Commit graph

361 commits

Author SHA1 Message Date
Tri Vo
9918f28981 Restore P BOARD_PLAT_*_SEPOLICY_DIR behavior
BOARD_PLAT_*_SEPOLICY_DIR extends system sepolicy.

PRODUCT_PUBLIC_SEPOLICY_DIRS and PRODUCT_PRIVATE_SEPOLICY_DIRS now
specify locations of public and private product sepolicy respectively.

Bug: 119305624
Test: m selinux_policy
Change-Id: I48d491f0dd22020d96ff0243142153871d2d6b2b
2019-02-01 11:41:11 -08:00
Jiyong Park
e7fab1859f Label APEX files correctly when TARGET_FLATTEN_APEX=true
When TARGET_FLATTEN_APEX=true, APEX files are not packaged in *.apex
files but flattened to the system partition under /system/apex/<name>
directories. There was a bug that those flattened files are not labeled
because the per-APEX file_contexts were applied only when building
*.apex. Fixing this by converting the file_contexts files so that
/system/apex/<name> path is prepended and applying the generated
file_contexts file for system.img when TARGET_FLATTEN_APEX=true.

Bug: 123314817
Test: TARGET_FLATTEN_APEX=true m
ls -alZ /system/apex/*/* shows that the files are correctly labeled

Change-Id: Ia82740a1da0083d5bcfd71354a6d374d2a918342
2019-01-29 10:07:54 +09:00
Tri Vo
8b3016b5db sepolicy: refactor Android.mk
system/sepolicy/Android.mk has become too large (~2k lines) and hard to
navigate. This patch reorganizes build rules for convenience. No
functional changes are made.

Test: m selinux_policy
Change-Id: I9a022b223b2387a4475da6d8209d561bfea228fb
2019-01-25 18:01:17 +00:00
Tri Vo
4eb68150aa Move selinux_denial_metadata to /vendor.
selinux_denial_metadate is an concatenation of different bug maps on the
device, including vendor one. This file is only used for debugging, so
we simply move it to /vendor instead of splitting it up.

/vendor/etc/selinux/selinux_denial_metadata has vendor_configs_file
selinux type, which is logd readable.

Bug: 5159394
Test: bug information is still preserved in avc logs, e.g.
audit(0.0:248): avc: denied { read } for
name="u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=18012
scontext=u:r:platform_app:s0:c512,c768
tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=0
b/79617173 app=com.android.systemui
Change-Id: Id5eb9abd3bdeed92feb2aca40880903533468d50
2019-01-25 00:13:59 +00:00
Tri Vo
1824e25b1c Split system and product sepolicy hashes.
We need to be able to tell if /system was updated independently
/product, and vice versa.  Otherwise, the device might accidentally load
the precompiled_policy after a /product sepolicy update.

Also change the name of the hash file to more closely reflect how its
generated.

Bug: 119305624
Test: boot aosp_taimen, precompiled policy is loaded
Test: If either of these hashes
/system/etc/selinux/plat_sepolicy_and_mapping.sha256
/product/etc/selinux/product_sepolicy_and_mapping.sha256
are removed, then init falls back to compiling sepolicy at boot time.
Change-Id: I14af81c8d3c5cb85c01592518e22077a8c8c3e5e
2019-01-23 09:19:35 -08:00
Tri Vo
937e66496d Split mapping file into system and product parts
Both mapping files need to be included when building sepolicy at boot
time.

Bug: 119305624
Test: boot taimen
Test: "cnd" type is declared in /vendor; "dataservice_app" type is
declared in /product. This permission is preserved
"allow cnd dataservice_app:binder { transfer call };"
Change-Id: I138f34208ea05e170defd2b4ef4700ffa81f9573
2019-01-18 16:07:33 -08:00
Tri Vo
e68ba59fb3 Rename plat_pub_policy -> pub_policy
Public policy that is available to vendor (and odm) sepolicy is a
combination of system and product public sepolicy. Since "plat_" prefix
implies a pure system sepolicy component, drop "plat_" prefix from
"plat_pub_policy" to be consistent with naming in this file.

Bug: 119305624
Test: m selinux_policy
Change-Id: Iaf094702556ce97371fa1c58c01d707103d7f7d6
2019-01-18 16:07:33 -08:00
Tri Vo
8a2b65244f Remove obsolete mapping build rules.
Mapping files for previous releases are unconditionally packaged on the
device. No need to account for case when BOARD_SEPOLICY_VERS and
PLATFORM_SEPOLICY_VERSION are different.

