Commit graph

187 commits

Author SHA1 Message Date
Inseob Kim
2aac33597d Use prebuilts for compat test if prebuilts exist
system/sepolicy should support both REL build and ToT build. That means
that system/sepolicy and prebuilts may differ. As the frozen sepolicy is
what vendor sepolicy uses, so we need to use prebuilts to run Treble
compat test.

Bug: 296875906
Test: m selinux_policy on REL
Change-Id: I4b290266ba87e3f011d640bec133fc88359ea52f
2023-09-08 10:44:49 +09:00
Inseob Kim
0d49b9bc28 Use only public cil files for Treble compat test
Rationale for this change:

1) Vendors use only public files, so we should be able to use only
   public cil files for compatibility test.
2) treble_sepolicy_tests_for_release.mk is too complex, because it
   requires compiled sepolicy. Reducing the complexity will help migrate
   into REL build.
3) This fixes a tiny bug of treble_sepolicy_tests that it can't catch
   public types being moved to private types, and then removed. 29.0.cil
   and 30.0.cil change contains such missing public types.

Bug: 296875906
Test: m selinux_policy (with/without intentional breakage)
Change-Id: Ia2c0733176df898f268b5680195da25b588b09c7
2023-09-07 16:35:08 +09:00
Inseob Kim
5d7423ff3d Build prebuilt policy with Soong
... and remove redundant Makefile codes. This also updates commit hook
as we now only use Soong to build sepolicy.

Bug: 296875906
Test: m selinux_policy
Change-Id: I93f0d222a0c10e31c51c9380780a8927c47d62b1
2023-09-07 16:32:30 +09:00
Inseob Kim
36d9d39e6e Relax freeze_test to check only compatibility
For now, freeze_test compares prebuilts against sources with diff, to
ensure that sources are identical to prebuilts. However, it could be the
case that the branch should be able to build both REL and ToT. In that
case, changes to the sources are inevitable and the freeze test will
fail.

To fix the issue, freeze_test will now only check compatibility. To be
specific, it will check if any public types or attributes are removed.
Contexts files and neverallow rules are not checked, but they may be
added later. Also to support the new freeze_test

- build_files module is changed to use glob (because REL version won't
  be in compat versions list)
- plat_pub_policy modules are added under prebuilts/api (because
  freeze_test needs that)

Bug: 296875906
Test: m selinux_policy
Change-Id: I39c40992965b98664facea3b760d9d6be1f6b87e
2023-09-05 03:37:18 +00:00
Inseob Kim
d16612cd8a Remove 28.0 compat support
Treble doesn't support U system + P vendor, so removing P (28.0)
prebuilts and compat files.

Bug: 267692547
Test: build
Change-Id: I3734a3d331ba8071d00cc196a2545773ae6a7a60
2023-04-03 15:17:03 +09:00
Treehugger Robot
7e5a5e8b1f Merge "Remove compat test from treble sepolicy tests" am: 8e6b55a13d
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1985246

Change-Id: I9b7cb61dfb0dc823d39c8e35d1fff323675a835d
2022-02-17 01:46:44 +00:00
Inseob Kim
73f43ff847 Remove compat test from treble sepolicy tests
Treble sepolicy tests check whether previous versions are compatible to
ToT sepolicy or not. treble_sepolicy_tests_for_release.mk implements it,
but it also includes a compat test whether ToT sepolicy + {ver} mapping
+ {ver} plat_pub_versioned.cil can be built together or not. We
definitely need such tests, but we already have a test called "compat
test" which does exactly that, and testing it again with Treble sepolicy
tests is just redundant. The only difference between those two is that
Treble sepolicy tests can also test system_ext and product compat files,
which was contributed by a partner.

The ultimate goal here is to migrate *.mk to Soong, thus merging these
two tests (compat, Treble) into one. As we've already migrated the
compat test to Soong, this change removes the compat test part from
treble sepolicy tests. Instead, the compat test will be extended so it
can test system_ext and product compat files too.
prebuilts/api/{ver}/plat_pub_versioned.cil and
prebuilts/api/{ver}/vendor_sepolicy.cil are also removed as they aren't
used anymore: vendor_sepolicy.cil is an empty stub, and
plat_pub_versioned.cil can be built from the prebuilt source files.

