Commit graph

82 commits

Author SHA1 Message Date
Stephen Smalley
e13fabd75a Label /data/media with its own type and allow access.
/data/media presently is left in system_data_file, which requires
anything that wants to write to it to be able to write to system_data_file.
Introduce a new type for /data/media, media_rw_data_file (to match
the media_rw UID assigned to it and distinguish it from /data/misc/media
which has media UID and media_data_file type), and allow access to it.

We allow this for all platform app domains as WRITE_MEDIA_STORAGE permission is granted
to signature|system.  We should not have to allow it to untrusted_app.

Set up type transitions in sdcardd to automatically label any directories
or files it creates with the new type.

Change-Id: I5c7e6245b854a9213099e40a41d9583755d37d42
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-12-17 16:11:23 -05:00
Nick Kralevich
09e6abd91b initial dumpstate domain
Add the necessary rules to support dumpstate.
Start off initially in permissive until it has more testing.

Dumpstate is triggered by running "adb bugreport"

Change-Id: Ic17a60cca1f6f40daa4f2c51e9ad6009ef36cfbd
2013-12-16 15:29:09 -08:00
Nick Kralevich
caa6a32d76 initial inputflinger domain
Add a placeholder domain for inputflinger.
Mark it initially unconfined and enforcing.

Change-Id: I433fd9e1954486136cb8abb084b4e19bb7fc2f19
2013-12-16 08:46:47 -08:00
Nick Kralevich
7466f9b693 Label /data/misc/zoneinfo
And allow any SELinux domain to read these timezone
related files.

Addresses the following denial:
<5>[    4.746399] type=1400 audit(3430294.470:7): avc:  denied  { open } for  pid=197 comm="time_daemon" name="tzdata" dev="mmcblk0p28" ino=618992 scontext=u:r:time:s0 tcontext=u:object_r:system_data_file:s0 tclass=file

Change-Id: Iff32465e62729d7aad8c79607848d89ce0aede86
2013-12-13 15:57:23 -08:00
Nick Kralevich
6a32eec74d alphabetize /data/misc entries.
Alphabetize the entries for the /data/misc subdirectories.

Change-Id: I3690085cbb99c225545545668dedd66341a14edb
2013-12-13 15:57:23 -08:00
Stephen Smalley
acde43f23f Define a domain for the bootanim service.
Leave the domain permissive initially until it gets more testing.

Change-Id: I9d88d76d1ffdc79a2eff4545d37a9e615482df50
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-12-12 09:28:52 -05:00
Nick Kralevich
2b392fccf3 Move lmkd into it's own domain.
lmkd low memory killer daemon

The kernel low memory killer logic has been moved to a new daemon
called lmkd.  ActivityManager communicates with this daemon over a
named socket.

This is just a placeholder policy, starting off in unconfined_domain.

Change-Id: Ia3f9a18432c2ae37d4f5526850e11432fd633e10
2013-12-06 08:16:39 -08:00
Stephen Smalley
7adb999e70 Restrict the ability to set usermodehelpers and proc security settings.
Limit the ability to write to the files that configure kernel
usermodehelpers and security-sensitive proc settings to the init domain.
Permissive domains can also continue to set these values.

The current list is not exhaustive, just an initial set.
Not all of these files will exist on all kernels/devices.
Controlling access to certain kernel usermodehelpers, e.g. cgroup
release_agent, will require kernel changes to support and cannot be
addressed here.

Expected output on e.g. flo after the change:
ls -Z /sys/kernel/uevent_helper /proc/sys/fs/suid_dumpable /proc/sys/kernel/core_pattern /proc/sys/kernel/dmesg_restrict /proc/sys/kernel/hotplug /proc/sys/kernel/kptr_restrict /proc/sys/kernel/poweroff_cmd /proc/sys/kernel/randomize_va_space /proc/sys/kernel/usermodehelper
-rw-r--r-- root     root              u:object_r:usermodehelper:s0 uevent_helper
-rw-r--r-- root     root              u:object_r:proc_security:s0 suid_dumpable
-rw-r--r-- root     root              u:object_r:usermodehelper:s0 core_pattern
-rw-r--r-- root     root              u:object_r:proc_security:s0 dmesg_restrict
-rw-r--r-- root     root              u:object_r:usermodehelper:s0 hotplug
-rw-r--r-- root     root              u:object_r:proc_security:s0 kptr_restrict
-rw-r--r-- root     root              u:object_r:usermodehelper:s0 poweroff_cmd
-rw-r--r-- root     root              u:object_r:proc_security:s0 randomize_va_space
-rw------- root     root              u:object_r:usermodehelper:s0 bset
-rw------- root     root              u:object_r:usermodehelper:s0 inheritable

