tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
35307 commits 1 branch 0 tags 50 MiB
Commit graph

35307 commits

This branch
This branch
All branches
Author SHA1 Message Date
Xin Li
6875b8a827 Merge Android 12L 
Bug: 222710654
Merged-In: Ia6c46f2de07731b0e423da6bb32a27b8c1bbe171
Change-Id: Ia65e634d559b9ddc3eb9d4dccec9b9358648dddb
 2022-03-08 00:21:27 +00:00
Treehugger Robot
071a0a1d17 Merge "Allow EVS HAL to access data from surfaceflinger" am: b774b141dc 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2010133

Change-Id: Ia6c46f2de07731b0e423da6bb32a27b8c1bbe171
 2022-03-07 17:57:06 +00:00
Treehugger Robot
b774b141dc Merge "Allow EVS HAL to access data from surfaceflinger" 2022-03-07 17:31:17 +00:00
Michael Eastwood
b7c5fe9d56 Allow vendor domain to communicate with traced. am: 670b38baa9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2009117

Change-Id: I87a0933db89b416a50072fbad8f21884f327d554
 2022-03-07 15:55:11 +00:00
Changyeon Jo
8c4ebe21f5 Allow EVS HAL to access data from surfaceflinger 
Bug: 216727303
Test: m -j selinux_policy
Change-Id: Id89a99372e334c87cd1c80c06b5b695e5c8d69e6
 2022-03-07 15:42:17 +00:00
Michael Eastwood
670b38baa9 Allow vendor domain to communicate with traced. 
This is necessary for vendor code to be able to send trace packets to
Perfetto, which we are doing as part of an effort to provide more
detailed profiling of some vendor code.

Bug: 222684359
Test: (with downstream policy updates) m selinux_policy
Change-Id: I5ab1c04290f69e391d66a76c262d75cadb794f8d
 2022-03-04 08:30:29 -08:00
Bob Badour
bad80e1490 Move comment to license_note am: 97bef10ca6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2008274

Change-Id: I728a46cbcb6466a466a38dcc24edb8fabd556fef
 2022-03-04 08:30:09 +00:00
Bob Badour
97bef10ca6 Move comment to license_note 
Comments not preserved during refresh.

Test: m nothing
Change-Id: Ifb0356ca49796b89446a50918bae95069b9c5fb4
 2022-03-03 14:58:45 -08:00
Inseob Kim
9acadc754d Merge changes from topic "sepolicy_test" am: 4891dbefad 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2000471

Change-Id: I865886016a9e02c6d53ff775c8b87746dae69a4a
 2022-03-03 04:29:57 +00:00
Inseob Kim
4891dbefad Merge changes from topic "sepolicy_test" 
* changes:
  Build vndservice_contexts with Android.bp
  Move sepolicy_test to Android.bp
 2022-03-03 04:02:25 +00:00
Inseob Kim
c7596c4e61 Build vndservice_contexts with Android.bp 
Bug: 33691272
Test: boot a device which uses vndservice_contexts
Change-Id: I28c36b74d4176954099f3b7e80a4869b7c44640f
 2022-03-02 17:26:44 +09:00
Inseob Kim
61257ca545 Move sepolicy_test to Android.bp 
Bug: 33691272
Test: m selinux_policy triggers sepolicy_test
Change-Id: I1618c2a35b3ce9d747db3955788427dc422fd532
 2022-03-02 17:25:52 +09:00
sandrom
6bfe9b9115 Allow apexd to enable fsverity on /metadata am: 6446490287 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1979766

Change-Id: I8bed12a4fe8145d50edf9b2425f1bf97d3b21772
 2022-03-02 08:21:21 +00:00
sandrom
6446490287 Allow apexd to enable fsverity on /metadata 
Bug: 218672709
Test: manual tests

Change-Id: Idaead3ecd3f3488512908febbdc368e184b7bca9
 2022-03-01 16:33:55 +00:00
Thiébaud Weksteen
3886aa5237 Merge "Remove bug_map for hal_wifi_default" am: 8ce2e156d0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2001830

Change-Id: I1e1a6e65af7e4b4cfd4db5f5a6af3f66b970e793
 2022-03-01 09:40:38 +00:00
Thiébaud Weksteen
8ce2e156d0 Merge "Remove bug_map for hal_wifi_default" 2022-03-01 09:06:30 +00:00
Thiébaud Weksteen
b8abcadd5b Remove bug_map for hal_wifi_default 
Bug: 220258444
Test: build & boot cuttlefish
Change-Id: I3b5c0ad1b9cbdca5f86e7615d243192163b99aaf
 2022-02-28 14:30:22 +11:00
Ankit Goyal
07b5aa323e Merge "Add sepolicy for graphics IAllocator AIDL based HAL" am: b9314baf97 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2000351

Change-Id: I799ec9df6349033df237f473e0c524bdd531b683
 2022-02-25 19:44:00 +00:00
Robert Shih
5869511f62 Merge "Allow dumpstate to call dump() on drm hals" am: 9846fb4082 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2000271

