tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
13069 commits 1 branch 0 tags 50 MiB
Commit graph

5 commits

Author SHA1 Message Date
Jeff Vander Stoep
53950b6595 Fix bug map entry 
Tclass was omitted for two entries.

Bug: 69928154
Bug: 69366875
Test: build
Change-Id: Ie12c240b84e365110516bcd786b98dc37295fdb9
 2017-11-29 14:48:41 -08:00
Jeff Vander Stoep
378763f218 Remove tracking bugs that have been resolved 
Bug: 69175449
Bug: 69197466
Test: build
Change-Id: I11e46b65449cb6f451ecab8d4dff9adc162fe115
 2017-11-20 22:14:32 -08:00
Jeff Vander Stoep
41401f475a Add tracking bugs to crash_dump denials 
avc: denied { search } for name="com.sf.activity" dev="sda35"
ino=1444147 scontext=u:r:crash_dump:s0:c512,c768
tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir
avc: denied { search } for comm="crash_dump64"
name="com.android.bluetooth" dev="sda13" ino=1442292
scontext=u:r:crash_dump:s0 tcontext=u:object_r:bluetooth_data_file:s0
tclass=dir
avc: denied { search } for comm="crash_dump64" name="overlay" dev="dm-1"
ino=938 scontext=u:r:crash_dump:s0
tcontext=u:object_r:vendor_overlay_file:s0 tclass=dir permissive=0

Bug: 68705274
Bug: 68319037
Test: build
Change-Id: I44075ac6bf6447d863373c97ba10eadf59d2d22f
 2017-11-14 22:11:15 +00:00
Jeff Vander Stoep
29666d125f Add tracking bugs to denials 
These denials should not be allowed. Adding a bug number to the
denial properly attributes them to a bug.

Bug: 69197466
avc: denied { fsetid } for comm="update_engine" capability=4
scontext=u:r:update_engine:s0 tcontext=u:r:update_engine:s0
tclass=capability

Bug: 62140539
avc: denied { open }
path="/data/system_de/0/spblob/17a358cf8dff62ea.weaver"
scontext=u:r:vold:s0 tcontext=u:object_r:system_data_file:s0
tclass=file
avc: denied { unlink } for name="17a358cf8dff62ea.weaver"
scontext=u:r:vold:s0 tcontext=u:object_r:system_data_file:s0
tclass=file

Bug: 69175449
avc: denied { read } for name="pipe-max-size" dev="proc"
scontext=u:r:system_server:s0 tcontext=u:object_r:proc:s0 tclass=file

Test: build
Change-Id: I62dc26a9076ab90ea4d4ce1f22e9b195f33ade16
 2017-11-13 08:08:17 -08:00
Jeff Vander Stoep
e82c8ab786 Track priv_app firstboot_prop denial 
This denial should not be allowed. Add bug information to the denial
to give context.

Bug: 63801215
Test: build
Change-Id: I3dc5ce6a5aa1c6bf74c6fd13cab082c7f263c4e8
 2017-10-13 13:02:36 -07:00