Bug: 33691272
Test: m selinux_policy
Change-Id: I72f5ad0e8bbe6a7c0bbcc02f0f902b953df6ff1a
2022-02-16 04:09:29 +00:00
Gregory Montoir
ce512a168f Allow adbd to access /proc/net/{tcp,tcp6,udp,udp6} am: f7727ace66 am: 84f6646c7c am: 8bac0a5547 am: 796f6637e4 am: 8881759651 am: ee34c61f9d am: 90aa30a199
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/16602719

Change-Id: I76f6885db97541a29e407c37d4e3da11156eb9ce
2022-01-13 00:26:55 +00:00
Gregory Montoir
8881759651 Allow adbd to access /proc/net/{tcp,tcp6,udp,udp6} am: f7727ace66 am: 84f6646c7c am: 8bac0a5547 am: 796f6637e4
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/16602719

Change-Id: I76bdaca952b528a9fea775e3a0276f3be592bf33
2022-01-12 23:44:25 +00:00
Gregory Montoir
8bac0a5547 Allow adbd to access /proc/net/{tcp,tcp6,udp,udp6} am: f7727ace66 am: 84f6646c7c
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/16602719

Change-Id: I11fc36fbc3d65609a3215e9cecf5ce22fb06b97e
2022-01-12 23:14:44 +00:00
Gregory Montoir
84f6646c7c Allow adbd to access /proc/net/{tcp,tcp6,udp,udp6} am: f7727ace66
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/16602719

Change-Id: I0f2729fc6ef1737965de0e38495a4908b76890d0
2022-01-12 23:02:17 +00:00
Gregory Montoir
f7727ace66 Allow adbd to access /proc/net/{tcp,tcp6,udp,udp6}
File accesses go through com.android.ddmlib.SyncService for CTS
ListeningPortsTest.

Bug: 201645790
Test: atest ListeningPortsTest
Ignore-AOSP-First: Fix already in AOSP
Change-Id: I0c66fb5e35cda3b1799cf003402e454d7a951e96
2022-01-12 14:34:33 +00:00
Inseob Kim
9dc6d70044 Remove 26.0 and 27.0 compat support
Treble doesn't support T system + O vendor, so removing 26.0 (N) and
27.0 (O) prebuilts and compat files.

Bug: 207815515
Test: build
Change-Id: I98d5972221a8e77f3c45fc48ff50bb2b8eb94275
2021-12-02 10:22:10 +09:00
Xin Li
11da9e6792 Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709)
Bug: 166295507
Merged-In: I6d0b1be1a46288fff42c3689dbef2f7443efebcc
Change-Id: I133180d20457b9f805f3da0915e2cf6e48229132
2020-08-29 01:45:24 -07:00
Jeff Sharkey
5001f53eeb Update language to comply with Android's inclusive language guidance am: a0e7a6da28 am: bf4ffe38ca
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1382607

Change-Id: Ie620bda6a353f992c6901ba4399e403827005826
2020-07-31 21:13:55 +00:00
Jeff Sharkey
a0e7a6da28 Update language to comply with Android's inclusive language guidance
See https://source.android.com/setup/contribute/respectful-code for reference

Bug: 161896447
Change-Id: I0caf39b349c48e44123775d98c52a773b0b504ff
2020-07-31 12:28:11 -06:00
Martijn Coenen
4c386e10c9 Don't give uid-based categories to app_zygote and isolated processes.
The mapping of UIDs to categories can only take 16 bits, yet isolated
processes start at UID 90000. Additionally, the main purpose of these
categories was to isolate app-private storage, but since isolated
processes don't have access to app-private storage anyway, removing them
doesn't hurt.

The upside is that this allows us to remove mIstrustedsubject from the
app_zygote domain, which prevents app code running in that context from
assigning itself arbitrary categories.

Bug: 157598026
Test: inspect categories of app_zygote and children; verify Chrome works
Merged-In: Idfa8625d939cf30f3683436949bb4f335851622a
Merged-In: I608a096cecffc1c1ff837611ca500a8da3cf1320
Change-Id: I608a096cecffc1c1ff837611ca500a8da3cf1320
2020-06-10 11:56:35 +00:00
Martijn Coenen
46e512ad46 Don't give uid-based categories to app_zygote and isolated processes.
The mapping of UIDs to categories can only take 16 bits, yet isolated
processes start at UID 90000. Additionally, the main purpose of these
categories was to isolate app-private storage, but since isolated
processes don't have access to app-private storage anyway, removing them
doesn't hurt.

