tequilaOS/platform_system_sepolicy

10430 commits 1 branch 0 tags 50 MiB

Author	SHA1	Message	Date
Jeff Vander Stoep	4a478c47f4	Ban vendor components access to core data types Vendor and system components are only allowed to share files by passing open FDs over HIDL. Ban all directory access and all file accesses other than what can be applied to an open file: stat/read/write/append. This commit marks core data types as core_data_file_type and bans access to non-core domains with an exemption for apps. A temporary exemption is also granted to domains that currently rely on access with TODOs and bug number for each exemption. Bug: 34980020 Test: Build and boot Marlin. Make phone call, watch youtube video. No new denials observed. Change-Id: I320dd30f9f0a5bf2f9bb218776b4bccdb529b197	2017-03-28 15:44:39 -07:00
dcashman	cc39f63773	Split general policy into public and private components. Divide policy into public and private components. This is the first step in splitting the policy creation for platform and non-platform policies. The policy in the public directory will be exported for use in non-platform policy creation. Backwards compatibility with it will be achieved by converting the exported policy into attribute-based policy when included as part of the non-platform policy and a mapping file will be maintained to be included with the platform policy that maps exported attributes of previous versions to the current platform version. Eventually we would like to create a clear interface between the platform and non-platform device components so that the exported policy, and the need for attributes is minimal. For now, almost all types and avrules are left in public. Test: Tested by building policy and running on device. Change-Id: Idef796c9ec169259787c3f9d8f423edf4ce27f8c	2016-10-06 13:09:06 -07:00

Author

SHA1

Message

Date

Jeff Vander Stoep

4a478c47f4

Ban vendor components access to core data types

Vendor and system components are only allowed to share files by
passing open FDs over HIDL. Ban all directory access and all file
accesses other than what can be applied to an open file:
stat/read/write/append.

This commit marks core data types as core_data_file_type and bans
access to non-core domains with an exemption for apps. A temporary
exemption is also granted to domains that currently rely on
access with TODOs and bug number for each exemption.

Bug: 34980020
Test: Build and boot Marlin. Make phone call, watch youtube video.
      No new denials observed.
Change-Id: I320dd30f9f0a5bf2f9bb218776b4bccdb529b197

2017-03-28 15:44:39 -07:00

dcashman

cc39f63773

Split general policy into public and private components.

Divide policy into public and private components.  This is the first
step in splitting the policy creation for platform and non-platform
policies.  The policy in the public directory will be exported for use
in non-platform policy creation.  Backwards compatibility with it will
be achieved by converting the exported policy into attribute-based
policy when included as part of the non-platform policy and a mapping
file will be maintained to be included with the platform policy that
maps exported attributes of previous versions to the current platform
version.

Eventually we would like to create a clear interface between the
platform and non-platform device components so that the exported policy,
and the need for attributes is minimal.  For now, almost all types and
avrules are left in public.

Test: Tested by building policy and running on device.

Change-Id: Idef796c9ec169259787c3f9d8f423edf4ce27f8c

2016-10-06 13:09:06 -07:00

Renamed from tee.te (Browse further)

2 commits