Change-Id: I3f24b4bb90f0916ead863be6afd66d15ac5e8de0
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-12-06 09:44:38 -05:00
Robert Craig
b2547644ef Drop tegra specific label from policy.
This label was originally used for Motorola
Xoom devices. nvmap is the tegra gpu memory
manager and the various nvhost drivers are
for tegra graphics related functionality,
i.e. display serial interface, image signal
processor, or media processing stuff.

Only grouper and tilapia presently need this
policy.

Change-Id: I2a7000f69abf3185724d88d428e8237e0ca436ec
2013-12-05 13:29:07 -08:00
Stephen Smalley
081aed2133 Default to socket_device for anything under /dev/socket.
Otherwise sockets that have no specific entry match the /dev(/.*) entry
instead, leaving them in device type rather than socket_device type.
Every socket should get its own entry regardless, but this at least puts
it into a more specific type by default.

Change-Id: I97f7999af7f9f83484d3a51440dda791d3726f1a
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-12-02 09:02:22 -05:00
Stephen Smalley
8510d31ed3 Rename camera_calibration_file and audio_firmware_file.
Use more general type names for the contents of /data/misc/camera and
/data/misc/audio.  These were the names used in our policy until 4.3
was released, at which point we switched to be consistent with AOSP.
However, the Galaxy S4 4.2.2 image, Galaxy S4 4.3 image, and
Galaxy Note 3 4.3 image all shipped with policies using _data_file names
because they were based on our older policy.  So we may as well switch
AOSP to these names.

Not sure if in fact these could be all coalesced to the new media_data_file
type for /data/misc/media introduced by
Ic374488f8b62bd4f8b3c90f30da0e8d1ed1a7343.

Options to fix already existing devices, which would only apply
to Nexus devices with 4.3 or 4.4 at this point:
1) Add restorecon_recursive /data/misc/audio /data/misc/camera to either
the system/core init.rc or to the device-specific init.*.rc files.
-or-
2) Add a typealias declaration in the policy to remap the old type names.
to the new ones.  Then existing types on persistent storage will be
remapped internally to the new ones.
-or-
3) Some sort of relabeld.

Option #2 is implemented by this change.

Change-Id: Id36203f5bb66b5200efc1205630b5b260ef97496
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-11-12 17:01:44 -05:00
Stephen Smalley
af47ebb67a Label /dev/fscklogs and allow system_server access to it.
Otherwise you get denials such as:
type=1400 audit(1383590310.430:623): avc:  denied  { getattr } for  pid=1629 comm="Thread-78" path="/dev/fscklogs/log" dev="tmpfs" ino=1642 scontext=u:r:system_server:s0 tcontext=u:object_r:device:s0 tclass=file
type=1400 audit(1383590310.430:624): avc:  denied  { open } for  pid=1629 comm="Thread-78" name="log" dev="tmpfs" ino=1642 scontext=u:r:system_server:s0 tcontext=u:object_r:device:s0 tclass=file
type=1400 audit(1383590310.430:625): avc:  denied  { write } for  pid=1629 comm="Thread-78" name="fscklogs" dev="tmpfs" ino=1628 scontext=u:r:system_server:s0 tcontext=u:object_r:device:s0 tclass=dir
type=1400 audit(1383590310.430:625): avc:  denied  { remove_name } for  pid=1629 comm="Thread-78" name="log" dev="tmpfs" ino=1642 scontext=u:r:system_server:s0 tcontext=u:object_r:device:s0 tclass=dir
type=1400 audit(1383590310.430:625): avc:  denied  { unlink } for  pid=1629 comm="Thread-78" name="log" dev="tmpfs" ino=1642 scontext=u:r:system_server:s0 tcontext=u:object_r:device:s0 tclass=file