Bug: 119305624
Test: m selinux_policy
Change-Id: I36c3c43f96870d9a71adf91c8fb8926587c5a50e
2019-01-18 16:07:33 -08:00
Jeff Vander Stoep
e71f4e0c50 Android.mk: remove some build-log spam
This line always prints when building master branch, it's not
particularly useful.

system/sepolicy/Android.mk:77: warning: BOARD_SEPOLICY_VERS not
specified, assuming current platform version

Test: build
Change-Id: I52f8dc2a77966bc0c21168b1339f3029185e5339
2019-01-18 11:33:57 -08:00
Tri Vo
30207acce0 sepolicy: unify *_contexts file install location
This change installs *_contexts files to the same location on Treble and
non-Treble devices.

This was previously not possible because first stage mount was not
required on all platforms. It is now b/79758715.

Bug: 70851112
Test: m selinux_policy
Change-Id: I8124c59b129aef86d78d2ae4ebcfaecd896032fc
2019-01-14 15:43:45 -08:00
Tri Vo
35650d50a1 Separate product_mac_permissions.xml out of system sepolicy.
Bug: 119305624
Test: normal/recovery boot aosp_taimen

Change-Id: I46da995886ce421bb87e741d577f659426ff79c4
2019-01-08 09:49:30 -08:00
Tri Vo
6ac0896b90 Separate product_service_contexts out of system sepolicy.
Bug: 119305624
Test: normal/recovery boot aosp_taimen
Change-Id: I15aa275fa658b58f5a5d3e651d164f9fcd87c0af
2019-01-08 09:49:30 -08:00
Tri Vo
3507678d2e Separate product_seapp_contexts out of system sepolicy.
Bug: 119305624
Test: normal/recovery boot aosp_taimen
Change-Id: Ia8d69be16011db8dd63fa41672449a4ade7302c2
2019-01-08 09:49:30 -08:00
Tri Vo
5da7200510 Separate product_property_contexts out of system sepolicy.
Bug: 119305624
Test: normal/recovery boot aosp_taimen
Change-Id: Ib7a29a9f8f23dd917cc25c23c7612f9e4ae36ea0
2019-01-08 09:49:30 -08:00
Tri Vo
ade741635f Separate product_hwservice_contexts out of system sepolicy.
Bug: 119305624
Test: normal/recovery boot aosp_taimen
Change-Id: I1009745686acd51563378dac56e857be0d60e794
2019-01-08 09:49:30 -08:00
Tri Vo
ebf3eacafe sepolicy: fix mac build
sed "-i" flag on Mac has different syntax than on Linux. Replace use of
sed with grep.

A simple fix like this should suffice for this case, but ideally, we
should maintain our own utils instead of using tools on the host
machine.

Fixes: 121235932
Test: m selinux_policy
Change-Id: I46c3bdb90bf7de48d2c942b15a65ce82ae3041c5
2018-12-19 20:28:14 +00:00
Tri Vo
3361ec4358 Separate product_file_contexts out of system sepolicy.
Bug: 119305624
Test: boot blueline
Change-Id: I3ecdeab3bb33c3cb5e80dc10ba1079c9853048f8
2018-12-18 20:01:18 -08:00
Tri Vo
75887dd5af Separate product_sepolicy.cil out of system sepolicy
Product-specific sepolicy will be installed into /product/etc/selinux/*.
This change separates out /product/etc/selinux/product_sepolicy.cil out
of system sepolicy.

This file is merged into precompiled_sepolicy at build-time. In case
precompiled_sepolicy can't be used (e.g. system-only-ota), init wll
merge this file with the rest of the sepolicy at runtime.

I left TODOs to separate other product-specific SELinux artifacts out of
system.

Bug: 119305624
Test: boot aosp_taimen with product_sepolicy.cil
Test: build selinux_policy for aosp_arm64; no product_sepolicy.cil
produced
Change-Id: Idb84a1c8ceb2de78f1460d954497c53fed08935f
2018-12-18 10:42:09 -08:00
Tri Vo
d57789fde8 Replace "grep -f" with python util.
grep can potentially run out of memory on Mac builds for large input
files. So we add a python util to handle filtering out files.

We will also need this util to filter plat_sepolicy.cil out of
product_sepolicy.cil

Bug: 119305624
Test: boot aosp_taimen
Change-Id: I61cd68f407ea5de43a06bf522a5fc149e5067e8c
2018-12-17 16:57:57 -08:00
Tri Vo
5dbaa245e9 Add BOARD_ODM_SEPOLICY_DIRS to neverallow checks.
It doesn't seem like any of our (Google's) devices use
BOARD_ODM_SEPOLICY_DIRS, but this will be helpful for partners.