Change-Id: I794e8e754076e2e7dfbf67a7c5843906e010417d
 2022-02-25 19:43:49 +00:00
Ankit Goyal
b9314baf97 Merge "Add sepolicy for graphics IAllocator AIDL based HAL" 2022-02-25 19:34:38 +00:00
Robert Shih
9846fb4082 Merge "Allow dumpstate to call dump() on drm hals" 2022-02-25 19:19:46 +00:00
Alan Stokes
4c79e09417 Allow shell to read updated APEXes am: 5490752cfc 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1998997

Change-Id: I85fe4921c571f90e9f1fd321d460832c1fed192f
 2022-02-25 15:06:53 +00:00
Alan Stokes
5490752cfc Allow shell to read updated APEXes 
This is useful for certain tests. Note that it is already possible to
access these files without root via adb pull, since adbd has
access. Shell also already has access to non-updated APEXes on
/system/apex.

Bug: 220918654
Test: adb unroot; pm install --apex /data/apex/decompressed/X.decompressed.apex
Change-Id: I35725499365b297a64c9005c8e45325531d3991d
 2022-02-25 12:16:14 +00:00
Treehugger Robot
936d704f76 Merge "Block crash_dump from no_crash_dump_domain" am: a4e2f0ce01 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1998992

Change-Id: I3550c702e1bcf192b00f8da50c4ea66d633c6cab
 2022-02-25 09:10:17 +00:00
Treehugger Robot
a4e2f0ce01 Merge "Block crash_dump from no_crash_dump_domain" 2022-02-25 08:53:36 +00:00
Robert Shih
bf4d7522d7 Allow dumpstate to call dump() on drm hals 
Bug: 220996660
Test: adb bugreport
Change-Id: I222c5e845d481dd9f3dcf796d50ca91c6174a023
 2022-02-25 06:07:53 +00:00
Ankit Goyal
2736da21a4 Add sepolicy for graphics IAllocator AIDL based HAL 
Bug: 217776226
Bug: 218383959
Test: Boots to home with the new HAL
Change-Id: I8d0d2182d389c39b54f492d4d6df64ca14737997
 2022-02-24 17:14:29 -08:00
Alan Stokes
ff648192d9 Block crash_dump from no_crash_dump_domain 
These domains already can't transition to crash_dump, but also need to
make sure crash_dump can't be run and pointed at them.

Bug: 218494522
Test: Builds
Change-Id: I76f88faf8ff4c88e85eaf6a8db546dc644a71928
 2022-02-24 16:36:40 +00:00
Daniele Di Proietto
60f6de3137 Silence error when traced_probes invokes atrace with pipes am: 6872b1db69 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1998990

Change-Id: I4ce4bb1bd4ec6c745e7cbe4add540432a95746d8
 2022-02-24 15:47:43 +00:00
Daniele Di Proietto
6872b1db69 Silence error when traced_probes invokes atrace with pipes 
perfetto traced_probes executes atrace with a pipe for stdout/stderr.
That aleady works because atrace can `write` onto traced_probes's pipes.

Now traced_probes needs to invoke atrace at boot time. This revealed a
problem (I'm pretty sure it was an existing problem and it was
completely harmless):

```
02-23 22:00:41.951   605   605 I auditd  : type=1400 audit(0.0:94): avc:
denied { getattr } for comm="atrace" path="pipe:[17964]" dev="pipefs"
ino=17964 scontext=u:r:atrace:s0 tcontext=u:r:traced_probes:s0
tclass=fifo_file permissive=0
```

atrace doesn't just need `write` permissions on its
stdout/stderr pipes, it also needs `getattr` permissions (probably
because of [this][1]?)

[1]: https://cs.android.com/android/platform/superproject/+/master:bionic/libc/bionic/libc_init_common.cpp;l=156;drc=7a2386bf89f9bfd4e53eba9304e4239b3fdf0d06)
Bug: 219393750
Change-Id: I53b0f60cdd763863c834a883fbb77664e528dd15
 2022-02-24 13:14:04 +00:00
Alan Stokes
d4f00ed894 Allow piping console output to clients am: 23161e51cc 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1997006

Change-Id: I94b59f8e7c92affdea59010257142f26479dc312
 2022-02-24 10:15:37 +00:00
Alan Stokes
23161e51cc Allow piping console output to clients 
Any virtualization service client should be able to use a pipe for the
VM log fds.

We previously had some support for this in crosvm (but appdomain is
the wrong label), but not for virtualizationservice. Instead I've
centralised it in the virtualizationservice_use macro so it applies to
exactly those things that can start a VM.

I've removed read permission from crosvm; it doesn't seem to be
needed, and logically it shouldn't be.