Change-Id: Ia7ae06a6d4cc5d2a59b8b85a5fb93cc31074fd37
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-11-11 11:52:24 -08:00
Stephen Smalley
a771671877 Label /data/misc/media and allow mediaserver access to it.
Otherwise we get denials like these on 4.4:

type=1400 audit(1383590170.360:29): avc:  denied  { write } for  pid=61 comm="mediaserver" name="media" dev="mtdblock1" ino=6416 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=dir
type=1400 audit(1383590170.360:29): avc:  denied  { add_name } for  pid=61 comm="mediaserver" name="emulator.camera.hotplug.0" scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=dir
type=1400 audit(1383590170.360:29): avc:  denied  { create } for  pid=61 comm="mediaserver" name="emulator.camera.hotplug.0" scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=file
type=1400 audit(1383590170.360:29): avc:  denied  { write open } for  pid=61 comm="mediaserver" name="emulator.camera.hotplug.0" dev="mtdblock1" ino=6431 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=file
type=1400 audit(1383590255.100:231): avc:  denied  { write } for  pid=832 comm="mediaserver" name="emulator.camera.hotplug.0" dev="mtdblock1" ino=6431 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=file
type=1400 audit(1383590255.100:231): avc:  denied  { open } for  pid=832 comm="mediaserver" name="emulator.camera.hotplug.0" dev="mtdblock1" ino=6431 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=file

Change-Id: Ic374488f8b62bd4f8b3c90f30da0e8d1ed1a7343
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-11-07 16:22:50 -08:00
Elliott Hughes
aaac24688e /system/bin/ash and /system/bin/mksh are dead.
Long live /system/bin/sh!

Change-Id: I5af63c1bdc3585835ee273ed9995d8fac14792da
2013-11-07 08:36:16 -08:00
Stephen Smalley
a7c8ea864e Move audio_firmware_file and /data/misc/audio entry to core sepolicy.
Change-Id:  Ib8c96ab9e19d34e8e34a4c859528345763be4906
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-11-06 13:00:52 -05:00
Stephen Smalley
b3c48b66bc Change the type on /dev/uinput to match /dev/uhid.
/dev/uinput is accessed in the same way as /dev/uhid,
and unlike /dev/input/*.  bluetooth requires access to
the former and not to the latter, while shell requires access
to the latter and not the former.  This is also consistent
with their DAC group ownerships (net_bt_stack for /dev/uinput
and /dev/uhid vs input for /dev/input/*).

Change-Id: I0059d832a7fe036ed888c91e1fb96f3e6e0bd2d4
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-31 08:24:49 -07:00
Nick Kralevich
967f39a6e8 Move sysfs_devices_system_cpu to the central policy.
Every device has a CPU. This is not device specific.

Allow every domain to read these files/directories.
For unknown reasons, these files are accessed by A LOT
of processes.

Allow ueventd to write to these files. This addresses
the following denials seen on mako:

<5>[    4.935602] type=1400 audit(1383167737.512:4): avc:  denied  { read } for  pid=140 comm="ueventd" name="cpu0" dev="sysfs" ino=3163 scontext=u:r:ueventd:s0 tcontext=u:object_r:sysfs_devices_system_cpu:s0 tclass=dir
<5>[    4.935785] type=1400 audit(1383167737.512:5): avc:  denied  { open } for  pid=140 comm="ueventd" name="cpu0" dev="sysfs" ino=3163 scontext=u:r:ueventd:s0 tcontext=u:object_r:sysfs_devices_system_cpu:s0 tclass=dir
<5>[    4.935937] type=1400 audit(1383167737.512:6): avc:  denied  { search } for  pid=140 comm="ueventd" name="cpu0" dev="sysfs" ino=3163 scontext=u:r:ueventd:s0 tcontext=u:object_r:sysfs_devices_system_cpu:s0 tclass=dir
<5>[    4.936120] type=1400 audit(1383167737.512:7): avc:  denied  { write } for  pid=140 comm="ueventd" name="uevent" dev="sysfs" ino=3164 scontext=u:r:ueventd:s0 tcontext=u:object_r:sysfs_devices_system_cpu:s0 tclass=file
<5>[    4.936303] type=1400 audit(1383167737.512:8): avc:  denied  { open } for  pid=140 comm="ueventd" name="uevent" dev="sysfs" ino=3164 scontext=u:r:ueventd:s0 tcontext=u:object_r:sysfs_devices_system_cpu:s0 tclass=file