Also, use BOARD_VENDOR_SEPOLICY_DIRS instead BOARD_SEPOLICY_DIRS for
readability.

Bug: n/a
Test: m selinux_policy
Change-Id: I23f64a24d51ccdb8aa616d0fd8a06d70b6efed32
2018-12-13 13:41:41 -08:00
Anton Hansson
4537587a68 Remove duplicated LOCAL_REQUIRED_MODULES
All these modules are being unconditionally added to
LOCAL_REQUIRED_MODULES a few lines down.

Test: make
Change-Id: I474c5d41e1a6dd34fd2c2f2d10299048df4c2b70
2018-12-06 15:38:16 +00:00
Nick Kralevich
94c88932d8 Add compile time check for expanded attribute neverallow failure
The SELinux policy language supports an expandattribute statement.
Similar to the C "inline" declaration, this expands the permissions
associated with types, instead of using the attribute directly. Please
see
1089665e31
for more detail on this language option.

Expansion of attributes causes consistency problems with CTS. If a
neverallow rule exists which refers to an expanded attribute, the CTS
neverallow test will fail, because the policy does not have the
attribute embedded in it. Examples:

  * b/119783042 (fixed in 536d3413b8)
  * b/67296580 (fixed in 6f7e8609f9)
  * b/63809360 (fixed in 89f215e6a0)
  etc...

Instead of waiting for the CTS test to fail, modify the Android.mk file
so that we do checks similar to CTS. This allows us to fail at compile
time instead of waiting for a CTS bug. For example, for b/119783042,
instead of the compile succeeding, it will now fail with the following
error message:

  [ 70% 190/268] build out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
  FAILED: out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
  /bin/bash -c "(ASAN_OPTIONS=detect_leaks=0 out/host/linux-x86/bin/checkpolicy -M -c
  30 -o out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows.tmp
  out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/policy.conf ) &&
  (out/host/linux-x86/bin/sepolicy-analyze
  out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows.tmp
  neverallow -w -f out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/policy_2.conf
  || 	  ( echo \"\" 1>&2; echo \"sepolicy-analyze failed. This is most likely due to the use\" 1>&2;
  echo \"of an expanded attribute in a neverallow assertion. Please fix\" 1>&2;
  echo \"the policy.\" 1>&2; exit 1 ) ) &&
  (touch out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows.tmp )
  && (mv out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows.tmp
  out/target/product/crosshatch/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows )"
  libsepol.report_failure: neverallow violated by allow vold hal_bootctl_default:binder { call };
  libsepol.check_assertions: 1 neverallow failures occurred

  sepolicy-analyze failed. This is most likely due to the use
  of an expanded attribute in a neverallow assertion. Please fix
  the policy.
  15:44:27 ninja failed with: exit status 1

Test: Revert 536d3413b8 and verify compile
      fails as above.
Test: Compile succeeds
Bug: 119783042

Change-Id: I5df405b337bb744b838dadf53a2234d8ed94bf39
2018-11-27 15:44:31 -08:00
Nick Kralevich
6b2a4aeacf use tmpfile during build
During the build process, use a temporary file until we've determined
that every step of the build process has completed. Failure to do this
may cause subsequent invocations of the make command to improperly
assume that this step ran to completion when it didn't.

Test: code compiles.
Change-Id: I9a28e653e33b61446a87278975789376769bcc6a
2018-11-26 14:29:06 -08:00
Nick Kralevich
d9047e66c7 Remove obsolete BOARD_SEPOLICY_REPLACE / BOARD_SEPOLICY_IGNORE
Commit b4f17069b3 ("sepolicy:  Drop
BOARD_SEPOLICY_IGNORE/REPLACE support.", Mar 2015) made it a compile
time failure to use BOARD_SEPOLICY_REPLACE or BOARD_SEPOLICY_IGNORE.
As these restrictions have been in place since 2015, we can safely
assume all usages of this have been cleaned up, and there is no further
need to check for this.

8 lines deleted from Android.mk, 1720 lines to go.

