ...)
Change-Id: Ib853eaf29b395705eba57d241df064152220457e
 2023-02-24 13:33:36 -08:00
Alice Wang
4a8ab250c8 [dice] Remove all the sepolicy relating the hal service dice am: 5e94b1698c am: 13e58cf7b1 am: a9a8c0cb93 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2426073

Change-Id: Ia58829024a4eec19239f71fb93aa01649f08b192
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 21:23:06 +00:00
Alice Wang
13e58cf7b1 [dice] Remove all the sepolicy relating the hal service dice am: 5e94b1698c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2426073

Change-Id: I60664669f08fa3d83dfacb57ebd7da912951ad0a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 19:57:23 +00:00
Treehugger Robot
2b2189b13c Merge "Track tombstone_transmit denial" am: 0970a31811 am: 733344c1fd am: 54d29710b4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2452626

Change-Id: I4c274e005e6426cdb4125fc6f9af16282ad0e4ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 09:34:10 +00:00
Alice Wang
5e94b1698c [dice] Remove all the sepolicy relating the hal service dice 
As the service is not used anywhere for now and in the near future.

Bug: 268322533
Test: m
Change-Id: I0350f5e7e0d025de8069a9116662fee5ce1d5150
 2023-02-24 08:34:26 +00:00
Treehugger Robot
733344c1fd Merge "Track tombstone_transmit denial" am: 0970a31811 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2452626

Change-Id: Iccd5c0b0e5ff9f347295559a425ebe7c1e6003fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 08:30:36 +00:00
Fenglin Wu
fe916342fc Add label for charger property 
Label charger property: ro.product.charger.unplugged_shutdown_time.

Bug: 267265061
Test: update the property in charger mode
Change-Id: I6c67123ac53f489851a8ad313e8aa40f67a3786e
 2023-02-24 15:58:27 +08:00
Treehugger Robot
0970a31811 Merge "Track tombstone_transmit denial" 2023-02-24 03:11:00 +00:00
Inseob Kim
1c9a82974a Track tombstone_transmit denial 
Bug: 264420112
Test: N/A
Change-Id: I5caec836d540b8686ed1d8b6ceb537038db866d8
 2023-02-24 00:32:55 +09:00
Jeffrey Carlyle
dcfa93981e Add DCK property to read SE capabilities am: 923a51af57 am: 05ed381f07 am: a2a235b735 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2444719

Change-Id: Ibbec3c1433bb53277225fd0bf9969bb02cc86e63
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 01:31:05 +00:00
Jeffrey Carlyle
05ed381f07 Add DCK property to read SE capabilities am: 923a51af57 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2444719

Change-Id: Iaae283bfad7a7c9fe84746f09b68abee64f2266c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 22:50:23 +00:00
Frederick Mayle
d8635d2a77 Merge "Allow crash_dump on crosvm" am: b01c7addc2 am: 707bd25fdb am: 809bd23a29 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2441306

Change-Id: I9bd7f93c1afc948be1136dada93ba920ca1ffffb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 20:13:32 +00:00
Jeffrey Carlyle
923a51af57 Add DCK property to read SE capabilities 
Bug: 229777047
Test: verify that property is correcly read during system boot
Change-Id: I3c7d2fabb575864ee0a9e5277f7cb715374872c6
Signed-off-by: Jeffrey Carlyle <jcarlyle@google.com>
 2023-02-22 19:58:31 +00:00
Frederick Mayle
707bd25fdb Merge "Allow crash_dump on crosvm" am: b01c7addc2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2441306

Change-Id: Id979ea9ff5e9f1d74d07a26fb68e0c197f91c95f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 18:38:16 +00:00
Frederick Mayle
b01c7addc2 Merge "Allow crash_dump on crosvm" 2023-02-22 18:01:56 +00:00
Nikita Ioffe
12fa4163c9 Merge "Add sepolicy rules for hyp ftrace instance" am: 959cbb54e8 am: 475bf54d5e am: d7dbf6cf44 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2441425

Change-Id: I955a5fcaaedba8ebeb0875730a4a8141820af67a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 14:10:39 +00:00
Treehugger Robot
ad165b80c0 Merge "Allow dumpstate to read /data/system/shutdown-checkpoints/" am: 863cedfae6 am: c82b062d97 am: c1b762046b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422419

