Commit graph

17 commits

Author SHA1 Message Date
Stephen Smalley
e8178b31e6 Remove unused userspace security classes.
These are all userspace security class definitions that are
unused in Android; they are only meaningful in Linux distributions.

Change-Id: I99738752da996d9a1c7793eea049d937ffe4255b
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-05-26 16:24:34 -04:00
Chad Brubaker
cbc8f79655 Rename keystore methods and delete unused permissions
Keystore is going through an API cleanup to make names more clear and
remove unclear methods.

Change-Id: I06354ccd0a9a73fd20168bfce9350c451cfaced3
2015-05-14 13:49:24 -07:00
Chad Brubaker
520bb816b8 Add keystore user_changed permission
user_changed will be used for state change methods around android user
creation/deletion.

Change-Id: I295ca9adfc4907b5d7bcf0555f6e5a9a3379635b
2015-05-12 13:24:43 -07:00
Chad Brubaker
8927772caa Add keystore add_auth
This is for the new addAuthToken keystore method from
I7f7647d9a36ea453ec6d62fc84087ca8f76e53dd. These tokens will be used to
authorize keymaster operations. The tokens are HMAC'd and so shouldn't
be fakeable but this is still limited to system_server only.

Change-Id: I3ff46b676ecac8a878d3aa0a25ba9a8b0c5e1f47
2015-03-31 13:03:41 -07:00
dcashman
8f81dcad5b Only allow system_server to send commands to zygote.
Add neverallow rules to ensure that zygote commands are only taken from
system_server.

Also remove the zygote policy class which was removed as an object manager in
commit: ccb3424639821b5ef85264bc5836451590e8ade7

Bug: 19624279

Change-Id: I1c925d7facf19b3953b5deb85d992415344c4c9f
2015-03-09 11:26:56 -07:00
Robin Lee
72acd6bbbe Allow system reset_uid, sync_uid, password_uid
Permits the system server to change keystore passwords for users other
than primary.

(cherrypicked from commit de08be8aa0)

Bug: 16233206
Change-Id: I7941707ca66ac25bd122fd22e5e0f639e7af697e
2014-09-11 11:21:56 -07:00
Riley Spahn
70f75ce9e5 Add fine grained access control to DrmManagerService.
Add policies supporting SELinux MAC in DrmManagerservice.
Add drmservice class with verbs for each of the
functions exposed by drmservice.

Change-Id: Ib758a23302962f41e5103c4853c65adea3a5994e
2014-07-24 13:36:38 -07:00
Stephen Smalley
ba992496f0 Define debuggerd class, permissions, and rules.
Define a new class, permissions, and rules for the debuggerd
SELinux MAC checks.

Used by Ib317564e54e07cc21f259e75124b762ad17c6e16 for debuggerd.

Change-Id: I8e120d319512ff207ed22ed87cde4e0432a13dda
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-07-24 15:33:44 -04:00
Riley Spahn
b8511e0d98 Add access control for each service_manager action.
Add SELinux MAC for the service manager actions list
and find. Add the list and find verbs to the
service_manager class. Add policy requirements for
service_manager to enforce policies to binder_use
macro.

Change-Id: I224b1c6a6e21e3cdeb23badfc35c82a37558f964
2014-07-14 11:09:27 -07:00
Riley Spahn
1196d2a576 Adding policies for KeyStore MAC.
Add keystore_key class and an action for each action supported
by keystore. Add policies that replicate the access control that
already exists in keystore. Add auditallow rules for actions
not known to be used frequently. Add macro for those domains
wishing to access keystore.

Change-Id: Iddd8672b9e9b72b45ee208e6eda608cc9dc61edc
2014-06-26 08:53:10 -07:00
Riley Spahn
f90c41f6e8 Add SELinux rules for service_manager.
Add a service_mananger class with the verb add.
Add a type that groups the services for each of the
processes that is allowed to start services in service.te
and an attribute for all services controlled by the service
manager. Add the service_contexts file which maps service
name to target label.

Bug: 12909011
Change-Id: I017032a50bc90c57b536e80b972118016d340c7d
2014-06-12 20:46:07 +00:00
Nick Kralevich
d7af45d374 add attach_queue to tun_socket
Modeled after http://oss.tresys.com/pipermail/refpolicy/2013-January/006283.html

Addresses the following kernel error message:

  <6>[    3.855423] SELinux:  Permission attach_queue in class tun_socket not defined in policy.
  <6>[    3.862482] SELinux: the above unknown classes and permissions will be denied
  <7>[    3.869668] SELinux:  Completing initialization.

Change-Id: Iad87fcd5348d121a808dbe7ae3c63f8c90fc09fc
2014-06-06 16:51:11 -07:00
dcashman
c4db82cf85 Remove specifycapabilities permission.
specifycapabilities is no longer specified by the zygote userspace manager.
It was removed in commit: 42a4bb5730266f80585e67262c73505d0bfffbf8.  Remove
this permission from policy.

Change-Id: I866a25b590a375a68de6eec9af1b3ef779889985
2014-05-02 19:58:23 -07:00
Stephen Smalley
9ce99e3908 Update binder-related policy.
The binder_transfer_binder hook was changed in the kernel, obsoleting
the receive permission and changing the target of the transfer permission.
Update the binder-related policy to match the revised permission checking.

Change-Id: I1ed0dadfde2efa93296e967eb44ca1314cf28586
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-03-19 22:48:17 +00:00
Stephen Smalley
a1ce2fa221 Define wake_alarm and block_suspect capabilities. 2012-08-10 09:23:21 -04:00
Stephen Smalley
124720a697 Add policy for property service.
New property_contexts file for property selabel backend.
New property.te file with property type declarations.
New property_service security class and set permission.
Allow rules for setting properties.
2012-04-04 10:11:16 -04:00
Stephen Smalley
2dd4e51d5c SE Android policy. 2012-01-04 12:33:27 -05:00