tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
41238 commits 1 branch 0 tags 50 MiB
Commit graph

41238 commits

This branch
This branch
All branches
Author SHA1 Message Date
Android Build Coastguard Worker
06bede82c5 Merge cherrypicks of ['googleplex-android-review.googlesource.com/21755501', 'googleplex-android-review.googlesource.com/21755500', 'googleplex-android-review.googlesource.com/21755499'] into sparse-9662652-L34400000958984256. 
SPARSE_CHANGE: I339bfe9eed8765d9d5fdd2fdbb3814d78d596ac6
SPARSE_CHANGE: I00f6323e2721a10138a503f5e300d3ddf39b93fc
SPARSE_CHANGE: Id6b62d0f315002ddef75ed0048ec705b113530d9

Change-Id: I911d5291a6cc025a62242850ad635c6f55f8bd5d
 2023-03-07 18:54:56 +00:00
Alessandra Loro
58990e5ae3 DO NOT MERGE 
Revert "Disallow untrusted apps to read ro.debuggable and ro.secure"

This reverts commit 9fd568871e.

Reason for revert
Bug: 271263976

Change-Id: Id6b62d0f315002ddef75ed0048ec705b113530d9
Merged-In: I40ac5d43da5778b5fa863b559c28e8d72961f831
(cherry picked from commit on googleplex-android-review.googlesource.com host: 41904f2ca280f8a0b0bb18b5d4c5d59f76ea2fe3)
Merged-In: Id6b62d0f315002ddef75ed0048ec705b113530d9
 2023-03-07 18:54:02 +00:00
Alessandra Loro
fdb69747e6 DO NOT MERGE 
Revert "Drop back-compatibility for hiding ro.debuggable and ro.secure"

This reverts commit 8e9a03e4a3.

Reason for revert
Bug: 271263976

Change-Id: I00f6323e2721a10138a503f5e300d3ddf39b93fc
Merged-In: I47f2ddc4fa87bf6c8f872d2679348b2eecddcaad
(cherry picked from commit on googleplex-android-review.googlesource.com host: 2518911f3dbb516c95d13ffe86f3f4c1c920d88b)
Merged-In: I00f6323e2721a10138a503f5e300d3ddf39b93fc
 2023-03-07 18:53:56 +00:00
Alessandra Loro
bdde5827af DO NOT MERGE 
Revert "Hide ro.debuggable and ro.secure from ephemeral and isolated applications"

This reverts commit 813483e069.

Reason for revert
Bug: 271263976

Change-Id: I339bfe9eed8765d9d5fdd2fdbb3814d78d596ac6
Merged-In: I916c9795d96e4a4a453f9aed5e380f11981804e9
(cherry picked from commit on googleplex-android-review.googlesource.com host: 17f38379a9b496ac606e37dc807a0b539f446c33)
Merged-In: I339bfe9eed8765d9d5fdd2fdbb3814d78d596ac6
 2023-03-07 18:53:48 +00:00
Jaewan Kim
7a942187a1 Merge "microdroid: allow init_debug_policy.sh to handle AVF debug policy" am: 11feefd839 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2439933

Change-Id: Ia5d6bb7190ecb224f338ae2cb89b61bc6b5bf78f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-07 10:56:59 +00:00
Jaewan Kim
11feefd839 Merge "microdroid: allow init_debug_policy.sh to handle AVF debug policy" 2023-03-07 10:23:51 +00:00
Jaewan Kim
dc8ce5f8dc microdroid: allow init_debug_policy.sh to handle AVF debug policy 
Test: Boot microdroid with no issue
Bug: 2437372
Change-Id: I485228864cce58922e7e3b3eed4b9bd1c5cce306
 2023-03-07 08:27:34 +09:00
Ioannis Ilkos
e8c801ee24 Fix incorrect domain used in system_server.te am: 0e978ba9f1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2470105

Change-Id: Ib00319669b979ddf0c8fd888d9d5c2c9eae60cb8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 22:16:15 +00:00
Ioannis Ilkos
0e978ba9f1 Fix incorrect domain used in system_server.te 
This was accidentally copied and pasted from the app domain. The intent
was for system_server to be able to read the prop.