Change-Id: Idd7e706e1b8655fcdba53374a996a079187cf52c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 14:10:12 +00:00
Nikita Ioffe
475bf54d5e Merge "Add sepolicy rules for hyp ftrace instance" am: 959cbb54e8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2441425

Change-Id: I63561b94179dda830b96afd67a744cc29c1b38e6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 11:47:11 +00:00
Treehugger Robot
c82b062d97 Merge "Allow dumpstate to read /data/system/shutdown-checkpoints/" am: 863cedfae6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422419

Change-Id: I8c47edbc31e2bf7bf0142ed0cb63af32385c6160
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 11:44:51 +00:00
Nikita Ioffe
959cbb54e8 Merge "Add sepolicy rules for hyp ftrace instance" 2023-02-22 11:25:54 +00:00
Treehugger Robot
863cedfae6 Merge "Allow dumpstate to read /data/system/shutdown-checkpoints/" 2023-02-22 10:21:25 +00:00
Ryan Savitski
8c4f4b07a7 Merge "Correct hal_configstore label used in profiler rules" am: 47cb9d8a5d am: a13f14e640 am: dad41f7f54 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2447064

Change-Id: I1ac908018ff19b6b4a4eeabbfb80276cb74a004a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 06:25:33 +00:00
Ryan Savitski
a13f14e640 Merge "Correct hal_configstore label used in profiler rules" am: 47cb9d8a5d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2447064

Change-Id: Ica6e2a3217a7ed669533173d0c96af335fd66ca1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 04:06:41 +00:00
Ryan Savitski
17caa229a8 Correct hal_configstore label used in profiler rules 
hal_configstore_server is what we want to exclude to avoid conflicting
with public/hal_configstore.te neverallows on socket operations. I used
the wrong label in aosp/2419280, but it happened to also cover
hal_configstore_server in the final device sepolicy.

The logical error was caught by CtsSecurityHostTestCases:
  Warning!  Type or attribute hal_configstore used in neverallow
  undefined in policy being checked

Bug: 247858731
Bug: 269707771
Tested: built panther-user
Change-Id: I244e597939478d75f8437e82ff854a5d96c32a87
 2023-02-21 16:31:42 +00:00
Nikita Ioffe
1b5a9d21cf Add sepolicy rules for hyp ftrace instance 
We will start with simple sepolicy that applies debugfs_tracing label
for any file under /sys/kernel/tracing/hyp (for tracefs) or
/sys/kernel/debug/tracing/hyp (for debugfs), as so far everybody that
can do tracing in Android should be able to also trace hypervisor.

If in the future we decide that this is not the case, we can always
introduce a new hyp-tracing specific label.

Bug: 249050813
Test: adb shell -alZ /sys/kernel/tracing/hyp
Test: collect hyp traces via perfetto
Change-Id: I16d8faf212858eab0aab54c22d143461aae90482
 2023-02-20 17:48:25 +00:00
Ioannis Ilkos
df0fb4ef3d Merge "Sysprop for the count of active OOME tracing sessions" am: 300f93bf5a am: 2a73c910d3 am: ebf9f35f15 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2433415

Change-Id: If19649f185a8247c4b3196b30629d491d598ff73
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 19:58:55 +00:00
Frederick Mayle
4f5390d640 Allow crash_dump on crosvm 
Protected guest memory maps are now unmapped when crash_dump forks off
of crosvm, so we don't need or want this exception anymore.

Bug: 238324526
Test: ran debuggerd on protected vm
Change-Id: Iccff5dcc441dcf769fcdaa89e7b8e686341821fd
 2023-02-17 19:36:51 +00:00
Ioannis Ilkos
2a73c910d3 Merge "Sysprop for the count of active OOME tracing sessions" am: 300f93bf5a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2433415

Change-Id: I94c868305fc6c681b01bc86b6f3d9ffaf8fac9d1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 18:51:54 +00:00
Nikita Ioffe
923b51fc1d Merge "Sepolicy rules to allow crosvm to start a gdb-server" am: 09cbce900f am: 9892a80308 am: 22f42bfff8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2436892

Change-Id: I361acada88ee38266dcc00210f0ffdfc702b1f38
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 18:36:50 +00:00
Alfred Piccioni
700b8d2ced Merge "Adds support for fuseblk binaries." am: dd4c5fa93b am: 89cd736d8d am: 14de90550b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2393296

