Fixes build breakage:
system/sepolicy/private/traced.te:36:ERROR 'unknown type iorapd_tmpfs' at token ';' on line 43166:
Bug: 123445058
Test: build marlin-userdebug
Change-Id: Iefeba03ed2efee92fb0d61214514338c6d999bd1
(cherry picked from commit 426ff11951)
This is being done in preparation for the migration from ashmem to
memfd. In order for tmpfs objects to be usable across the Treble
boundary, they need to be declared in public policy whereas, they're
currently all declared in private policy as part of the
tmpfs_domain() macro. Remove the type declaration from the
macro, and remove tmpfs_domain() from the init_daemon_domain() macro
to avoid having to declare the *_tmpfs types for all init launched
domains. tmpfs is mostly used by apps and the media frameworks.
Bug: 122854450
Test: Boot Taimen and blueline. Watch videos, make phone calls, browse
internet, send text, install angry birds...play angry birds, keep
playing angry birds...
Change-Id: I20a47d2bb22e61b16187015c7bc7ca10accf6358
Merged-In: I20a47d2bb22e61b16187015c7bc7ca10accf6358
(cherry picked from commit e16fb9109c)
An app should never follow a symlink provided by another app.
Test: build, boot Taimen, install some apps, watch youtube, browse
chrome.
Bug: 123350324
Change-Id: Iedd42fe1c27d406f7f58293c20d05e1b7646d8a2
system/sepolicy/Android.mk has become too large (~2k lines) and hard to
navigate. This patch reorganizes build rules for convenience. No
functional changes are made.
Test: m selinux_policy
Change-Id: I9a022b223b2387a4475da6d8209d561bfea228fb
* changes:
Allow `oatpreopt_chroot` to deactivate APEX packages in `/postinstall/apex`.
Allow `oatpreopt` to run `dex2oat` from the Runtime APEX.
Allow `otapreopt_chroot` to mount APEX packages using `apexd` logic.
The dynamic linker always calls access(2) on the path. Don't generate SElinux
denials since the linker does not actually access the path in case the path
does not exist or isn't accessible for the process.
Bug: 120996057
Test: copy ping to /data/local/tmp, run it, no selinux denials
Test: bionic unit tests
Change-Id: Idf33ba7bc6c0d657b6ab0abde6bd078e4bb024e5
Bug: 123367055
Test: used Traceur to take a trace on a user build and verified the
tracepoints are in the resultant trace
Change-Id: I39e963762bf2b9f0e427ee217a3b2a246f970902
selinux_denial_metadate is an concatenation of different bug maps on the
device, including vendor one. This file is only used for debugging, so
we simply move it to /vendor instead of splitting it up.
/vendor/etc/selinux/selinux_denial_metadata has vendor_configs_file
selinux type, which is logd readable.
Bug: 5159394
Test: bug information is still preserved in avc logs, e.g.
audit(0.0:248): avc: denied { read } for
name="u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=18012
scontext=u:r:platform_app:s0:c512,c768
tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=0
b/79617173 app=com.android.systemui
Change-Id: Id5eb9abd3bdeed92feb2aca40880903533468d50
Give apexd permission to execute sh.
Add userdebug_or_eng domains and rules for the test
APEX for pre- and post-install.
Bug: 119260955
Bug: 119261380
Test: atest apexservice_test
Change-Id: I0c4a5e35e096101a53c9d1f212d2db2e63728267
Untrustworthy symlinks dereferenced by priv-apps could cause those apps
to access files they weren't intending to access. Trusted components
such as priv-apps should never trust untrustworthy symlinks from
untrusted apps.
Modify the rules and add a neverallow assertion to prevent regressions.
Bug: 123350324
Test: device boots and no obvious problems.
Change-Id: I8c4a5c9c8571fd29b2844b20b4fd1126db4128c0
The app_zygote should never use any unix sockets, except the
logd socket and some sockets only available on userdebug/eng.
Prevent it from using ptrace.
Bug: 111434506
Test: builds
Change-Id: Ic47cfca51fba0b150a136194ba0e4a8a488c9996
Whitelist the persistent system properties that will be used as
flags in activity manager experiments.
Bug: 120794810
Test: m, flash, test getting flag value in ActivityManagerService.java
Change-Id: I90a10bc87d6db3a64347b62fd02e6f0b12ac9fa8