Test: manually
Bug: 269246893
Change-Id: I78d5fa62a2e112d3bf363b8d96348a645ef4caaa
 2023-03-06 18:31:25 +00:00
David Brazdil
4bbcdf55e8 Allow system_server to kill crosvm/virtualizationmanager am: f3a922c453 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2456048

Change-Id: I6b8e4c9f04f2956c95652776c75573e977d79696
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 16:28:17 +00:00
David Brazdil
f3a922c453 Allow system_server to kill crosvm/virtualizationmanager 
VirtualizationManager (and indirectly crosvm) now runs as a child
process of the client, which could be a process forked from zygote.
As a result, these get tracked as phantom processes of the client and
system_server will try to kill them if it chooses to kill the client.

Currently this does not work because system_server is not allowed
sigkill for the corresponding domains. In theory, that should not be
a problem because virtualizationmanager will automatically kill any
crosvm instances and terminate itself if its parent dies, but we should
not rely on that fact and instead give system_server the ultimate
control over app process termination.

Bug: 269461627
Test: atest MicrodroidTestApp
Change-Id: Ie0ba5388d00a51812c9424c37f2f74983bea9db8
 2023-03-06 14:31:51 +00:00
Ye Jiao
539b81669a Fix SE policy violation of Wi-Fi vendor AIDL service am: 10a639613a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2459688

Change-Id: Iaf3b1178c1048a799e10049588a7bbdf08c6e924
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 10:05:10 +00:00
Thiébaud Weksteen
dab3b1a1c0 Refactor treble_sepolicy_tests.py 
Introduce a new class TestPolicy to capture all the previous global
variables. This class contains the constructor and loading methods
(Get*) to load its internal state. The tests are modified to accept a
TestPolicy as first argument.

This commit is a no-op. There is no change to the tests.

`git show --ignore-space-change` can be used to skip over the
re-indentation due to the new class.

Bug: 269182257
Test: m selinux_policy (runs treble_sepolicy_tests against all
			compatible versions)
Test: Set DEBUG=True, compare generated scontexts. Identical.
Change-Id: Ia8da115dc1c0109b835e03b95da029b35712d251
 2023-03-06 14:08:11 +11:00
Ye Jiao
10a639613a Fix SE policy violation of Wi-Fi vendor AIDL service 
Wi-Fi vendor AIDL service uses NDK to register itself to service
manager. AServiceManager_registerLazyService registers an
IClientCallback to service manager. The callback is invoked when there
is a transition between having >= 1 clients and having 0 clients (or
vice versa). Please check IClientCallback.aidl. As a result servicemanager may
make binder call to Wi-Fi vendor AIDL service. Since this is not allowed
per current SE policies, "avc denied" occurred:

servicemanager: type=1400 audit(0.0:248): avc: denied { call } for scontext=u:r:servicemanager:s0 tcontext=u:r:hal_wifi_default:s0 tclass=binder permissive=0

We add SE policy for hal_wifi_default to allow binder call like this.

Bug: 270511173
Test: manually build and test, check logs for avc denied

Change-Id: Ia6fcf5fc1cafff0381fc9857805bdc61cc838c1e
 2023-03-03 02:10:50 +00:00
Treehugger Robot
b5f39da9c9 Merge "Add ro.boot.serialconsole property" am: fcf62c8cf4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2450910

Change-Id: I316ee9fc0db8abae6bab40b19acb560239d89c9f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 20:29:11 +00:00
Treehugger Robot
fcf62c8cf4 Merge "Add ro.boot.serialconsole property" 2023-03-02 20:04:33 +00:00
Charles Chen
d2473045b5 Merge "Enable NNAPI for isolated compute app" am: 19f9c34d2c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2464353

Change-Id: Ieca26d4fca6fd39ee293ce7609ceb619a87c1637
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 18:00:37 +00:00
Charles Chen
19f9c34d2c Merge "Enable NNAPI for isolated compute app" 2023-03-02 17:07:42 +00:00
Cole Faust
de73e80b8e Replace SortedStringKeys with SortedKeys am: 22f253cdfc 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2463524

Change-Id: Id98acd71d25615c6f370e43991c375fecec51780
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 23:32:17 +00:00
Paul Lawrence
6b5da95419 Use kernel sys/fs/fuse/features/fuse_bpf flag to enable fuse_bpf 
Bug: 262887267
Test: ro.fuse.bpf.is_running is true
Change-Id: I9c4a54e9ac232e9f35a6be5b3bcc3cc040d64b47
 2023-03-01 14:45:57 -08:00
Alistair Delva
902ca66bb8 Add ro.boot.serialconsole property 
Bootloaders on Android 14 devices will set this.

