tequilaOS/platform_system_sepolicy

Author	SHA1	Message	Date
Seth Moore	6252da2cd1	Merge "Allow the remote provisioner app to set rkp_only properties" am: `222e99e26f` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2069269 Change-Id: Ie15a61b54416f9b0b38b7a108e1b76a724dcc505 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-21 17:29:29 +00:00
Seth Moore	222e99e26f	Merge "Allow the remote provisioner app to set rkp_only properties"	2022-04-21 17:23:11 +00:00
Maciej Żenczykowski	25192167a1	Merge "Grants clatd privs since forked by system server" am: `1ebfb867a8` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1951036 Change-Id: Id5a3158b63aa2d0a5e5e0776e0d35e5cd606d077 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-21 14:04:05 +00:00
Maciej Żenczykowski	1ebfb867a8	Merge "Grants clatd privs since forked by system server"	2022-04-21 14:00:23 +00:00
Treehugger Robot	0bd269a7c8	Merge "Track sys_module permission for system_server" am: `bd3e8d9520` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2063148 Change-Id: I20f877611275635eff7de29353b09eb82dd1d6ae Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-21 07:38:31 +00:00
Treehugger Robot	bd3e8d9520	Merge "Track sys_module permission for system_server"	2022-04-21 07:20:26 +00:00
Alistair Delva	f54bcca352	Merge "Adds GPU sepolicy to support devices with DRM gralloc/rendering" am: `ce19c41b8f` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1999610 Change-Id: I7e7ed07eaaededa0e42c48884be50d5c09a334fc Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-21 04:43:58 +00:00
Alistair Delva	ce19c41b8f	Merge "Adds GPU sepolicy to support devices with DRM gralloc/rendering"	2022-04-21 04:21:45 +00:00
Seth Moore	8bfdd82123	Allow the remote provisioner app to set rkp_only properties The properties for rkp_only are no longer read only. This allows remote provisioner unit tests to enable/disable the remote provisioning only mode, which is required to fully verify functionality. Test: RemoteProvisionerUnitTests Bug: 227306369 Change-Id: I8006712a49c4d0605f6268068414b49714bbd939	2022-04-20 17:15:20 -07:00
Treehugger Robot	a8176be752	Merge "Adds system_user_mode_emulation_prop property." am: `7c9e7bbb11` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2069890 Change-Id: Id0d7a9d11f99b49d8ff68d7e70d4fbbbc972dbb4 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-20 23:12:35 +00:00
Treehugger Robot	7c9e7bbb11	Merge "Adds system_user_mode_emulation_prop property."	2022-04-20 22:51:45 +00:00
Felipe Leme	9a385b2112	Adds system_user_mode_emulation_prop property. It will be used by system_server only (i.e., not even Shell) to let developers change the system user mode (to be headless or full). Test: sesearch --allow -t system_user_mode_emulation_prop $ANDROID_PRODUCT_OUT/vendor/etc/selinux/precompiled_sepolicy Bug: 226643927 Change-Id: Iaba42fd56dce0d8d794ef129634df78f9599260f	2022-04-20 13:28:01 -07:00
Eric Biggers	60ac375f3a	Merge "vold.te: stop allowing use of keymaster HAL directly" am: `39b27b87ba` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2065468 Change-Id: Ifc25cc95d76b9bc8cb05cb2a5ce14b39a402f21a Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-20 18:21:47 +00:00
Eric Biggers	39b27b87ba	Merge "vold.te: stop allowing use of keymaster HAL directly"	2022-04-20 17:42:28 +00:00
Shikha Panwar	be9fea3b8b	Merge "Allow microdroid to start tombstone_transmit service" am: `8feef80fab` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2063853 Change-Id: Iea79abd91d9f3ca7dd30755f4a415fb916246ce9 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-20 11:17:30 +00:00