Change-Id: I4766dc571762d8fae06aa8c26828c070b80f5936
2013-10-30 14:12:21 -07:00
William Roberts
ec7d39ba16 Introduce controls on wake lock interface
Change-Id: Ie0ee266e9e6facb2ab2abd652f68765239a41af1
2013-10-03 15:17:32 -07:00
Alex Klyubin
8d688315ae Restrict access to /dev/hw_random to system_server and init.
/dev/hw_random is accessed only by init and by EntropyMixer (which
runs inside system_server). Other domains are denied access because
apps/services should be obtaining randomness from the Linux RNG.

Change-Id: Ifde851004301ffd41b2189151a64a0c5989c630f
2013-10-03 14:25:15 -07:00
Stephen Smalley
55540755bc Label adb keys file and allow access to it.
The /adb_keys entry will only take effect if a restorecon is
applied by init.rc on a kernel that includes the rootfs labeling
support, but does no harm otherwise.

The /data/misc/adb labeling ensures correct labeling of the adb_keys
file created if the device has ro.adb.secure=1 set.

Allow adbd to read the file.

Change-Id: I97b3d86a69681330bba549491a2fb39df6cf20ef
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-01 09:08:28 -04:00
Stephen Smalley
b0712c1e65 Remove /data/local/tmp/selinux entry.
Change-Id I027f76cff6df90e9909711cb81fbd17db95233c1 added a
/data/local/tmp/selinux entry at the same time domains were made
permissive.  I do not know why, and do not see how this is used.
So remove it.

Change-Id: I3218cc18de9781bc65ae403f2cf4c234847ef5f5
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-09-27 10:17:37 -04:00
Stephen Smalley
189558f64a Remove legacy entries from crespo (Nexus S).
These device nodes were specific to crespo / Nexus S and
if ever needed again, should be re-introduced in the per-device
sepolicy, not here.

Change-Id: I8366de83967974122c33937f470d586d49c34652
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-09-26 16:34:57 -04:00
Stephen Smalley
567ee4116e Label /dev/socket/gps with its own type.
The type was already defined and used in type transitions for cases
where the gps socket is created at runtime by gpsd, but on some devices
it is created by init based on an init.<board>.rc socket entry and therefore
needs a file_contexts entry.

Before:
$ ls -Z /dev/socket/gps
srw-rw---- gps      system            u:object_r:device:s0 gps

After:
$ ls -Z /dev/socket/gps
srw-rw---- gps      system            u:object_r:gps_socket:s0 gps

Change-Id: I8eef08d80e965fc4f3e9dd09d4fa446aaed82624
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-09-20 12:32:45 -04:00
Stephen Smalley
4caf8c997a Label /dev/socket/mdns with its own type.
Otherwise it gets left in the general device type, and we get denials such
as:
type=1400 msg=audit(1379617262.940:102): avc:  denied  { write } for  pid=579 comm="mDnsConnector" name="mdns" dev="tmpfs" ino=3213 scontext=u:r:system_server:s0 tcontext=u:object_r:device:s0 tclass=sock_file

This of course only shows up if using a confined system_server.

Change-Id: I2456dd7aa4d72e6fd15b55c251245186eb54a80a
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-09-19 15:09:38 -04:00
Stephen Smalley
a770f55b18 Remove dbusd policy; dbusd is no more.
Change-Id: I9652284bd34d07bd47e2e7df66fcbe5db185ab3f
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-09-13 16:16:25 -07:00
Stephen Smalley
1d435de685 Remove bluetoothd policy; bluetoothd is no more.
Change-Id: I153b0aa8a747d6c79839d06fc04b3923eacfa213
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-09-13 16:15:25 -07:00
Stephen Smalley
0f7641d83d Label all files under /sys/qemu_trace with sysfs_writable.
Otherwise we have different security contexts but the same DAC
permissions:
-rw-rw-rw- root     root              u:object_r:sysfs_writable:s0 process_name
-rw-rw-rw- root     root              u:object_r:sysfs:s0 state
-rw-rw-rw- root     root              u:object_r:sysfs:s0 symbol

