This property will be used to set 16k dev options on device.
This will be product specific property and will be added on
specific devices.
Test: m, booted device with PRODUCT_16K_DEVELOPER_OPTION ON/OFF and
verified option visibility.
Bug: 297922563
Change-Id: I2be5e7236eb8259ef6d5893e70712a5c89aaad52
There is no one actively using mixed sepolicy build, and it made
sepolicy codes too complicated. As we are deprecating mixed build,
removing such code for cleanup.
Bug: 298305798
Test: boot cuttlefish
Change-Id: I8beedd5a281fa957532deecb857da4e1bb66992a
This reverts commit 3bda1c9761.
Reason for revert: The fix ag/24590089 is verified with ABTD and merged
Change-Id: I17124df1ddfd52cbd2a17b1a90e0f332eb4e41f9
The binderservicedomain attribute grants further permissions than its
name suggests. Update the documentation to avoid its usage.
Bug: 297785784
Test: build, documentation update only.
Change-Id: I41bc6f32cf4d56bde320261fe221c3653cda945a
The artd daemon is not always active. When running, it exposes a binder
service which may be dumped when a bug report is triggered. The current
policy did not fully grant access which resulted in spurious denials if
a bugreport was triggered when the daemon was running.
Test: Run bugreport; observe correct dump of artd service
Bug: 282614147
Bug: 192197221
Change-Id: Ie0986d7716de33ec38ae09cfee14c629f5a414a6
Rather than PRODUCT_SHIPPING_API_LEVEL, use board api level
(BOARD_API_LEVEL or BOARD_SHIPPING_API_LEVEL) to determine whether we
check coredomain violations or not.
Bug: 280547417
Test: see build command of vendor_seapp_contexts
Change-Id: I20859d6054ab85f464b29631bdfd55ade3e78f53
This is in host sepolicy, looked like we pruned it because we didn't
need it - but now we do.
Bug: 297019386
Test: Run VM with encrypted storage, no denials
Change-Id: I6cd5f6bf98e9089ef7c3945c29242daea527592f
Allow Microdroid Manager to setuid/setgid when spawning Microdroid
Launcher.
Allow encryptedstore binary to chmod the root directory.
Also added some neverallow rules, because I was surprised that I
didn't trigger one.
Bug: 296393106
Test: atest MicrodroidTests
Change-Id: I1f224d59548162d0b36c2c9f32710db2c2da5869
Partial revert of:
commit 3e1dc57bf4
commit 30ae427ed0
The current file contexts could break potential implementations of NTFS
by partners in future. I am not rolling back the adjoining
fuseblkd_exec andfuseblkd_untrusted_exec code, because secure
implementations of fuseblk drivers should still endeavour to use the
more compartmentalised policies.
However, as we don't support NTFS officially, we should give
implementors the choices whether to use it or not, even if it will open
the door to potentially less secure implementations.
NTFS Context: http://b/254407246,
https://docs.google.com/document/d/1b5RjdhN2wFFqmLCK0P_chVyiEhiYqNlTn52TFBMNwxk
Bug: 294925212
Test: Builds and boot.
Change-Id: I6d3858517e797b3f7388f9d3f18dd4a11770d5bc
Add SEPolicy for the ThreadNetworkService
Add Fuzzer exception, thread_network service is java only
FR: b/235016403
Test: build and start thread_network service
bug: 262683651
Change-Id: Ifa2e9500dd535b0b4f2ad9af006b8dddaea900db
Starting in Android 11, Android unconditionally disables kernel module
autoloading (https://r.android.com/1254748) in such a way that even the
SELinux permission does not get checked. Therefore, all the SELinux
rules that allow or dontaudit the module_request permission are no
longer necessary. Their presence or absence makes no difference.
Bug: 130424539
Test: Booted Cuttlefish, no SELinux denials.
Change-Id: Ib80e3c8af83478ba2c38d3e8a8ae4e1192786b57
Starting from Android V, vendor seapp_contexts files can't assign
coredomain to vendor apps, as it's Treble violation. This build broken
variable is to suppress the enforcement for devices launching with U or
prior.
Bug: 280547417
Test: set BUILD_BROKEN_VENDOR_SEAPP_USES_COREDOMAIN := true and build
Change-Id: I7b91db8183a867aa490e490e56cb872ea830b21f
As part of Treble, enforce that vendor's seapp_contexts can't label apps
using coredomains. Apps installed to system/system_ext/product should be
labeled with platform side sepolicy.
This change adds the violators attribute that will be used to mark
violating domains that need to be fixed.
Bug: 280547417
Test: manual
Change-Id: I64f3bb2880bd19e65450ea3d3692d1b424402d92