Change-Id: Ie06c83f0f628e4aba4f84e9fd948fc4c64743b5d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 18:36:24 +00:00
Ioannis Ilkos
300f93bf5a Merge "Sysprop for the count of active OOME tracing sessions" 2023-02-17 17:50:59 +00:00
Nikita Ioffe
9892a80308 Merge "Sepolicy rules to allow crosvm to start a gdb-server" am: 09cbce900f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2436892

Change-Id: I2df5e7c76cfe7149139d018c01be1903a7dc1ee6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 16:25:13 +00:00
Alfred Piccioni
89cd736d8d Merge "Adds support for fuseblk binaries." am: dd4c5fa93b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2393296

Change-Id: Ic1a8d2a297848430a672826f1780bbb3e976f1be
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-17 16:23:38 +00:00
Nikita Ioffe
09cbce900f Merge "Sepolicy rules to allow crosvm to start a gdb-server" 2023-02-17 15:46:05 +00:00
Alfred Piccioni
dd4c5fa93b Merge "Adds support for fuseblk binaries." 2023-02-17 15:15:31 +00:00
Woody Lin
35541e183f Allow dumpstate to read /data/system/shutdown-checkpoints/ 
Bug: 260366497
Bug: 264600011
Test: Take bugreport and check dmesg for avc error
Test: Reboot and check shutdown-checkpoints
Change-Id: Ifcc7de30ee64e18f78af147cd3da39d7c6dc6f5f
 2023-02-16 14:23:33 +08:00
Nikita Ioffe
40a48c1046 Sepolicy rules to allow crosvm to start a gdb-server 
Bug: 242057159
Test: see another change in this topic
Change-Id: Ie5116c8891a62096e767500b90a19fc5975c3599
 2023-02-15 16:44:50 +00:00
Feiyu Chen
6ecb07f81e Merge "Add SELinux policy for edgetpu_native device_config prop" am: b4b757cd83 am: e68fe11b3a am: c549fa4675 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2434232

Change-Id: Ib731951384e7c1c451d8d176289eaab29c6b99d9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-15 05:18:35 +00:00
Feiyu Chen
e68fe11b3a Merge "Add SELinux policy for edgetpu_native device_config prop" am: b4b757cd83 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2434232

Change-Id: Iba932201fe56697b23f25a7ecb41a2f9829dd48a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-15 03:31:01 +00:00
Feiyu Chen
b4b757cd83 Merge "Add SELinux policy for edgetpu_native device_config prop" 2023-02-15 02:32:22 +00:00
Ioannis Ilkos
8d168e2d8a Sysprop for the count of active OOME tracing sessions 
In order for ART code to call perfetto DataSource::Trace() we need to
wait for all data source instances to have completed their setup. To do
so, we need to know how many of them exist.

This introduces a new sysprop traced.oome_heap_session.count, writeable
by perfetto traced and readable by apps and system_server that can be
used to communicate this.

See go/art-oom-heap-dump for more details

Test: manual, atest HeapprofdJavaCtsTest
Bug: 269246893
Change-Id: Ib8220879a40854f98bc2f550ff2e7ebf3e077756
 2023-02-14 15:14:39 +00:00
Treehugger Robot
0ae1926576 Merge "Add system property for leaudio_allow_list" am: ae07b5380b am: 79b8e705aa am: 55d69325e9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2375411

Change-Id: I0072eadd143a989436277d43fca5d48411c5615e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 14:04:25 +00:00
Pedro Loureiro
efd12cc5bf Merge "Add SEPolicy for device config service" am: 43b0b8a65c am: 14060332c7 am: fe0ce26f53 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2430374

Change-Id: Ic9b09bf6e69fcec9e8f35de48be914f332bd45b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 14:03:59 +00:00
Treehugger Robot
79b8e705aa Merge "Add system property for leaudio_allow_list" am: ae07b5380b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2375411

Change-Id: I4323da4ee1e703e48f78cef880c154e94c8f49f3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 12:17:11 +00:00
Pedro Loureiro
14060332c7 Merge "Add SEPolicy for device config service" am: 43b0b8a65c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2430374

Change-Id: I16624fc06f8cd15de32734e31a47acc504a5dea1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 12:16:51 +00:00
Treehugger Robot
ae07b5380b Merge "Add system property for leaudio_allow_list" 2023-02-14 11:21:55 +00:00
Pedro Loureiro
43b0b8a65c Merge "Add SEPolicy for device config service" 2023-02-14 11:18:41 +00:00
Akilesh Kailash
959a886b33 Merge "Set sepolicy for ublk control device and block device" am: a3c0ca4e67 am: 12e344b7de am: 782a9dd2d1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2433673