Shikha Panwar	8feef80fab	Merge "Allow microdroid to start tombstone_transmit service"	2022-04-20 11:08:23 +00:00
Treehugger Robot	af42eee34c	Merge "crosvm can access data_shell_file on user builds" am: `d222ea676b` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2064912 Change-Id: Icb55aca23bde8f9024a6790eb72440e2ed8c0878 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-20 05:47:51 +00:00
Treehugger Robot	e5defcf3d4	Merge "/apex/com.android.art/bin/dex2oat is a symlink, so allow reading it from the shell." am: `b87591b7c6` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2063854 Change-Id: Iaee281b32e3100b8cfa1a94119580acbd897602a Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-20 05:47:42 +00:00
Treehugger Robot	d222ea676b	Merge "crosvm can access data_shell_file on user builds"	2022-04-20 05:32:32 +00:00
Treehugger Robot	b87591b7c6	Merge "/apex/com.android.art/bin/dex2oat is a symlink, so allow reading it from the shell."	2022-04-20 05:19:16 +00:00
Jiyong Park	cdd5e07956	crosvm can access data_shell_file on user builds Some of our CTS tests require that crosvm to have read/write access to files on /data/local/tmp/virt which is labeled as data_shell_file. Since CTS tests should pass on user builds, grant the access in user builds as well. Note that the open access is still disallowed in user builds. Bug: 222013014 Test: run cts Change-Id: I4f93ac64d72cfe63275f04f2c5ea6fb99e9b5874	2022-04-20 08:35:19 +09:00
Eric Biggers	bf717e18f1	vold.te: stop allowing use of keymaster HAL directly Since Android 12, vold goes through the keystore daemon instead of using the keymaster HAL directly. Therefore, the SELinux rules that allow vold to use the keymaster HAL directly are no longer needed. Bug: 181910578 Change-Id: I8ecc47530cba82128c869ffd2fed9009dd7d5e05	2022-04-19 21:57:18 +00:00
Treehugger Robot	7fd8710e46	Merge "Remove obsolete rule allowing installd to use fsverity ioctls" am: `12399e945e` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2065527 Change-Id: I972ea99ec473463f77ee1f85cec32ccf1ca5923c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-19 21:11:16 +00:00
Treehugger Robot	12399e945e	Merge "Remove obsolete rule allowing installd to use fsverity ioctls"	2022-04-19 20:49:43 +00:00
Eric Biggers	fa1f9cb2b8	Merge "Remove some FDE rules and update comments" am: `b83a6d1168` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2065887 Change-Id: Ib41b61ff06a839653c3608708be382ea0ca65e49 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-19 17:03:35 +00:00
Eric Biggers	b83a6d1168	Merge "Remove some FDE rules and update comments"	2022-04-19 16:47:27 +00:00
Treehugger Robot	672b6a1776	Merge "apkdmverity: use LOOP_CONFIGURE" am: `10ea55472c` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2063894 Change-Id: I8d0da7af0c1365566c3f81c3c1d4b547ce994bfe Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-19 06:01:44 +00:00
Treehugger Robot	10ea55472c	Merge "apkdmverity: use LOOP_CONFIGURE"	2022-04-19 05:43:56 +00:00
Jason Macnak	a93398051c	Adds GPU sepolicy to support devices with DRM gralloc/rendering ... such as Cuttlefish (Cloud Android virtual device) which has a DRM virtio-gpu based gralloc and (sometimes) DRM virtio-gpu based rendering (when forwarding rendering commands to the host machine with Mesa3D in the guest and virglrenderer on the host). After this change is submitted, changes such as aosp/1997572 can be submitted to removed sepolicy that is currently duplicated across device/google/cuttlefish and device/linaro/dragonboard as well. Adds a sysfs_gpu type (existing replicated sysfs_gpu definitions across several devices are removed in the attached topic). The uses of `sysfs_gpu:file` comes from Mesa using libdrm's `drmGetDevices2()` which calls into `drmParsePciDeviceInfo()` to get vendor id, device id, version etc. Bug: b/161819018 Test: launch_cvd Test: launch_cvd --gpu_mode=gfxstream Change-Id: I4f7d4b0fb90bfeef72f94396ff0c5fe44d53510c Merged-In: I4f7d4b0fb90bfeef72f94396ff0c5fe44d53510c	2022-04-18 17:30:56 -07:00