The upside is that this allows us to remove mIstrustedsubject from the
app_zygote domain, which prevents app code running in that context from
assigning itself arbitrary categories.

Bug: 157598026
Test: inspect categories of app_zygote and children; verify Chrome works
Merged-In: Idfa8625d939cf30f3683436949bb4f335851622a
Merged-In: I608a096cecffc1c1ff837611ca500a8da3cf1320
Change-Id: I608a096cecffc1c1ff837611ca500a8da3cf1320
2020-06-10 07:10:59 +00:00
Ioannis Ilkos
d723f38fe9 Enable tracing of the ion/ion_stat events
These events supersede the ion_heap_grow / ion_heap_shrink events on
4.19+ kernels.

Bug: 154302786
Test: build, run on cuttlefish with new kernel, ls -lZ /sys/kernel/tracing/events/ion/ion_stat/enable
Merged-In: I262d8c3269d4261701361ad4b1bdc322f1f03969
Change-Id: I262d8c3269d4261701361ad4b1bdc322f1f03969
2020-04-28 07:59:39 +01:00
Ioannis Ilkos
b7a4c2eb85 Merge "Enable tracing of the ion/ion_stat events" am: e597605e01 am: 6d89f47641
Change-Id: Ie412e230a1c0d6ae0926d2a8f169bd554fff2d17
2020-04-27 14:15:46 +00:00
Ioannis Ilkos
6d89f47641 Merge "Enable tracing of the ion/ion_stat events" am: e597605e01
Change-Id: I7364756d418c170570322e14221aa0a9692fc04c
2020-04-27 14:06:04 +00:00
Ioannis Ilkos
2e03e77f0a Enable tracing of the ion/ion_stat events
These events supersede the ion_heap_grow / ion_heap_shrink events on
4.19+ kernels.

Bug: 154302786
Test: build, run on cuttlefish with new kernel, ls -lZ /sys/kernel/tracing/events/ion/ion_stat/enable
Change-Id: I262d8c3269d4261701361ad4b1bdc322f1f03969
2020-04-24 10:10:35 +01:00
Collin Fijalkovich
c6c9229cfa Allow Traceur record the mm_event trace event.
Bug: 150130660
Test: Took a trace with Traceur and verified mm_event records
were included when the memory category was enabled.

Merged-In: I5e783fbbe91dbe330b49fb11cd7d32ac820e7a5c
Change-Id: I5e783fbbe91dbe330b49fb11cd7d32ac820e7a5c
(cherry picked from commit 45be3aa649)
2020-04-07 16:29:50 +00:00
Collin Fijalkovich
f47e5a828d Merge "Allow Traceur record the mm_event trace event." am: 25e9ff9ddc am: 119d0a451a
Change-Id: Ic5e210a743a04b7b963af492137e816aa80ac062
2020-04-01 17:28:17 +00:00
Collin Fijalkovich
84a845d84c Merge "Allow Traceur record the mm_event trace event." am: 25e9ff9ddc am: 119d0a451a
Change-Id: Iad6489ec58d558395310318b9250b814c751cf05
2020-04-01 17:28:04 +00:00
Collin Fijalkovich
119d0a451a Merge "Allow Traceur record the mm_event trace event." am: 25e9ff9ddc
Change-Id: I72becf852437b269aab4bf70d14810175985f22c
2020-04-01 17:14:15 +00:00
Collin Fijalkovich
2d1e4ce577 Allow Traceur record the mm_event trace event.
Bug: 150130660
Test: Took a trace with Traceur and verified mm_event records
were included when the memory category was enabled.

Change-Id: Iea39467d0d37d12a78fbde57b8d9649fad45b652
2020-03-30 16:23:32 -07:00
Tao Bao
6131110763 Ignore the denial due to vendor_misc_writer reading DT fstab. am: ab38d7073e am: 086085b8ad
Change-Id: I0d9fbabdd5402a0ea3d25b8137fd11d89fc08e24
2020-03-30 14:35:31 +00:00
Tao Bao
086085b8ad Ignore the denial due to vendor_misc_writer reading DT fstab. am: ab38d7073e
Change-Id: I33416cf74bab1bd45fb7eec879391976943c9b00
2020-03-30 14:19:01 +00:00
Tao Bao
ff229fc4b8 Ignore the denial due to vendor_misc_writer reading DT fstab. am: ab38d7073e
Change-Id: I5522be992b05e51d6af245eebb728a57691a56c5
2020-03-30 14:18:56 +00:00
Tao Bao
ab38d7073e Ignore the denial due to vendor_misc_writer reading DT fstab.
This CL addresses the following denial, when vendor_misc_writer tries to
read DT fstab (i.e. device tree fstab) for /misc entry.