Change-Id: I6bb7907b4904e5bcd9ce45a789efaae001509f52
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 06:28:18 +00:00
Akilesh Kailash
12e344b7de Merge "Set sepolicy for ublk control device and block device" am: a3c0ca4e67 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2433673

Change-Id: Ia1104a335a2932a48bc2f9eecb547c65e13fe334
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 04:41:42 +00:00
Akilesh Kailash
a3c0ca4e67 Merge "Set sepolicy for ublk control device and block device" 2023-02-14 03:59:06 +00:00
Jeffrey Huang
5c1b962965 Merge "Restrict system server from reading statsd data" am: 01fd5eb907 am: e53a5b25b6 am: 6788ed4f1c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2410783

Change-Id: Ie7c7bc680c96aab593f115303a9c1b85664877ed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 00:51:35 +00:00
Akilesh Kailash
63a21044f2 Set sepolicy for ublk control device and block device 
ublk-control device: /dev/ublk-control
ublk-block device: /dev/block/ublkbN where N is 0,1,2..

Bug: 269144965
Test: Verify sepolicy changes through kernel logs when user-space daemon
communicates with ublk driver

Change-Id: I10de557566e3c0628ea72fbbda4cff21e7cda68f
Signed-off-by: Akilesh Kailash <akailash@google.com>
 2023-02-13 16:30:40 -08:00
Jeffrey Huang
e53a5b25b6 Merge "Restrict system server from reading statsd data" am: 01fd5eb907 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2410783

Change-Id: I18a4d57758865141a9e0b6f479ff5aabf8db0ece
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-13 23:07:21 +00:00
Jeffrey Huang
01fd5eb907 Merge "Restrict system server from reading statsd data" 2023-02-13 22:37:09 +00:00
feiyuchen
70e1942fb3 Add SELinux policy for edgetpu_native device_config prop 
The new android property namespace will store the configurations which are set on the server side and read by the EdgeTpu HAL.

Notes:
* This CL is similar to nnapi_native CL: https://android-review.git.corp.google.com/c/platform/system/sepolicy/+/1844919
* The read permission of EdgeTpu HAL will be added in another internal CL.

Test: mm
Bug: 243553703
Bug: 246401730
Change-Id: I5705f679148b313d919f334c51e31f7645aca82a
 2023-02-13 21:55:57 +00:00
Pedro Loureiro
58847ab171 Add SEPolicy for device config service 
A new mainline module that will have the device config logic requires a new service (device_config_updatable).

Bug: 252703257

Test: manual because logic that launches service is behind flag

Change-Id: I4ffba0c7d2afc44af8438b7d84d836e42388bd7d
 2023-02-13 09:37:12 +00:00
Jeff Sharkey
36e24fc6f7 Merge "Add dropbox entries as files to dumpstate ZIP." am: 3926d95720 am: 89f51e46f2 am: 3662756348 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422870

Change-Id: I80adc4ebf7f1a49b475cc64f62160fc48cdc9d7e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-10 23:11:06 +00:00
Jeff Sharkey
89f51e46f2 Merge "Add dropbox entries as files to dumpstate ZIP." am: 3926d95720 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422870

Change-Id: I4481603e241edea765e7a745ed69bf31f0735b21
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-10 21:31:36 +00:00
Jeff Sharkey
3926d95720 Merge "Add dropbox entries as files to dumpstate ZIP." 2023-02-10 20:41:51 +00:00
Krishang Garodia
cae679a22d Merge "Update SE policy for all media provider processes" am: 6e51f51b5f am: 98cc4fec56 am: 1fc7e3ba0f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2429034

Change-Id: Iac5966beac9c22d01207396da49e5fbbc9400505
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-10 15:30:47 +00:00
Jeff Sharkey
ef5e5c82d4 Add dropbox entries as files to dumpstate ZIP. 
Since each dropbox entry is already stored as a file on disk, include
them as-is into the dumpstate ZIP file.

The dumpsys output has already included truncated versions of all
dropbox entries for many years, and adding them as separate files
inside the dumpstate ZIP will speed up debugging and issue triage.