Xin Li	753b87fbc5	Empty merge of sc-v2-dev-plus-aosp-without-vendor@8433047 Bug: 226662282 Merged-In: Ic64ce88e137976149813888a0d6d2910fda359e7 Change-Id: Id90adb99bf00db32bdd14e20d0ffd02424da5ef0	2022-04-18 20:43:42 +00:00
Roshan Pius	0bad2ae587	sepolicy: Allow uwb module access to CE directories for UWB am: `47bddcd065` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2065410 Change-Id: Ie9402b41ea605b158cf02e0e833c7b1eda22337b Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-16 02:27:15 +00:00
Jooyung Han	0b3d56d35f	apkdmverity: use LOOP_CONFIGURE LOOP_CONFIGURE is more efficient than LOOP_SET_FD/SET_STATUS64. apkdmverity has used the latter because LOOP_CONFIGURE didn't work for loop-mounting IDSIG file. apkdmverity can use LOOP_CONFIGURE and enabling DIRECT_IO only when necessary. Bug: 191344832 Test: atest MicrodroidTestApp Change-Id: I9503f17a689e2447acee1f6ef9c2aac53cf3c457	2022-04-16 00:07:39 +00:00
Eric Biggers	9bf0a0c141	Remove some FDE rules and update comments Now that FDE (Full Disk Encryption) is no longer supported, the SELinux policy doesn't need to support it. Remove two rules that are no longer needed. Also update some comments that implied that other rules were needed only because of FDE support, when actually they are still needed for other reasons. Finally, fix some outdated documentation links. Bug: 208476087 Change-Id: I4e03dead91d34fcefdfcdc68d44dd97f433d6eaf	2022-04-15 21:06:51 +00:00
Roshan Pius	47bddcd065	sepolicy: Allow uwb module access to CE directories for UWB Denial logs: 04-15 17:02:48.616 1811 1811 W binder:1811_6: type=1400 audit(0.0:7): avc: denied { write } for name="com.android.uwb" dev="dm-41" ino=6916 scontext=u:r:system_server:s0 tcontext=u:object_r:apex_module_data_file:s0 tclass=dir permissive=0 Bug: 229410097 Change-Id: I86df5f20dda483aa0579a55e1b040c277906db1b Test: Manual tests	2022-04-15 20:37:24 +00:00
Richard Chang	24b88b3269	Merge "sepolicy: allow vendor system native experiments property" am: `1c8df204ff` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2062049 Change-Id: Ifbc9a9f1d30acecb43424eef10d9386408802fd2 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-15 04:05:17 +00:00
Richard Chang	1c8df204ff	Merge "sepolicy: allow vendor system native experiments property"	2022-04-15 03:47:28 +00:00
Eric Biggers	7be3e86f48	Remove obsolete rule allowing installd to use fsverity ioctls The code that needed this was removed by https://r.android.com/1977357. Bug: 120629632 Change-Id: I771a0f93b28c9b44715c718eaf534a8a65f2ae30	2022-04-15 01:03:28 +00:00
Xinyi Zhou	4bf6ea7727	Change nearby from system_api_service to app_api_service am: `791567ece6` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2064652 Change-Id: I6ec77462050fabd1cf3e2eb625b64dfaa22e6083 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-14 17:38:05 +00:00
Martin Stjernholm	1e0b4a5b98	/apex/com.android.art/bin/dex2oat is a symlink, so allow reading it from the shell. This fixes a regression from https://r.android.com/1921457, so that dex2oat without a path can still be run from the adb shell. That CL removed the symlink from /system/bin, which means the shell finds it in /apex/com.android.art/bin instead, and hence it needs to be covered by this sepolicy. Test: adb unroot && adb shell dex2oat Bug: 218986148 Bug: 124106384 Change-Id: Ic52b30e0974829b5e5cde5106e6c4eec9f61eec6	2022-04-14 17:52:51 +01:00
