We had disabled the neverallow rule when system_server was
in permissive_or_unconfined(), but forgot to reenable it.
Now that system_server is in enforcing/confined, bring it
back.
Change-Id: I6f74793d4889e3da783361c4d488b25f804ac8ba
The new sideloading mechanism in recovery needs to create a fuse
filesystem and read files from it.
Change-Id: I22e1f7175baf401d2b75c4be6673ae4b75a0ccbf
Remove the auditallow statements from app.te and
binderservicedomain.te which were causing log spam.
Change-Id: If1c33d1612866df9f338e6d8c19d73950ee028eb
Map imms to system_app_service in service_contexts and add
the system_app_service type and allow system_app to add the
system_app_service.
Bug: 16005467
Change-Id: I06ca75e2602f083297ed44960767df2e78991140
Remove the allow rule for default services in
binderservicedomain.te so we will need to whitelist any
services to be registered.
Change-Id: Ibca98b96a3c3a2cbb3722dd33b5eb52cb98cb531
This is extremely useful as it allows timeouts on the socket.
Since ioctl is allowed, setopt shouldn't be a problem.
Resolves denials, in 3rd party apps, such as:
avc: denied { setopt } for pid=18107 comm="AudioRouter-6"
scontext=u:r:untrusted_app:s0 tcontext=u:r:bluetooth:s0
tclass=unix_stream_socket
Change-Id: I6f38d7b86983c517575b735f43b62a2ed811e81c
Signed-off-by: Sérgio Faria <sergio91pt@gmail.com>
Chrome renderer processes dlopen() a shared library from
gmscore. Open and read on app data file is already allowed,
but execute isn't, so the dlopen() fails. This is a regression
from K, where the dlopen succeeded.
Longer term, there's questions about whether this is appropriate
behavior for an isolated app. For now, allow the behavior.
See the discussion in b/15902433 for details.
Addresses the following denial:
I/auditd ( 5087): type=1400 audit(0.0:76): avc: denied { execute } for comm="CrRendererMain" path="/data/data/com.google.android.gms/files/libAppDataSearchExt_armeabi_v7a.so" dev="mmcblk0p28" ino=83196 scontext=u:r:isolated_app:s0 tcontext=u:object_r:app_data_file:s0 tclass=file
Bug: 15902433
Change-Id: Ie98605d43753be8c31a6fe510ef2dde0bdb52678
Adding services to service_contexts for the
pending commits Icf5997dd6a6ba5e1de675cf5f4334c78c2c037f1
and Ibe79be30b80c18ec45ff69db7527c7a4adf0ee08.
Change-Id: Ie898866d1ab3abba6211943e87bcec77ba568567
Add keystore_key class and an action for each action supported
by keystore. Add policies that replicate the access control that
already exists in keystore. Add auditallow rules for actions
not known to be used frequently. Add macro for those domains
wishing to access keystore.
Change-Id: Iddd8672b9e9b72b45ee208e6eda608cc9dc61edc
dumpstate uses vdc to collect asec lists and do a vold dump.
Force a transition into the vdc domain when this occurs.
Addresses the following denial:
<4>[ 1099.623572] type=1400 audit(1403716545.565:7): avc: denied { execute } for pid=6987 comm="dumpstate" name="vdc" dev="mmcblk0p8" ino=222 scontext=u:r:dumpstate:s0 tcontext=u:object_r:vdc_exec:s0 tclass=file permissive=0
Change-Id: I4bd9f3ad83480f8c9f9843ffe136295c582f96fe
system_server scans through /proc to keep track of process
memory and CPU usage. It needs to do this for all processes,
not just appdomain processes, to properly account for CPU and
memory usage.
Allow it.
Addresses the following errors which have been showing up
in logcat:
W/ProcessCpuTracker(12159): Skipping unknown process pid 1
W/ProcessCpuTracker(12159): Skipping unknown process pid 2
W/ProcessCpuTracker(12159): Skipping unknown process pid 3
Bug: 15862412
Change-Id: I0a75314824404e060c6914c06a371f2ff2e80512