Test: compiles.
Change-Id: I23249e4b2e9ec83cb6356a6c5a6e187ae1fc9744
2018-11-20 09:35:26 -08:00
Mustafa Yigit Bilgen
1cffee68b2 Use LOCAL_ADDITIONAL_M4DEFS for file_contexts
Pass LOCAL_ADDITIONAL_M4DEFS to m4 when building vendor_file_contexts
and odm_file_contexts. The build command attempts to use
PRIVATE_ADDITIONAL_M4DEFS - but this is not set in the target-specific
variables.

This allows using custom M4 macros when building non-platform
file_contexts.

Change-Id: I5fa8d9ec91f1a97bee1dd735ba85af93eef91252
2018-11-07 18:03:31 -08:00
Tri Vo
95cfd6904a Unconditionally test mapping files.
Part of an effort to remove Treble-specifics in the way be build
sepolicy.

Fixes: 64541653
Test: m selinux_policy for aosp_arm64
Change-Id: I9e42c720018674e7d3a6c47e01995401c4e748a7
2018-10-08 10:21:12 -07:00
Tri Vo
e3f4f77d39 Don't require private types in mapping file.
Private types are not visible to vendor/odm policy, so we don't need mapping
entries for them.

We build platform-only public policy .cil file and give it as input to
treble_sepolicy_tests. Using this public policy the test can now figure out if
the newly added type in public or private.

Bug: 116344577
Test: adding public type triggers mapping test failure, adding private type does
not.
Change-Id: I421f335e37274b24aa73109e260653d7b73788b5
2018-09-28 17:22:25 -07:00
huangyanjun
250957202f Fix building error for multi-line dontaudit statement
All the *.conf.dontaudit files are generated from *.conf
with the command of 'sed '/dontaudit/d' $@ > $@.dontaudit',
but this command can not be applied to multi-line dontaudit statement.

Test: Set plat_policy.conf.dontaudit as the input_file parameter of
checkpolicy tool, then selinux syntax error will occur during building.

Change-Id: I281de923d8a5f0b46256ec7de4df12a1c1d7e061
2018-09-26 20:42:27 +08:00
Nick Kralevich
1b2ea497aa Android.mk: conditional compilation of odm_sepolicy.cil
Do not attempt to build odm_sepolicy.cil if BOARD_ODM_SEPOLICY_DIRS is
not defined. Attempting to do so will create an empty file, which causes
build problems when
0c6ea1e812
is applied.

Test: "cd system/sepolicy && mma -j55" succeeds
Test: "make checkbuild" succeeds
Change-Id: Iefc458bddff3d08e5fcb86f8be3cad16d7e36e73
2018-09-25 11:03:48 -07:00
Nick Kralevich
764cbd063e m4: add --fatal-warnings
Error out if m4 generates a warning. This will help detect and prevent
malformed macros.

See 855084960f for motivation.

Test: policy compiles
Test: Policy doesn't compile if 855084960f
      is reverted.

Change-Id: Iee6b6273bc2a24b1220861fd662573e76001defc
2018-08-15 09:55:27 -07:00
Mark Salyzyn
9b398f3fb7 fs_mgr: add overlayfs handling for squashfs system filesystems
/cache/overlay directory in support of overlayfs mounts on userdebug
and eng devices.  Overlayfs in turn can be capable of supporting
adb remount for read-only or restricted-storage filesystems like
squashfs or right-sized (zero free space) system partitions
respectively.

Test: compile
Bug: 109821005
Bug: 110985612
Change-Id: I3ece03886db7cc97f864497cf93ec6c6c39bccd1
2018-08-08 07:33:10 -07:00
Jae Shin
1fa9634896 Add mapping files for 28.0.[ignore.]cil
Steps taken to produce the mapping files:

1. Add prebuilts/api/28.0/[plat_pub_versioned.cil|vendor_sepolicy.cil]
from the /vendor/etc/selinux/[plat_pub_versioned.cil|vendor_sepolicy.cil]
files built on pi-dev with lunch target aosp_arm64-eng

2. Add new file private/compat/28.0/28.0.cil by doing the following:
- copy /system/etc/selinux/mapping/28.0.cil from pi-dev aosp_arm64-eng
device to private/compat/28.0/28.0.cil
- remove all attribute declaration statement (typeattribute ...) and
sort lines alphabetically
- some selinux types were added/renamed/deleted w.r.t 28 sepolicy.
Find all such types using treble_sepolicy_tests_28.0 test.
- for all these types figure out where to map them by looking at
27.0.[ignore.]cil files and add approprite entries to 28.0.[ignore.]cil.

This change also enables treble_sepolicy_tests_28.0 and install 28.0.cil
mapping onto the device.

