This is in host sepolicy, looked like we pruned it because we didn't
need it - but now we do.
Bug: 297019386
Test: Run VM with encrypted storage, no denials
Change-Id: I6cd5f6bf98e9089ef7c3945c29242daea527592f
Allow Microdroid Manager to setuid/setgid when spawning Microdroid
Launcher.
Allow encryptedstore binary to chmod the root directory.
Also added some neverallow rules, because I was surprised that I
didn't trigger one.
Bug: 296393106
Test: atest MicrodroidTests
Change-Id: I1f224d59548162d0b36c2c9f32710db2c2da5869
Partial revert of:
commit 3e1dc57bf4
commit 30ae427ed0
The current file contexts could break potential implementations of NTFS
by partners in future. I am not rolling back the adjoining
fuseblkd_exec andfuseblkd_untrusted_exec code, because secure
implementations of fuseblk drivers should still endeavour to use the
more compartmentalised policies.
However, as we don't support NTFS officially, we should give
implementors the choices whether to use it or not, even if it will open
the door to potentially less secure implementations.
NTFS Context: http://b/254407246,
https://docs.google.com/document/d/1b5RjdhN2wFFqmLCK0P_chVyiEhiYqNlTn52TFBMNwxk
Bug: 294925212
Test: Builds and boot.
Change-Id: I6d3858517e797b3f7388f9d3f18dd4a11770d5bc
Add SEPolicy for the ThreadNetworkService
Add Fuzzer exception, thread_network service is java only
FR: b/235016403
Test: build and start thread_network service
bug: 262683651
Change-Id: Ifa2e9500dd535b0b4f2ad9af006b8dddaea900db
Starting in Android 11, Android unconditionally disables kernel module
autoloading (https://r.android.com/1254748) in such a way that even the
SELinux permission does not get checked. Therefore, all the SELinux
rules that allow or dontaudit the module_request permission are no
longer necessary. Their presence or absence makes no difference.
Bug: 130424539
Test: Booted Cuttlefish, no SELinux denials.
Change-Id: Ib80e3c8af83478ba2c38d3e8a8ae4e1192786b57
Starting from Android V, vendor seapp_contexts files can't assign
coredomain to vendor apps, as it's Treble violation. This build broken
variable is to suppress the enforcement for devices launching with U or
prior.
Bug: 280547417
Test: set BUILD_BROKEN_VENDOR_SEAPP_USES_COREDOMAIN := true and build
Change-Id: I7b91db8183a867aa490e490e56cb872ea830b21f
As part of Treble, enforce that vendor's seapp_contexts can't label apps
using coredomains. Apps installed to system/system_ext/product should be
labeled with platform side sepolicy.
This change adds the violators attribute that will be used to mark
violating domains that need to be fixed.
Bug: 280547417
Test: manual
Change-Id: I64f3bb2880bd19e65450ea3d3692d1b424402d92
the name "trunk stable" is not recommended to appear in android code
base as it is an internal concept. therefore the name change.
Bug: b/295379636
Change-Id: Ice045ac00e2d4987221cc6516baa0d013e6e0943
This is a common root node for native trunk stable flags in system properties. Each flag in a namespace will appear in the sys prop as
persist.device_config.trunk_stable_flags.<namespace>.<flag>
Bug: b/295379636
Change-Id: I42e4a799781a9ced442cbdcbdb6b905446d72d73
This reverts commit 70d70e6be4.
Reason for revert: See internal bug for clarification: http://b/291191362
Change-Id: If37670f7d71635314c618f7ac88802bfbc6fa007
