Allow mm_events to periodically arm the mm_events
perfetto trace config if mm_events is enabled.
Bug: 183037386
Test: boot; setprop persist.mm_events.enabled true; No avc denials
Change-Id: Ia9760001e7fb591f18e3e816a63281167a658c74
Individual apexes may contribute jars to BOOTCLASSPATH and friends.
Configuration for these contributions are in /apex/foo/etc/ files that
derive_classpath service reads and processes.
Bug: 180105615
Test: presubmit && DeviceBootTest
Change-Id: I61379e55f2ad55e1c65956b854e5a9b8872c61df
plat_vendor tag consists of vendor available policies in system/sepolicy
directory, and is for minimized vendor policies.
Bug: 33691272
Test: boot microdroid
Change-Id: Icb3c1be02ee41b526d7d95f0053e56bf8b34f49d
For incident section 1116, it runs incident-helper-cmd which executes app_process.
The metrics reporting in app_process currently writes metrics to Statsd.
Now grant the required statsd socket permission.
Bug: 183759310
Test: $ make selinux_policy
Push SELinux modules
$ ./pts-tradefed run pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanBugreport
Change-Id: I7a1ff6a3022414c4da2592a9a215d4b5e5f59ca2
We should add sepolicy for installd to get permission to check for external_storage.sdcardfs.enabled before deciding that the system is using sdcardfs.
Test: Run on device not using sdcardfs, but with sdcardfs present in kernel
Bug: 160727529
Bug: 181819712
Change-Id: I79df67789ab003762337ad4e89e46892990d0e60
This is intended so apps that are allowed access to uhid_device can pass
the mls constraints.
Bug: 183449317
Test: n/a
Change-Id: I8ca87014ddfd7e9a02a2ac97a13f2c43841ee181
Crash_dump may not have access to files in /proc that are passed
across exec(). Rather than let these cause test failures, suppress
them.
Fixes: 183575981
Test: build
Change-Id: I285dc84ef8a43a8f5a34538143c6506c70540b03
Now that keystore2 is a VNDK stable interface, we need to remove the
legacy unqualified interface from the keystore service context.
Test: Compile, boot, and ensure no SELinux violations for keystore2 service
Change-Id: I770c08eae9690b0dc0e2bae86c9ef72f9540d2f4
The system_ext_mapping_cil_$(ver) and product_mapping_cil_$(ver) rules
use build_sepolicy, but are missing a dependency on the tool.
Bug: 183865297
Test: forrest
Change-Id: Ic4e860ccf3e7a3cd06bc5c6fe947717fadb164f5
This should be ok since apps are already allowed to read the contained
files; the dir is iterated by tests to ensure that all files are signed
correctly.
Bug: 165630556
Test: new test passes
Change-Id: Ib6c298f2b267839a802c17288230a8151a1eec86
Grant ReadDefaultFstab() callers
allow scontext { metadata_file gsi_metadata_file_type }:dir search;
allow scontext gsi_public_metadata_file:file r_file_perms;
so they can search / read DSU metadata files.
The DSU metadata files are required to deduce the correct fstab.
Also tighten the neverallow rules in gsid.te.
Bug: 181110285
Test: Build pass, presubmit test
Test: Boot and check avc denials
Test: Boot with DSU and check avc denials
Change-Id: Ie464b9a8f7a89f9cf8f4e217dad1322ba3ad0633
To allow microdroid's adbd connection to be forwarded, adbd should be
able to use vsock.
Bug: 181747352
Test: try to connect adb to microdroid after turning on selinux
Change-Id: Ia6662d5a028a82c8bbafa6c21da821e9a1144bdc
Split gsi_metadata_file into gsi_metadata_file plus
gsi_public_metadata_file, and add gsi_metadata_file_type attribute.
Files that are okay to be publicly readable are labeled with
gsi_public_metadata_file. Right now only files needed to infer the
device fstab belong to this label.
The difference between gsi_metadata_file and gsi_public_metadata_file is
that gsi_public_metadata_file has relaxed neverallow rules, so processes
who wish to read the fstab can add the respective allow rules to their
policy files.
Allow gsid to restorecon on gsi_metadata_file to fix the file context of
gsi_public_metadata_file.
Bug: 181110285
Test: Build pass
Test: Issue a DSU installation then verify no DSU related denials and
files under /metadata/gsi/ are labeled correctly.
Change-Id: I54a5fe734dd345e28fd8c0874d5fceaf80ab8c11
Address any denials in the log - currently just adding
the virtualization service.
Bug: 183583115
Test: ps -AZ | grep virtmanager
u: r:virtmanager:s0 virtmanager 2453 1 10930880 4544 0 0 S virtmanager
Change-Id: Ie034dcc3b1dbee610c591220358065b8508d81cf
Previously we would mount OTA images with a 'context=...' mount
option. This meant that all selinux contexts were ignored in the ota
image, limiting the usefulness of selinux in this situation. To fix
this the mount has been changed to not overwrite the declared contexts
and the policies have been updated to accurately describe the actions
being performed by an OTA.
Bug: 181182967
Test: Manual OTA of blueline
Merged-In: I5eb53625202479ea7e75c27273531257d041e69d
Change-Id: I5eb53625202479ea7e75c27273531257d041e69d
Add early_boot_ended permission to the keystore2 access vector. This
permission must be checked before allowing calls to earlyBootEnded() on
Keymint devices.
Bug: 181821046
Bug: 181910578
Change-Id: I8860a4424a249455ab540b6c2896e7d836ceb8a3