Bug: 72458734
Test: m selinux_policy
Change-Id: I90e17c0b43af436da4b62c16179c198b5c74002c
2018-07-18 20:08:38 -07:00
Anton Hansson
8cfe1e6128 Split selinux_policy module into two.
Create one _system and one _nonsystem target, which together contains
the same artifacts as before, just split by whether they go on the
system partition or not.

The product build hierarchy is being refactored to be split by
partition, so these targets facilitate inclusion of just the
system parts where necessary. Also keep the selinux_policy target
around for products that don't need the split.

Bug: 80410283
Test: for t in eng userdebug user; do lunch mainline_arm64-${t}; m nothing; done
Test: verified walleye /system and /vendor identical before and after, via:
Test: /google/data/rw/users/cc/ccross/bin/compare-target-files.sh P6259983 walleye-userdebug "SYSTEM/*" "VENDOR/*"
Test: only diffs are in build.prop files (timestamps and the like)

Change-Id: I0f5d8a1558a164ce5cfb7d521f34b431855ac260
2018-07-03 14:04:20 +01:00
Tri Vo
77c44fc420 Mechanism to exclude neverallows from *TS.
build_test_only is used to denote rules that should not verified
as part of compliance testing.

Use this macro to exclude neverallow rules which we want to check as
part of build, but not CTS.

Bug: 80499271
Test: SELinuxNeverallowRulesTest on walleye has no more failure of type
"Type or attribute * used in neverallow undefined in policy being checked."
Number of failing test cases is reduced by 142.
Test: policy.conf used to check neverallows at build-time still retains
all neverallow rules.
Change-Id: I5f1b383d9096bb5a7b8c0f1bc008b5dd07419580
2018-06-06 14:51:39 -07:00
Joel Galenson
98f83b67cc Exclude bug_map from the sepolicy_freeze_test.
The bug_map file is only used whitelisting known test failures.  It
needs to change fairly often to fix new failures and it doesn't affect
users, so it shouldn't matter if it diverges from prebuilts.

Test: Enable this test and build with and without different bug_maps.
Change-Id: I9176a6c7e9f7852a0cd7802fd121b1e86b216b22
2018-05-22 09:22:41 -07:00
Pavel Maltsev
fdec2530ef Allow to specify platform sepolicy dir mult. times
For automotive (and I assume for other verticals) it make sense to keep
vertical-specific policies outside of /system/sepolicy as those not used
by the phones. However, there's no way to do it rather than using
BOARD_PLAT_{PUBLIC|PRIVATE}_SEPOLICY_DIR build variables.

Bug: 70637118
Test: lunch device && m
Test: verify it builds, boots and logs seems to be reasonable
Test: enable full treble for aosp_car_x86 - verify it builds, boots and
no denials in the logs

Change-Id: Ia5fd847f7a6152ff6cf99bbbc12e1e322f7946ab
(cherry picked from commit 34f233640a)
2018-05-16 13:12:09 -07:00
Tri Vo
1f4a28b159 Always build system and vendor policies (and related artifacts).
Part of an effort to remove Treble-specifics from the way be build
sepolicy.

Bug: 70851112
Test: build and boot bullhead.
Change-Id: I236f031e1b017875fb1afcc4f1b201699139516a
2018-05-09 14:00:54 -07:00
Tri Vo
a5cfd3e537 Soong module selinux compat maps
And migrate 26.0.cil and 27.0.cil build targets from Android.mk to
Android.bp

Bug: 33691272
Test: 26.0.cil and 27.0.cil mapping files on the device are unchanged.
Change-Id: Id0ea45c149e096996bc0657615ea98915df3c9e1
2018-05-08 11:28:47 -07:00
Tri Vo
81198bb8bb Test frozen sepolicy has not diverged from prebuilts.
This will test that system/sepolicy/{public/, private/} are identical to
prebuilts if PLATFORM_SEPOLICY_VERSION is not 10000.0.

Bug: 74622750
Test: build policy
Test: correctly catches divergence from prebuilts for frozen policies

Change-Id: I2fa14b672544a021c2d42ad5968dfbac21b72f6a
2018-03-29 15:42:28 -07:00
Joel Galenson
c148621815 Use user policy for compatibility tests.
Use the user policy when running the compatibility tests.