Bug: 266982931
Bug: 223797063
Bug: 267428635
Change-Id: I45981baf5123090188f7b700bf5987b1ca897490
 2023-03-01 20:53:38 +00:00
Charles Chen
31a7fb09be Enable NNAPI for isolated compute app 
Need access to TPU/GPU for neural models in isolated_compute_app.

Bug: 266923392
Test: m
Change-Id: I2ea7c551b5fe678f383d3854ae295b448e78b460
 2023-03-01 20:27:13 +00:00
Cole Faust
22f253cdfc Replace SortedStringKeys with SortedKeys 
SortedStringKeys is deprecated.

Bug: 193460475
Test: presubmits
Change-Id: I8b0f62964c078ab1d29c27df8ccddf05bd171c23
 2023-03-01 11:00:15 -08:00
Neil Fuller
f9cc371b35 Allow timedetector_service access 4 ephemeral apps am: 05f8ebe1db 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2458789

Change-Id: I01f709577ee85fd357b8ca7eec7c84431c8fae9f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-28 19:39:55 +00:00
Neil Fuller
05f8ebe1db Allow timedetector_service access 4 ephemeral apps 
Allow timedetector_service access for ephemeral apps.

The service call behind currentNetworkTimeClock() moved from
AlarmManager to TimeDetector.

Before this change, alarm_service is accessible by ephemeral apps but
timedetector_service is not. After this change, timedetector_service is
accessible by ephemeral apps, unbreaking the call.

The breakage was not previously noticed because the test involved does
not run in the ephemeral case because of restrictions around what test
infra can do in the ephemeral case. A recent test refactor tests the
method in a different way, revealing the issue.

Bug: 270788539
Test: run cts -m CtsOsTestCases -t android.os.cts.SystemClockNetworkTimeTest#testCurrentNetworkTimeClock
Change-Id: Iafdfb9f13d473bcc65c4e60733e57f1d25c511ab
 2023-02-28 10:11:28 +00:00
Seth Moore
98524e7333 Allow shell to change RKP properties am: d3bd68607e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2456270

Change-Id: I2cf629ec5325c22199dcfe4619441a6e3d67add9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-25 04:56:10 +00:00
Seth Moore
d3bd68607e Allow shell to change RKP properties 
This way, we can change things like the RKP hostname or enablement
from the shell for tests.

Bug: 265196434
Test: manual (adb shell setprop ...)
Change-Id: Ib853eaf29b395705eba57d241df064152220457e
 2023-02-24 13:33:36 -08:00
Alice Wang
13e58cf7b1 [dice] Remove all the sepolicy relating the hal service dice am: 5e94b1698c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2426073

Change-Id: I60664669f08fa3d83dfacb57ebd7da912951ad0a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 19:57:23 +00:00
Alice Wang
5e94b1698c [dice] Remove all the sepolicy relating the hal service dice 
As the service is not used anywhere for now and in the near future.

Bug: 268322533
Test: m
Change-Id: I0350f5e7e0d025de8069a9116662fee5ce1d5150
 2023-02-24 08:34:26 +00:00
Nathan Huckleberry
fd4f3224bf Merge "Allow vold to use FS_IOC_GET_ENCRYPTION_KEY_STATUS" am: a5df438a2a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2451745

Change-Id: I131ca1785c4815a6d2fd7d4bd93c8f45ed88b345
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 08:30:59 +00:00
Treehugger Robot
733344c1fd Merge "Track tombstone_transmit denial" am: 0970a31811 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2452626

Change-Id: Iccd5c0b0e5ff9f347295559a425ebe7c1e6003fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 08:30:36 +00:00
Nathan Huckleberry
a5df438a2a Merge "Allow vold to use FS_IOC_GET_ENCRYPTION_KEY_STATUS" 2023-02-24 08:18:07 +00:00
Fenglin Wu
fe916342fc Add label for charger property 
Label charger property: ro.product.charger.unplugged_shutdown_time.