Bug: 267673062
Test: manual
Change-Id: I6e83dd01221f43bb2e2efc1a12368db30a545c71
 2023-02-10 14:02:35 +00:00
Krishang Garodia
98cc4fec56 Merge "Update SE policy for all media provider processes" am: 6e51f51b5f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2429034

Change-Id: Ia3bcaf702b2ccadce5186f869baebd8c6afad56d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-10 13:59:33 +00:00
Krishang Garodia
6e51f51b5f Merge "Update SE policy for all media provider processes" 2023-02-10 13:57:52 +00:00
Krishang Garodia
caf7984a2e Update SE policy for all media provider processes 
Bug: 230394838
Bug: 195009152
Test: manual
Change-Id: Ic8e1d45c910e1455dd28bfb748d134c066a33591
 2023-02-10 11:06:53 +00:00
Etienne Ruffieux
66a07f60a1 Add bluetooth_prop to system_server sepolicy. 
We need to be able to access Bluetooth sysprops from
BluetoothManagerService.

Fix: 268537356
Bug: 217292806
Test: atest CtsBluetoothTestCases
Tag: #feature
Change-Id: Ia4d5d286ccf94f61bbc87e9063d22b8822806e5c
(cherry picked from commit 3b39e92bd9)
Merged-In: Ia4d5d286ccf94f61bbc87e9063d22b8822806e5c
 2023-02-10 00:17:11 +00:00
Charlie Wang
b240222f41 Merge "Extension of isolated_compute_app for media services." am: bc778658ab am: 55886d20d9 am: 4cd8e4ef41 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2411335

Change-Id: Id6faecafa7b62d9e82a56d833222ecb366d1e416
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 21:03:24 +00:00
Max Bires
1ac58d12be Merge "Allow GMSCore to read RKP properties." am: db8a6b31ca am: 5516282b8b am: 76d8c830f8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2428194

Change-Id: I050a338e9805b050586bdc0d30d4ed01ec248d84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 21:00:13 +00:00
Charlie Wang
55886d20d9 Merge "Extension of isolated_compute_app for media services." am: bc778658ab 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2411335

Change-Id: I1133741d332cd7cdf075db8330baf1db61f58105
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 18:29:54 +00:00
Max Bires
5516282b8b Merge "Allow GMSCore to read RKP properties." am: db8a6b31ca 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2428194

Change-Id: I5b0aa3092d77a1e3c8917cd36d8a076b7d783f88
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 18:29:40 +00:00
Henri Chataing
38b90d44d0 Merge "Define the permissions for Nfc sysprops" am: ff275229d1 am: 1f26ebadf8 am: 80c5782174 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2424852

Change-Id: Ifcbe6d1eac4f6af02a5fd8263d4fa8a5ec0951f7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 18:23:44 +00:00
Charlie Wang
bc778658ab Merge "Extension of isolated_compute_app for media services." 2023-02-09 18:13:57 +00:00
Max Bires
db8a6b31ca Merge "Allow GMSCore to read RKP properties." 2023-02-09 17:51:57 +00:00
Henri Chataing
1f26ebadf8 Merge "Define the permissions for Nfc sysprops" am: ff275229d1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2424852

Change-Id: Ief06daa97a1ff07a8ebdc2cc1f0a77e769d2f76a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 17:01:39 +00:00
Henri Chataing
ff275229d1 Merge "Define the permissions for Nfc sysprops" 2023-02-09 16:08:40 +00:00
Jack He
54ac416034 Merge "Add sysprop for LeAudio inband ringtone support" am: 796621872b am: 259ea80e91 am: 030470c067 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422865

Change-Id: I5c4390e3b7848824914e9ffe2a839bd4452a8de9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 03:37:31 +00:00
Jack He
259ea80e91 Merge "Add sysprop for LeAudio inband ringtone support" am: 796621872b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422865

Change-Id: Ie3311c5fa54dad74f20578faba36fbd4981f1625
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-09 02:09:07 +00:00
Jack He
796621872b Merge "Add sysprop for LeAudio inband ringtone support" 2023-02-09 01:36:31 +00:00
Max Bires
89bbb2581b Allow GMSCore to read RKP properties. 
GMSCore requires access to read RKP properties in order for test suites
to validate the hostname is properly set.

Test: N/A
Change-Id: If537e58d4df74516435bec8955c83bb5494a80f0
 2023-02-08 17:14:47 -08:00
Charles Chen
3e9f05faa3 Extension of isolated_compute_app for media services. 
Support media use cases in isolated_compute_app such as decoding with MediaCodecs.