Test: Patch in https://r.android.com/1997004, see no denials
Change-Id: Ia9cff469c552dd297ed02932e9e91a5a8cc2c13f
 2022-02-23 17:28:49 +00:00
Treehugger Robot
9d631321c9 Merge "Dontaudit property access by odrefresh in the VM" am: 275836a9af 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1996010

Change-Id: Ie28a45a8d7e2a820d6962ec67144cc4ee1e45ff9
 2022-02-23 16:49:24 +00:00
Treehugger Robot
7be1327191 Merge "Remove now-unused permissions" am: 383b946787 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1995010

Change-Id: I69b69cf867775d892b0ec3a7dd34f741dffa84b2
 2022-02-23 16:36:40 +00:00
Treehugger Robot
275836a9af Merge "Dontaudit property access by odrefresh in the VM" 2022-02-23 12:07:45 +00:00
Treehugger Robot
383b946787 Merge "Remove now-unused permissions" 2022-02-23 11:23:25 +00:00
Victor Hsieh
e2156d071e Dontaudit property access by odrefresh in the VM 
Bug: 210030607
Test: composd_cmd test-compile, no more denials in vm.log
Change-Id: I728398f812680354b813d03e0d23eecca330c47e
 2022-02-22 23:10:04 +00:00
Treehugger Robot
8d1ef06ab3 Merge "Allow hal_graphics_composer to write to a pipe We would like SurfaceFlinger to be able to create a pipe and provide the write-end to the graphics composer to dump debug info for dumpsys. Bug: 220171623 Test: atest VtsHalGraphicsComposer3_TargetTest Test: adb shell dumpsys SurfaceFlinger Test: adb shell dumpsys android.hardware.graphics.composer3.IComposer/default" am: 5beaf4adfb 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1991020

Change-Id: I04c8a51df78ead1cd9c34d341db17fd1e28baa29
 2022-02-22 18:31:47 +00:00
Treehugger Robot
5beaf4adfb Merge "Allow hal_graphics_composer to write to a pipe We would like SurfaceFlinger to be able to create a pipe and provide the write-end to the graphics composer to dump debug info for dumpsys. Bug: 220171623 Test: atest VtsHalGraphicsComposer3_TargetTest Test: adb shell dumpsys SurfaceFlinger Test: adb shell dumpsys android.hardware.graphics.composer3.IComposer/default" 2022-02-22 18:05:24 +00:00
Alan Stokes
0c5449b193 Remove now-unused permissions 
CompOS no longer talks directly to DICE (compos_key_helper does). odsign
no longer promotes or deletes instance CompOS files, and the key files
don't exist any more.

Bug: 218494522
Test: Manual; trigger compilation, reboot & watch odsign
Change-Id: Ibc251180122e6e4789b4be5669da3da67517b49c
 2022-02-22 17:40:05 +00:00
Treehugger Robot
27553e2b3e Merge "Add ro.lmk.stall_limit_critical property policies" am: ffad0ee0e1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1992292

Change-Id: Ie94a54c2fcd4f206fde3a840ab5c448725e4430a
 2022-02-22 11:19:32 +00:00
Treehugger Robot
ffad0ee0e1 Merge "Add ro.lmk.stall_limit_critical property policies" 2022-02-22 09:41:27 +00:00
Anton Kulakov
995d44896b Add file contexts for AdServices APEX am: dc4332b32b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1992910

Change-Id: I85085378f6150f58232d75342c69f0c32ef8381c
 2022-02-21 13:40:46 +00:00
Anton Kulakov
dc4332b32b Add file contexts for AdServices APEX 
Test: Build
Bug: 220336612
Change-Id: Iab64d228a5edcd3a9f71b59c5adf3a9460cd1947
 2022-02-21 09:55:07 +00:00
Ady Abraham
3f045e296e Allow hal_graphics_composer to write to a pipe 
We would like SurfaceFlinger to be able to create a pipe and provide
the write-end to the graphics composer to dump debug info for dumpsys.
    
 Bug: 220171623
 Test: atest VtsHalGraphicsComposer3_TargetTest
 Test: adb shell dumpsys SurfaceFlinger
 Test: adb shell dumpsys android.hardware.graphics.composer3.IComposer/default

Change-Id: Ie2cbe76fb0d224235a8ea99f68a20e2139e1cc56
 2022-02-19 01:09:41 +00:00
Suren Baghdasaryan
e121dc5ae2 Add ro.lmk.stall_limit_critical property policies 
Add policies to control ro.lmk.stall_limit_critical lmkd property.

Bug: 205182133
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: Ie5e68dc358c1657501cb59afaba0385697210ccf
 2022-02-18 13:39:28 -08:00
Yabin Cui
06e7873d64 Merge "profcollectd: allow to request wakelock from system_suspend." am: 2f2ff42a24 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1989138

Change-Id: Iddf70d8dcf23d2ba00f15d09a9dfe5573aaf763a
 2022-02-18 16:40:35 +00:00
Yabin Cui
2f2ff42a24 Merge "profcollectd: allow to request wakelock from system_suspend." 2022-02-18 16:16:01 +00:00
Treehugger Robot
33f0d49ae4 Merge "SELinux issues:" am: c9ab4a420c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1991271

Change-Id: I08990e0ad83b7a090838d7837d303aa52bca201e
 2022-02-18 10:07:53 +00:00
Treehugger Robot
c9ab4a420c Merge "SELinux issues:" 2022-02-18 09:42:04 +00:00