Xinyi Zhou	791567ece6	Change nearby from system_api_service to app_api_service This fixes CTS tests where NearbyManager is null because of SELinux is in enforcing mode. Detailed explanation: https://docs.google.com/document/d/1CiGn7Vg6LYwrMFvWonuK3fhNDCG5Sm4uCvefkvqpDcY/edit?usp=sharing NearbyManager APIs are using BLUETOOTH_PRIVILEDGED permission so only System apps can use them. Fix: 228273869 Test: -m Change-Id: I091fbea408cea52e934cb6a3917226fb1b2adbc4	2022-04-13 21:18:47 -07:00
Ilya Matyukhin	381ed1c8f2	Merge "Fix fingerprint failing to start on GSI images" am: `e0526e27e9` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2061687 Change-Id: I7c3855713e1a6c3bff46b0c9dc4647e999fcbb8c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-13 22:16:58 +00:00
Ilya Matyukhin	e0526e27e9	Merge "Fix fingerprint failing to start on GSI images"	2022-04-13 22:01:31 +00:00
Shikha Panwar	23ffb50e5a	Allow microdroid to start tombstone_transmit service ... and other required changes for setup Test: atest MicrodroidHostTestCases Change-Id: I300ac5db375e5d9f0edb3168effd2f8b9d7c5fc6	2022-04-13 21:09:38 +00:00
Thiébaud Weksteen	6a2fbfa84c	Track sys_module permission for system_server 04-02 11:47:07.529 1827 1827 I auditd : type=1400 audit(0.0:4): avc: denied { sys_module } for comm="system_server" capability=16 scontext=u:r:system_server:s0 tcontext=u:r:system_server:s0 tclass=capability permissive=0 Bug: 228030183 Test: boot, check that auditd parses bug_map correctly Change-Id: I6861a864a28577fc7841f5591fb7e1f3879a40d4	2022-04-13 10:48:13 +10:00
Treehugger Robot	c5132412d4	Merge "surfaceflinger: allow to be profiled by perfetto on release builds" am: `b1f61ba51b` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2060049 Change-Id: I855649d174a1e1eca03cf28754c0045afcf23aab Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-13 00:33:40 +00:00
Treehugger Robot	b1f61ba51b	Merge "surfaceflinger: allow to be profiled by perfetto on release builds"	2022-04-12 23:45:21 +00:00
Ryan Savitski	20d0aca7e6	surfaceflinger: allow to be profiled by perfetto on release builds This is a key system process for certain performance investigations, so allow perfetto profiling of its native heap and general callstack sampling. This is already allowed on debuggable builds via domain.te. In addition to the sepolicy, the profiler itself does checks on whether to allow profiling. At the time of writing, profiling requests coming from "shell" for surfaceflinger will be disallowed (as it is a native process running as "system"). However profiling requests coming from the platform via "statsd" will be allowed. Bug: 217368496 Tested: profiled surfaceflinger on local internal/master sargo-user build Change-Id: Ib092064ea911aed08d981adc823cd871fc271a96	2022-04-12 23:41:14 +00:00
Kalesh Singh	65164b314d	Merge changes from topic "mglru-exp" am: `6ba41462d5` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2056411 Change-Id: Ia843e221e541d7c359a2c32a72ca19faac6d09bc Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-12 14:04:11 +00:00
Kalesh Singh	6ba41462d5	Merge changes from topic "mglru-exp" * changes: Add sepolicy for Multi-Gen LRU sysfs control Add sepolicy for mglru_native flag namespace	2022-04-12 13:48:48 +00:00
Richard Chang	7057e4abca	sepolicy: allow vendor system native experiments property Grant system_server and flags_health_check permission to set the properties that correspond to vendor system native experiments. Bug: 226456604 Test: Build Change-Id: Ib2420cf6eaf1645e7f938db32c93d085dd8950a3	2022-04-12 08:11:53 +00:00

1 2 3 4 5 ...

35826 commits