Bug: 267265061
Test: update the property in charger mode
Change-Id: I6c67123ac53f489851a8ad313e8aa40f67a3786e
 2023-02-24 15:58:27 +08:00
Treehugger Robot
0970a31811 Merge "Track tombstone_transmit denial" 2023-02-24 03:11:00 +00:00
Inseob Kim
1c9a82974a Track tombstone_transmit denial 
Bug: 264420112
Test: N/A
Change-Id: I5caec836d540b8686ed1d8b6ceb537038db866d8
 2023-02-24 00:32:55 +09:00
Nathan Huckleberry
ffb9f8855a Allow vold to use FS_IOC_GET_ENCRYPTION_KEY_STATUS 
This ioctl can be used to avoid a race condition between key
reinstallation and busy files clean up.

Test: Trigger busy file clean-up and ensure that the ioctl succeeds
Bug: 140762419

Change-Id: I153c2e7b2d5eb39e0f217c9ef8b9dceba2a5a487
 2023-02-23 00:49:42 +00:00
Jeffrey Carlyle
05ed381f07 Add DCK property to read SE capabilities am: 923a51af57 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2444719

Change-Id: Iaae283bfad7a7c9fe84746f09b68abee64f2266c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 22:50:23 +00:00
Jeffrey Carlyle
923a51af57 Add DCK property to read SE capabilities 
Bug: 229777047
Test: verify that property is correcly read during system boot
Change-Id: I3c7d2fabb575864ee0a9e5277f7cb715374872c6
Signed-off-by: Jeffrey Carlyle <jcarlyle@google.com>
 2023-02-22 19:58:31 +00:00
Atneya Nair
75c3754684 Merge "Allow STHAL to read model params from system" am: b2ad5b058b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2441620

Change-Id: I057efbee332c305b37e02bacd562027e739cc6d0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 18:38:37 +00:00
Frederick Mayle
707bd25fdb Merge "Allow crash_dump on crosvm" am: b01c7addc2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2441306

Change-Id: Id979ea9ff5e9f1d74d07a26fb68e0c197f91c95f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 18:38:16 +00:00
Atneya Nair
b2ad5b058b Merge "Allow STHAL to read model params from system" 2023-02-22 18:11:28 +00:00
Frederick Mayle
b01c7addc2 Merge "Allow crash_dump on crosvm" 2023-02-22 18:01:56 +00:00
Nikita Ioffe
475bf54d5e Merge "Add sepolicy rules for hyp ftrace instance" am: 959cbb54e8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2441425

Change-Id: I63561b94179dda830b96afd67a744cc29c1b38e6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 11:47:11 +00:00
Treehugger Robot
c82b062d97 Merge "Allow dumpstate to read /data/system/shutdown-checkpoints/" am: 863cedfae6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422419

Change-Id: I8c47edbc31e2bf7bf0142ed0cb63af32385c6160
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 11:44:51 +00:00
Nikita Ioffe
959cbb54e8 Merge "Add sepolicy rules for hyp ftrace instance" 2023-02-22 11:25:54 +00:00
Treehugger Robot
863cedfae6 Merge "Allow dumpstate to read /data/system/shutdown-checkpoints/" 2023-02-22 10:21:25 +00:00
Ryan Savitski
a13f14e640 Merge "Correct hal_configstore label used in profiler rules" am: 47cb9d8a5d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2447064

Change-Id: Ica6e2a3217a7ed669533173d0c96af335fd66ca1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 04:06:41 +00:00
Atneya Nair
f3096dc93d Allow STHAL to read model params from system 
Test: Compiles
Bug: 269544793
Change-Id: I3ea576c6ef092b27f602b047497e5c01fe36e057
 2023-02-22 03:27:29 +00:00
Ryan Savitski
47cb9d8a5d Merge "Correct hal_configstore label used in profiler rules" 2023-02-22 03:15:59 +00:00
Pawan Wagh
5f14440b76 Adding resolv_service_fuzzer to bindings am: 3e019dd623 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2444083

Change-Id: If11f3ce8fc2f520511fb4d299fe3874e418a6f9e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 21:46:19 +00:00