This change fixes denials such as:
type=1400 msg=audit(1379096020.770:144): avc:  denied  { write } for  pid=85 comm="SurfaceFlinger" name="symbol" dev="sysfs" ino=47 scontext=u:r:surfaceflinger:s0 tcontext=u:object_r:sysfs:s0 tclass=file

Change-Id: I261c7751da3778ee9241ec6b5476e8d9f96ba5ed
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-09-13 14:24:24 -04:00
Lorenzo Colitti
ab7dfabb61 Fix clatd, broken by selinux policing /dev/tun
Bug: 10175701
Change-Id: I185df22bdbaafd56725760ec6c71340b67455046
2013-08-05 19:53:23 +09:00
Nick Kralevich
3632bb29f0 Remove /sys from file_contexts
/sys was getting labeled as a rootfs file, but according to
genfs_contexts, it's really a sysfs file. This conflict is causing
problems when patch f29c533c49ab1c90eae612b1c454f2c6879a6658 from
system/core is applied.

Change-Id: I3f34c9ee68bedb171ebebfcd356e924c987b58ff
2013-07-15 14:25:27 -07:00
Nick Kralevich
dbd28d91d3 Enable SELinux protections for netd.
This change does several things:

1) Restore domain.te to the version present at
cd516a3266 . This is the version
currently being distributed in AOSP.

2) Add "allow domain properties_device:file r_file_perms;" to
domain.te, to allow all domains to read /dev/__properties__ .
This change was missing from AOSP.

3) Restore netd.te to the version present at
80c9ba5267 . This is the version
currently being distributed in AOSP.

4) Remove anything involving module loading from netd.te. CTS
enforces that Android kernels can't have module loading enabled.

5) Add several new capabilities, plus data file rules, to
netd.te, since netd needs to write to files owned by wifi.

6) Add a new unconfined domain called dnsmasq.te, and allow
transitions from netd to that domain. Over time, we'll tighten up
the dnsmasq.te domain.

7) Add a new unconfined domain called hostapd.te, and allow
transitions from netd to that domain. Over time, we'll tighten up
the hostapd.te domain.

The net effect of these changes is to re-enable SELinux protections
for netd. The policy is FAR from perfect, and allows a lot of wiggle
room, but we can improve it over time.

Testing: as much as possible, I've exercised networking related
functionality, including turning on and off wifi, entering airplane
mode, and enabling tethering and portable wifi hotspots. It's quite
possible I've missed something, and if we experience problems, I
can roll back this change.

Bug: 9618347
Change-Id: I23ff3eebcef629bc7baabcf6962f25f116c4a3c0
2013-06-28 08:24:30 -07:00
repo sync
50e37b93ac Move domains into per-domain permissive mode.
Bug: 4070557
Change-Id: I027f76cff6df90e9909711cb81fbd17db95233c1
2013-05-14 21:36:32 -07:00
Alex Klyubin
77ec892be6 SELinux policy for users of libcutils klog_write.
klog_write/init create /dev/__kmsg__ backed by a kernel character
device, keep the file descriptor, and then immediately unlink the
file.

Change-Id: I729d224347a003eaca29299d216a53c99cc3197c
2013-05-09 12:39:32 -07:00
repo sync
ca326e2c64 Add policy for ping.
Change-Id: I168f681d8c67f470b6e639f0b1bf39346c4eb396
2013-05-02 14:35:41 -07:00
Nick Kralevich
1e25b98074 Revert "Add the sysrq_file special file and give ADB write access."
This rule doesn't work, as /proc/sysrq-trigger isn't properly labeled.
Revert this change for now.

This reverts commit bb2591e56f.
2013-04-25 14:46:36 -07:00
Ben Murdoch
a3f6568590 Revert "DO NOT MERGE Split some device nodes out from device."
This reverts commit 69fbbdd54b.
2013-04-25 12:01:37 +01:00
repo sync
69fbbdd54b DO NOT MERGE Split some device nodes out from device.
Some of these will get factored out into device-specific
configs later.