Bug:266943251
Test: m &&  manual - sample app with IsolatedProcess=True can use MediaCodec.

Change-Id: I864dcfb16494efada2fbd2a7d34b5d7f6b8128cb
 2023-02-08 15:48:25 -08:00
Brian Julian
3e91bef971 Merge "Backports sepolicy for AltitudeService to T." am: f388934ffe am: e346f2fe80 am: 0966a7e8a3 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2406792

Change-Id: I942be729355e8a833f3fdca7023f2eba4d09ac6a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-08 19:38:08 +00:00
Ryan Savitski
9946954214 Merge "sepolicy: rework perfetto producer/profiler rules for "user" builds" am: b9a365a35f am: de2aa42a42 am: 93735cd5f5 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2419280

Change-Id: I0f5a6113f73d3e0b89eda8ae627a60d566a19ecd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-08 19:35:14 +00:00
Brian Julian
e346f2fe80 Merge "Backports sepolicy for AltitudeService to T." am: f388934ffe 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2406792

Change-Id: I8cd9387e7b27e032e38b23a531a710a8801c6a5b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-08 18:51:22 +00:00
Hongwei Wang
95f1221fc1 Allow platform_app:systemui to write protolog file 
This is enabled on debuggable builds only, includes
- Grant mlstrustedobject typeattribute to wm_trace_data_file
- Grant platform_app (like systemui) the write access to
  wm_trace_data_file

Bug: 251513116
Test: adb shell dumpsys activity service SystemUIService \
      WMShell protolog [start | stop]
Ignore-AOSP-First: cherry-pick of aosp/2397593
Merged-In: I9f77f8995e4bf671616ce6c49eeb93720e31430e
Change-Id: I9f77f8995e4bf671616ce6c49eeb93720e31430e
 2023-02-08 18:30:30 +00:00
Brian Julian
f388934ffe Merge "Backports sepolicy for AltitudeService to T." 2023-02-08 18:28:25 +00:00
Ryan Savitski
de2aa42a42 Merge "sepolicy: rework perfetto producer/profiler rules for "user" builds" am: b9a365a35f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2419280

Change-Id: Ie9d2cdac2900cdadda71e69dff5402a50536b187
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-08 18:16:07 +00:00
Ryan Savitski
b9a365a35f Merge "sepolicy: rework perfetto producer/profiler rules for "user" builds" 2023-02-08 17:23:44 +00:00
Patty Huang
a2ef6f9584 Add system property for leaudio_allow_list 
Bug: 239768625
Test: Manual
Tag: #feature
Change-Id: I95e9672e452b3cfbec6ea57052444fcf833fdeab
 2023-02-08 13:39:02 +08:00
Łukasz Rymanowski
88193e8aa1 Add sysprop for LeAudio inband ringtone support 
Bug: 242685105
Test: manual
Change-Id: I9e884c0c2765285110cde943e5eb419139167a50
 2023-02-07 22:31:12 +00:00
Henri Chataing
60eaabc953 Define the permissions for Nfc sysprops 
Bug: 268219397
Test: m
Change-Id: Ic945e56ce947c3ddae4847f007e6870e3188c065
 2023-02-07 21:57:13 +00:00
Brian Julian
32b0a39d27 Backports sepolicy for AltitudeService to T. 
Test: VtsHalAltitudeServiceTargetTest
Bug: 265013616
Change-Id: I8eb6af8b9350e0d021ef781eb9f3776b4adf3b7f
Merged-In: I8eb6af8b9350e0d021ef781eb9f3776b4adf3b7f
 2023-02-07 19:38:17 +00:00
Jakub Rotkiewicz
b7884d224b Merge "Bluetooth: Added sepolicy for Snoop Logger filtering" am: db85fd141e am: 2d1023f256 am: f68cfdc840 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2302410

Change-Id: Icb388027cd49707fa8148a820e4416b91cb0abba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-07 14:10:43 +00:00
Jaewan Kim
379a267f44 Allow virtualizationmanager to read AVF debug policy am: 93f5788ec5 am: a6f591b123 am: 1ec293d239 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2423325

Change-Id: I4bc8181e4b0565bfdafd39f71bb4512c8b8e49f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-07 14:10:23 +00:00
Jakub Rotkiewicz
2d1023f256 Merge "Bluetooth: Added sepolicy for Snoop Logger filtering" am: db85fd141e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2302410