Bug: 74344625
Test: Built policy for many devices.  Booted one device.
Test: Delete some compat rules, verify error on userdebug.
Change-Id: Ib2df2dfc06cdf55a839011e9a528e76160a9e436
2018-03-26 18:01:41 -07:00
Tom Cherry
a15df75ddf Verify the SELabels used in property_contexts
Verify that the SELabels used in property_contexts correspond to a
real type in the SEPolicy and that this type has the property_type attribute.

Additionally add a check that vendor property_context files do not
duplicate entries in plat property_contexts, and a similar check that
odm property_contexts doesn't duplicate either plat or vendor
property_contexts.

Bug: 74078792
Test: Build property_contexts on bullhead successfully
Test: See failure when using a faulty SELabel in property_contexts
Test: See failure when duplicating label in vendor and plat property_contexts
Change-Id: I4d2338dab68f1c5a8ed110aa7821f0677f61bafb
2018-03-26 13:36:39 -07:00
Tri Vo
bbb8f5bd04 Fix mapping file build.
Location of mapping files has changed from private/mapping/V.v.cil to
private/compat/V.v/V.v.cil
Change the build rule for current_mapping.cil to reflect that.

Test: Build current mapping file with  BOARD_SEPOLICY_VERS := 27.0 and
make sure that $OUT/obj/ETC/27.0.cil_intermediates/27.0.cil is not empty
Change-Id: I996a717e1c659265cb067da5d621d71ff3b3b63b
2018-03-20 18:16:10 -07:00
Bowgo Tsai
af7d85f83f Add /odm/etc/selinux/odm_mac_permissions.xml
Bug: 64240127
Test: normal boot a device
Change-Id: I276ba6bc88eabb0d5562e4e96d3860eedb76aed5
2018-03-16 15:45:02 +08:00
Bowgo Tsai
ad6231f546 Add /odm/etc/selinux/odm_hwservice_contexts
Bug: 64240127
Test: normal boot and recovery boot a device
Change-Id: I22d29e8476380d19aca1be359e0228ab6bbc3b0f
2018-03-16 15:44:55 +08:00
Bowgo Tsai
1f717b1001 Add /odm/etc/selinux/odm_property_contexts
Bug: 64240127
Test: normal boot and recovery boot a device
Change-Id: Ibd71219f60644e57370c0293decf11d82f1cb35c
2018-03-16 15:44:48 +08:00
Bowgo Tsai
ecf656b06f Add /odm/etc/selinux/odm_seapp_contexts
Bug: 64240127
Test: normal boot a device
Change-Id: I3626357237cc18a99511f1ebd9dd3ff5a7655963
2018-03-16 15:44:41 +08:00
Bowgo Tsai
bae1517a58 Add /odm/etc/selinux/odm_file_contexts
Bug: 64240127
Test: normal boot and recovery boot a device
Change-Id: I087292fb23d05fc17272778d668ac78a721b2593
2018-03-16 15:44:33 +08:00
Bowgo Tsai
45457e3a2b Add /odm/etc/selinux/odm_sepolicy.cil
This change adds the support of odm sepolicy customization, which can
be configured through the newly added build varaible:
    - BOARD_ODM_SEPOLICY_DIRS += device/${ODM_NAME}/${BOM_NAME}/sepolicy

Also moving precompiled sepolicy to /odm when BOARD_ODM_SEPOLICY_DIRS
is set. On a DUT, precompiled sepolicy on /odm will override the one in
/vendor. This is intentional because /odm is the hardware customization
for /vendor and both should be updated together if desired.

Bug: 64240127
Test: boot a device with /odm partition
Change-Id: Ia8f81a78c88cbfefb3ff19e2ccd2648da6284d09
2018-03-16 15:44:23 +08:00
Joel Galenson
8c72eea5ff Use user policy when checking neverallow rules.
When building userdebug or eng builds, we still want to build the user
policy when checking neverallow rules so that we can catch compile
errors.

Commit c0713e86 split out a helper function but lost one instance of
using user instead of the real variant.  This restores that one and
adds it to the neverallow check.

Bug: 74344625
Test: Added a rule that referred to a type defined only
in userdebug and eng and ensure we throw a compile error when building
userdebug mode.

Change-Id: I1a6ffbb36dbeeb880852f9cbac880f923370c2ae
(cherry picked from commit 053cb34130)
2018-03-08 09:57:54 -08:00
Tri Vo
9299d93942 Enable treble_sepolicy_tests against 27.0 release.
Bug: 69390067
Test: build sepolicy
Change-Id: I4fc7438e4f825281d93a2849be9d2db819bea4ca
2018-02-27 14:26:48 -08:00