avc: denied { search } for comm="misc_writer" name="android" dev="sysfs" ino=17456 scontext=u:r:vendor_misc_writer:s0 tcontext=u:object_r:sysfs_dt_firmware_android:s0 tclass=dir

DT fstab was used for devices shipped prior to Q, for early-mounting
partitions (e.g. /system, /vendor, /product), which has been disallowed
for Q launch devices. vendor_misc_writer is a new module added since Q,
so it doesn't need to worry about the legacy code path; in practice
there's no benefit of putting /misc entry into DT fstab either.

Bug: 134122603
Bug: 152718206
Test: Build and flash taimen with the change that enables
      vendor_misc_writer. Check that it no longer gives the above denial
      during boot.
Change-Id: Id2fb206706f7cd19a4cde2701e4155bfc03f01b4
2020-03-30 11:49:35 +02:00
Steven Thomas
1454af74a3 Allow access to the "refresh_rate_switching" system property
Bug: 147233255
Bug: 136592946
Bug: 138261472

Test: Ran with the patch applied, confirmed surface flinger can access
the system property.

Change-Id: I259a488399c5e698de384322852ea81ea1a96e7d
Merged-In: I259a488399c5e698de384322852ea81ea1a96e7d
Exempt-From-Owner-Approval: Approved internally
2020-03-23 16:01:38 -07:00
Steven Thomas
4ee8089356 Allow access to the "refresh_rate_switching" system property
Bug: 147233255
Bug: 136592946
Bug: 138261472

Test: Ran with the patch applied, confirmed surface flinger can access
the system property.

Change-Id: I259a488399c5e698de384322852ea81ea1a96e7d
Merged-In: I259a488399c5e698de384322852ea81ea1a96e7d
Exempt-From-Owner-Approval: Approved internally
2020-03-20 22:32:15 -07:00
Xin Li
a4a80b828e DO NOT MERGE - Merge qt-qpr1-dev-plus-aosp@6304901 into stage-aosp-master
Bug: 151763422
Change-Id: Ib2023d4664aaf6bbb555a2acc71666d8601693f8
2020-03-19 10:10:44 -07:00
Treehugger Robot
282735ec15 Merge "Allow XML file paths to be customized with sysprop" am: fa4a015fa1 am: e899ee1913
Change-Id: I1a0a851f5a70bc347c981a348eab5e34cf5551aa
2020-03-18 23:26:12 +00:00
Treehugger Robot
9a61042ffe Merge "Allow XML file paths to be customized with sysprop" am: fa4a015fa1 am: e899ee1913
Change-Id: I2ba3cb14676e2e76fe24951812b9a83b225f1e84
2020-03-18 23:26:01 +00:00
Pawin Vongmasa
76d7cf961e Allow XML file paths to be customized with sysprop
Three properties are declared as vendor-init-settable:
ro.media.xml_variant.codecs
ro.media.xml_variant.codecs_performance
ro.media.xml_variant.profiles

media_codecs.xml can now be named
media_codecs${ro.media.xml_variant.codecs}.xml

media_codecs_performance.xml can now be named
media_codecs_performance${ro.media.xml_variant.codecs_performance}.xml

media_profiles_V1_0 can now be named
media_profiles${ro.media.xml_variant.profiles}.xml

Test: Rename "media_codecs.xml" to "media_codecs_test.xml",
set ro.media.xml_variant.codecs to "_test", then
call "stagefright -i".

Test: Rename "media_codecs_performance.xml" to
"media_codecs_performance_test.xml",
set ro.media.xml_variant.codecs_performance to "_test", then
run android.media.cts.VideoDecoderPerfTest.

Test: Rename "media_profiles_V1_0.xml" to "media_profiles_test.xml",
set ro.media.xml_variant.profiles to "_test", then
run vts_mediaProfiles_validate_test.

Bug: 142102953
Change-Id: I407a0a327fcc8e799bb4079b11048a497565be48
2020-03-18 06:02:55 -07:00
Jeff Vander Stoep
a68dd136aa Prevent apps from causing presubmit failures
Apps can cause selinux denials by accessing CE storage
and/or external storage. In either case, the selinux denial is
not the cause of the failure, but just a symptom that
storage isn't ready. Many apps handle the failure appropriately.