Change-Id: I01ef5cc083efda96bd1083949a39e4177ca45a73
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-07 12:48:24 +00:00
Jaewan Kim
a6f591b123 Allow virtualizationmanager to read AVF debug policy am: 93f5788ec5 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2423325

Change-Id: Iddb3d51769a1a2f0d39d6612698ec411b891f958
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-07 12:47:48 +00:00
Jakub Rotkiewicz
db85fd141e Merge "Bluetooth: Added sepolicy for Snoop Logger filtering" 2023-02-07 11:51:56 +00:00
Jeffrey Huang
fcf5a91e00 Restrict system server from reading statsd data 
Bug: 267367423
Test: m -j
Change-Id: I0628142c2380cf568643f864ae211fbf5380550c
 2023-02-06 18:29:21 -08:00
Jaewan Kim
93f5788ec5 Allow virtualizationmanager to read AVF debug policy 
virtualizationmanager may handle some AVF debug policies for unproteted VM.

Bug: 243630590
Test: Run unprotected VM with/without ramdump
Change-Id: I2941761efe230a9925d1146f8ac55b50e984a4e9
 2023-02-07 02:04:02 +09:00
Avichal Rakesh
ed10aaef4a Merge "Prevent non-system apps from read ro.usb.uvc.enabled" am: 36c4d512be am: b95f1e539a am: aecb5d5348 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2415830

Change-Id: Ibf60937f28f52ff47920be00437c9c0b2d829d02
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 21:36:07 +00:00
Avichal Rakesh
b95f1e539a Merge "Prevent non-system apps from read ro.usb.uvc.enabled" am: 36c4d512be 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2415830

Change-Id: Ie3acb6f962e05a3f9ddc6036590e3ec67ed650d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 20:31:11 +00:00
Avichal Rakesh
36c4d512be Merge "Prevent non-system apps from read ro.usb.uvc.enabled" 2023-02-03 20:00:44 +00:00
Ryan Savitski
941ba723ba sepolicy: rework perfetto producer/profiler rules for "user" builds 
This patch:
* allows for heap and perf profiling of all processes on the system
  (minus undumpable and otherwise incompatible domains). For apps, the
  rest of the platform will still perform checks based on
  profileable/debuggable manifest flags. For native processes, the
  profilers will check that the process runs as an allowlisted UID.
* allows for all apps (=appdomain) to act as perfetto tracing data
  writers (=perfetto_producer) for the ART java heap graph plugin
  (perfetto_hprof).
* allows for system_server to act a perfetto_producer for java heap
  graphs.

Bug: 247858731
Change-Id: I792ec1812d94b4fa9a8688ed74f2f62f6a7f33a6
 2023-02-03 15:05:14 +00:00
Treehugger Robot
d133a590be Merge "Add selinux permissions for DeviceAsWebcam Service" am: 870b368ec5 am: d1c26af880 am: 85a80d68b4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2410788

Change-Id: I84ad844083d315a4a59b6ff0009bd2a0790e8a35
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 02:53:38 +00:00
Treehugger Robot
d1c26af880 Merge "Add selinux permissions for DeviceAsWebcam Service" am: 870b368ec5 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2410788

Change-Id: I4f2f7feac7862ff525e1ebf15c7ee1f036ca9fb3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 02:00:29 +00:00
Treehugger Robot
870b368ec5 Merge "Add selinux permissions for DeviceAsWebcam Service" 2023-02-03 01:40:58 +00:00
Cody Northrop
b2d861307f Merge "Add EGL blobcache multifile properties" am: 1f1705917e am: 2008915bf8 am: 1ba4d0db97 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2402875

Change-Id: I9cf31f31fba6a8b3f85dea4a4902be5d4f6a170e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 22:10:50 +00:00
Sumit Bhagwani
8bf2a56e26 Non app processes shouldn't be able to peek checkin data am: 7602d0f348 am: 3241672e80 am: 72c84139b2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2417613

Change-Id: I9cfc59650c2bab7c88757befd4a944970005af60
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 21:49:25 +00:00
Alex Hong
4e8fb27bfa Merge changes from topic "fix_missing_set_denials" am: e79c506fe4 am: 41d99a9951 am: f842449fc4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2410790

