This allows package manager enables fs-verity to an APK if it is
installed with .idsig in the classic install session (non-incremental).
This is done in ag/24707249 behind a flag. This sepolicy change was
missed by mistake.
Bug: 277344944
Test: atest android.appsecurity.cts.PkgInstallSignatureVerificationTest
Change-Id: If403d84611b69ab076a808addebbd5f0738cdc68
system_server creates an ICMPv6 socket and send it to ot_daemon via ParcelFileDescriptor. ot_daemon will use that socket to send/receive ICMPv6 messages.
Here's how the socket is created in System Server:
int sock = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6);
Bug: 294486086
Security consultation bug: 296809188
Test: Verified on a cuttlefish
Change-Id: I9d479c9da01187a0e476591f447f7199ecb3a409
Currently, incidentd is allowed to read the wakeup_sources debugfs
node only if a device does not enforce debugfs restrictions. If a device
enforces debugfs restrictions, debugfs cannot be mounted on user builds,
but can be mounted on userdebug and eng builds.
Processes that need to use debugfs should therefore be able to
access it on userdebug and eng builds. So, allow incidentd to
read the wakeup sources debugfs node for userdebug and eng builds.
Bug: 300477252
Change-Id: I9bb480a0418a6d176b39753d552f409e139be178
Signed-off-by: Isaac J. Manjarres <isaacmanjarres@google.com>
Libmemevents requires read-access to the attribute files exposed by the
memhealth driver.
Test: build
Test: no denials to /proc/memhealth/oom_victim_list from libmemevents
Bug: 244232958
Change-Id: I617c75ab874ad948af37d3e345e5202e46781f3f
Signed-off-by: Carlos Galo <carlosgalo@google.com>
The properties for attestation are congifured in build.prop files and
used by frameworks Build.java.
Allow app to access them from 'adb shell am'
Bug: 296168846
Test: m selinux_policy
Change-Id: Ie749cf5d621c03c21aa538f96a06d21680a61569
sys.boot.reason.last needs to be readable by SysUI to correctly display the reason why authentication is required to unlock the phone.
Bug: 299327097
Test: presubmit
Change-Id: I9f83ade92858056609bc665ecb6ce9b93eb051e4
A new test mode (--all) tests if every file context label used in APEX
is "known". It should fail if unknown label is used in APEX.
Bug: 299391194
Test: atest apex_sepolicy_tests_test
Change-Id: Ie467019a6dc74bba9901ba8d705b31e6de24cd62
The module name is changed but it isn't applied to Android.mk
Bug: 296875906
Test: m selinux_policy and see se_freeze_test run
Change-Id: Ia25845a1aff2c2b5f910f8432a455ee93a157580
system/sepolicy should support both REL build and ToT build. That means
that system/sepolicy and prebuilts may differ. As the frozen sepolicy is
what vendor sepolicy uses, so we need to use prebuilts to run Treble
compat test.
Bug: 296875906
Test: m selinux_policy on REL
Change-Id: I4b290266ba87e3f011d640bec133fc88359ea52f
Rationale for this change:
1) Vendors use only public files, so we should be able to use only
public cil files for compatibility test.
2) treble_sepolicy_tests_for_release.mk is too complex, because it
requires compiled sepolicy. Reducing the complexity will help migrate
into REL build.
3) This fixes a tiny bug of treble_sepolicy_tests that it can't catch
public types being moved to private types, and then removed. 29.0.cil
and 30.0.cil change contains such missing public types.
Bug: 296875906
Test: m selinux_policy (with/without intentional breakage)
Change-Id: Ia2c0733176df898f268b5680195da25b588b09c7
... and remove redundant Makefile codes. This also updates commit hook
as we now only use Soong to build sepolicy.
Bug: 296875906
Test: m selinux_policy
Change-Id: I93f0d222a0c10e31c51c9380780a8927c47d62b1