Change-Id: I359915e2607b56112bb22456d28e06c162fcbdff
2013-04-24 22:09:13 -07:00
Geremy Condra
bb2591e56f Add the sysrq_file special file and give ADB write access.
Change-Id: Ief2d412dddf4cefdf43a26538c4be060df4cc787
2013-04-05 13:13:52 -07:00
Geremy Condra
bfb26e7b07 Add downloaded file policy.
Change-Id: I6f68323cddcf9e13b2a730b8d6b8730587fb4366
2013-04-05 13:13:44 -07:00
Stephen Smalley
74ba8c8613 run-as policy fixes.
- Remove dac_read_search as it is no longer required by run-as.
- Introduce a separate type for /dev/tty so that we can allow use of own tty for
for a run-as shell without allowing access to other /dev/tty[0-9]* nodes.
- Allow sigchld notifications for death of run-as and its descendants by adbd.
- Drop redundant rules for executing shell or system commands from untrusted_app;
now covered by rules in app.te.

Change-Id: Ic3bf7bee9eeabf9ad4a20f61fbb142a64bb37c6c
2013-04-05 13:11:12 -07:00
Robert Craig
ffd8c441a5 Add new domains for private apps.
/data/app-private is used when making an
app purchase or forward locking. Provide a
new label for the directory as well as the
tmp files that appear under it.

Change-Id: I910cd1aa63538253e10a8d80268212ad9fc9fca5
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
2013-04-05 13:10:57 -07:00
Geremy Condra
c529c66f2c Add policy for __properties__ device.
Change-Id: Ie9b391283362fb6930f1ae858f0a879835c91e32
2013-03-29 12:59:21 -07:00
Geremy Condra
ebbee43efb am e69552ba: Revert "Revert "Various minor policy fixes based on CTS.""
* commit 'e69552ba2d76174d443d1b8457295e4d72f2a986':
  Revert "Revert "Various minor policy fixes based on CTS.""
2013-03-27 13:55:32 -07:00
Robert Craig
350d2ae9c9 am 65d4f44c: Various policy updates.
* commit '65d4f44c1fd999d9cf9c4ef4dc65deb71bafcd8e':
  Various policy updates.
2013-03-27 13:37:13 -07:00
Geremy Condra
e69552ba2d Revert "Revert "Various minor policy fixes based on CTS.""
This reverts commit ba84bf1dec

Hidden dependency resolved.

Change-Id: I9f0844f643abfda8405db2c722a36c847882c392
2013-03-27 20:34:51 +00:00
Robert Craig
65d4f44c1f Various policy updates.
Assortment of policy changes include:
 * Bluetooth domain to talk to init and procfs.
 * New device node domains.
 * Allow zygote to talk to its executable.
 * Update system domain access to new device node domains.
 * Create a post-process sepolicy with dontaudits removed.
 * Allow rild to use the tty device.

Change-Id: Ibb96b590d0035b8f6d1606cd5e4393c174d10ffb
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
2013-03-27 06:30:25 -04:00
Geremy Condra
2a6d0ace88 am 1620c671: Merge "Introduce security labels for 2 new device nodes."
* commit '1620c671f2b946333958d07420643caf98534a01':
  Introduce security labels for 2 new device nodes.
2013-03-26 11:58:08 -07:00
Robert Craig
f62af81817 Introduce security labels for 2 new device nodes.
iio: Industrial I/O subsystem
usb_accessory: accessory protocol for usb

Allow system access in both cases.

Change-Id: I02db9775ec2ddaaeda40fae6d5e56e320957b09c
Signed-off-by: Robert Craig <rpcraig@tycho.ncsc.mil>
2013-03-26 08:38:58 -04:00
Geremy Condra
a851e6dab9 am c3295802: Merge "New users need a wallpaper_file type."
* commit 'c3295802d7fb22213c073705480d1c1314d71d27':
  New users need a wallpaper_file type.
2013-03-22 18:43:41 -07:00
rpcraig
c5baaff7a6 New users need a wallpaper_file type.
Change-Id: I7ff4ed9f73f43918cac05a026af68cca8dbe02c3
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-03-22 18:17:04 -07:00
Robert Craig
27382687cb am 18b5f87e: racoon policy.
* commit '18b5f87ea18baaf7356a1f1729dc2737be3c141e':
  racoon policy.
2013-03-22 17:24:52 -07:00