Change-Id: I7f4ff3221f5289ef2a069b533586c2be9bc60a7e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 21:47:43 +00:00
Alex Hong
0eecd559e3 Allow vendor_init to set properties for recovery/fastbootd USB IDs am: 1abf80e5c1 am: 255a5ae441 am: 503875252d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2388472

Change-Id: Idbff984eb4f60d3faf773c3be0916789050a625c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 21:47:41 +00:00
Karthik Mahesh
4ccdb766a4 Merge "Add sepolicy for ODP system server service." am: 4fd76147c4 am: 4fc055b5cd am: 5fe0aaca94 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2402876

Change-Id: I8af698adfffd3b336217f9ae4f9d3fa8b87f3e22
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 21:47:26 +00:00
Charles Chen
04506d797b Merge "Creates mapping from isolated apps to isolated_compute_app" am: 3d629cdb5d am: 42564316e9 am: 707c2aef33 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2406772

Change-Id: I640235a8b86ee336086da5155ee7caf821b8fd69
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 21:46:49 +00:00
Girish
1b57ad1f1f Allow communication between mediaserver & statsd am: f9ef01a285 am: 82eb62f34d am: bf9f60c879 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2411339

Change-Id: Icb15720334642e842c089b6a9486c1a034aa1a7a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 21:33:17 +00:00
Cody Northrop
2008915bf8 Merge "Add EGL blobcache multifile properties" am: 1f1705917e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2402875

Change-Id: I73b5c4786e2cff76b395914857ed6630850ebb9e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 21:15:51 +00:00
Cody Northrop
1f1705917e Merge "Add EGL blobcache multifile properties" 2023-02-02 20:55:50 +00:00
Avichal Rakesh
e2cb0f2813 Prevent non-system apps from read ro.usb.uvc.enabled 
ro.us.uvc.enabled should not be readable from apps that can't or
shouldn't act on UVC support. This means all non-system apps. This CL
adds an explicit neverallow rule to prevent all appdomains (except
system_app and device_as_webcam).

Bug: 242344221
Bug: 242344229
Test: Build passes, manually confirmed that non-system apps cannot
      access the property
Change-Id: I1a40c3c3cb10cebfc9ddb791a06f26fcc9342ed9
 2023-02-02 12:26:33 -08:00
Avichal Rakesh
e0929241a1 Add selinux permissions for DeviceAsWebcam Service 
DeviceAsWebcam is a new service that turns an android device into a
webcam. It requires access to all services that a
regular app needs access to, and it requires read/write permission to
/dev/video* nodes which is how the linux kernel mounts the UVC gadget.

Bug: 242344221
Bug: 242344229
Test: Manually tested that the service can access all the nodes it
      needs, and no selinux exceptions are reported for the service
      when running.
Change-Id: I45c5df105f5b0c31dd6a733f50eb764479d18e9f
 2023-02-02 12:26:33 -08:00
Sumit Bhagwani
3241672e80 Non app processes shouldn't be able to peek checkin data am: 7602d0f348 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2417613

Change-Id: Iab7cebd106f5b6b7217ad81449705ed6f92e89c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 20:12:29 +00:00
Sumit Bhagwani
7602d0f348 Non app processes shouldn't be able to peek checkin data 
Change-Id: I1df0ce47ae9d08f66689f82e21656cbdd70d7f25
Test: Manually built the change and flashed the device.
Bug: 197636740
 2023-02-02 17:51:51 +00:00
Alfred Piccioni
30ae427ed0 Adds support for fuseblk binaries. 
This is a rather large, single change to the SEPolicies, as fuseblk
required multiple new domains. The goal is to allow any fuseblk
drivers to also use the same sepolicy.

Note the compartmentalized domain for sys_admin and mount/unmount
permissions.

Bug: 254407246

Test: Extensive testing with an ADT-4 and NTFS USB drives.
Change-Id: I6619ac77ce44ba60edd6ab10e8436a8712459b48
 2023-02-02 15:32:39 +01:00
Alex Hong
41d99a9951 Merge changes from topic "fix_missing_set_denials" am: e79c506fe4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2410790

Change-Id: I24358b23b958974800af032577f7b6758e0f05c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 14:23:14 +00:00
Alex Hong
255a5ae441 Allow vendor_init to set properties for recovery/fastbootd USB IDs am: 1abf80e5c1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2388472

Change-Id: I01ea3a4ebb6d5111941e61f8a7e41bbff2d83a3c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 14:23:10 +00:00