These denials are not helpful, are not the cause of a problem,
spam the logs, and cause presubmit flakes. Suppress them.

Bug: 145267097
Bug: 151188413
Test: build

Merged-In: If87b9683e5694fced96a81747b1baf85ef6b2124
Change-Id: If87b9683e5694fced96a81747b1baf85ef6b2124
2020-03-12 08:38:05 +00:00
Jaegeuk Kim
2f5e44eb49 sepolicy: introduce boottime props in public
Bug: 146053177
Bug: 146053658
Bug: 149844577
Change-Id: Iddfefedc4538044c6abcc2eea29b86e3f038aee0
Merged-In: Iddfefedc4538044c6abcc2eea29b86e3f038aee0
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
2020-03-08 03:31:10 +00:00
Jaegeuk Kim
9a8ba7f64b sepolicy: introduce boottime props in public
Bug: 146053177
Bug: 146053658
Bug: 149844577
Change-Id: Iddfefedc4538044c6abcc2eea29b86e3f038aee0
Merged-In: Iddfefedc4538044c6abcc2eea29b86e3f038aee0
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
(cherry picked from commit 19df15400e)
2020-03-06 16:48:29 +00:00
Automerger Merge Worker
7ab65fadb7 Add property contexts for dex2oat cpu-set properties am: 23098ec3bb
Change-Id: Ifebf2c5b2780da8175f73135d8c534ce669473b4
2020-03-06 16:19:26 +00:00
Automerger Merge Worker
39aacfaf27 Add property contexts for dex2oat cpu-set properties am: 23098ec3bb
Change-Id: I0efdff9c0d1a911d6b9abd345169b1bb745de7cf
2020-03-06 09:05:39 +00:00
Orion Hodson
23098ec3bb Add property contexts for dex2oat cpu-set properties
New properties are:

 dalvik.vm.dex2oat-cpu-set [default compiler thread affinity]
 dalvik.vm.boot-dex2oat-cpu-set [compiler thread affinity for boot]
 dalvik.vm.image-dex2oat-cpu-set [thread affinity recompiling the boot image]

Bug: 141446571
Bug: 149395059
Test: Run installd tests with new properties defined in target mk file.
Change-Id: Idcbb1332aa9c18f6082b827eae0334d063644a41
(cherry picked from commit 7b2ee48cd2)
2020-03-05 08:48:53 +00:00
Automerger Merge Worker
daa110d022 Update Q sepolicy prebuilt am: 5f6290f3a9
Change-Id: Ie2970158c52e3675e17421ef4973cc926ddd4db5
2020-02-13 04:13:10 +00:00
Automerger Merge Worker
f4ccc4ba1a Update Q sepolicy prebuilt am: 1dd6321a00
Change-Id: I8caa160f6c9e7b86f6bab5848f9027a45c0a16c5
2020-02-12 12:18:45 +00:00
Alex Hong
5f6290f3a9 Update Q sepolicy prebuilt
This updates 29.0 api for dumpstate restart control property contexts

Bug: 147730517
Change-Id: I0aa7450dc0fb34de321cf8d2ba357b2ecabbcf43
2020-02-12 12:07:43 +08:00
Alex Hong
1dd6321a00 Update Q sepolicy prebuilt
This updates 29.0 api for dumpstate restart control property contexts

Bug: 147730517
Change-Id: I0aa7450dc0fb34de321cf8d2ba357b2ecabbcf43
2020-02-11 13:53:22 +08:00
Jaegeuk Kim
028f2c3453 Merge "block: allow init.rc to tune max discard size" into qt-qpr1-dev 2020-02-01 01:49:24 +00:00
Jaegeuk Kim
2b1e595e8f block: allow init.rc to tune max discard size
Init.rc requires to limit max discard to avoid long latencies.

Bug: 148209614
Change-Id: Idf3b295ac15efd5edf979ca896fdf826b9fc3c99
Merged-In: Idf3b295ac15efd5edf979ca896fdf826b9fc3c99
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
2020-01-23 20:02:58 +00:00
Automerger Merge Worker
b354eba19c Merge "Allow adb start/stop mdnsd via ctl.start/stop" into qt-qpr1-dev am: 2192ec6223
Change-Id: I1bafff0ae8087a3c72209eb2a6edcaddc1e5d463
2020-01-17 18:44:15 +00:00