tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
43949 commits 1 branch 0 tags 50 MiB
Commit graph

10008 commits

Author SHA1 Message Date
Li Li
87fa0f9f77 Merge "Allow system server read binderfs stats" into main 2023-10-20 23:57:19 +00:00
Wonsik Kim
c1ed17561c Merge "property_context: add Codec2 HAL selection property" into main 2023-10-20 23:08:29 +00:00
Li Li
0b3f585a63 Allow system server read binderfs stats 
When receiving the binder transaction errors reported by Android
applications, AMS needs a way to verify that information. Currently
Linux kernel doesn't provide such an API. Use binderfs instead until
kernel binder driver adds that functionality in the future.

Bug: 199336863
Test: send binder calls to frozen apps and check logcat
Test: take bugreport and check binder stats logs
Change-Id: I3bab3d4f35616b4a7b99d6ac6dc79fb86e7f28d4
 2023-10-20 13:22:24 -07:00
Vadim Caen
2892de504d Merge "Add sepolicy entry for read only virtual camera property" into main 2023-10-20 12:21:25 +00:00
Alan Stokes
faa538dbfc Suppress a denial on VM boot 
The denial is correct, but is causing test failures. However it
appears to be harmless and VMs are operating just fine.

Suppress it until the correct policy is ready.

Bug: 306516077
Test: atest MicrodroidHostTests
Change-Id: I5d8545add4927c2521c3d4e9dc2b5bedb91c0f45
 2023-10-20 10:59:52 +01:00
Vadim Caen
1b11440f56 Add sepolicy entry for read only virtual camera property 
Test: N/A
Bug: b/270352264
Change-Id: I7ee2873eadf7eba3f0f5eda340c88b6f6995ff3d
 2023-10-19 22:17:18 +02:00
Treehugger Robot
c5509a8ea0 Merge "Policy for virtual_camera native service" into main 2023-10-18 15:55:42 +00:00
Bruno BELANYI
2cc14046c1 Merge "Define SurfaceFlinger HDR priming opt-in sysprop" into main 2023-10-18 09:46:36 +00:00
Thiébaud Weksteen
293b3bcce7 Track access from platform_app to system_data_file 
avc: denied { search } for comm="ll.splashworker" name="10" dev="dm-69" ino=4225 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:system_data_file:s0:c522,c768 tclass=dir permissive=0 app=com.android.systemui

Test: boot and check logs
Bug: 306090533
Bug: 303581276
Change-Id: I9a3ebe68e471a36a601054c7130c474aed8bb183
 2023-10-18 17:36:36 +11:00
Wonsik Kim
c6decd4a8d property_context: add Codec2 HAL selection property 
Bug: 251850069
Test: run the example service and verify the selection works
Change-Id: I8b56e1f716a9dc06019232cd2c5061ccaa1951d0
 2023-10-17 14:13:37 -07:00
Eric Biggers
f53eb06fd3 Merge changes Ie6c7b17a,I35d9ea22 into main 
* changes:
  Stop granting permission to get_state of keystore2
  Stop granting permissions on keystore_key class
 2023-10-17 18:02:44 +00:00
Eric Biggers
d7fe10be98 Stop granting permission to get_state of keystore2 
The get_state permission of the "keystore2" class only guarded the
Binder API IKeystoreMaintenance#getState() served by keystore2.  That
API has been removed because it was unused
(https://r.android.com/2768246).  Therefore, stop granting the get_state
permission.

Don't actually remove the permission from private/access_vectors.  That
would break the build because it's referenced by rules in prebuilts/.

Bug: 296464083
Test: atest CtsKeystoreTestCases
Change-Id: Ie6c7b17a8652f86a75d48c134a6e71a634d63772
 2023-10-16 22:22:57 +00:00
Eric Biggers
cc5cb431ee Stop granting permissions on keystore_key class 
When keystore was replaced with keystore2 in Android 12, the SELinux
class of keystore keys was changed from keystore_key to keystore2_key.
However, the rules that granted access to keystore_key were never
removed.  This CL removes them, as they are no longer needed.

Don't actually remove the class and its permissions from
private/security_classes and private/access_vectors.  That would break
the build because they're referenced by rules in prebuilts/.

Bug: 171305684
Test: atest CtsKeystoreTestCases
Flag: exempt, removing obsolete code
Change-Id: I35d9ea22c0d069049a892def15a18696c4f287a3
 2023-10-16 22:22:54 +00:00
Treehugger Robot
f604b91706 Merge "Allow artd to reopen its own memfd." into main 2023-10-16 21:01:44 +00:00
Bruno BELANYI
d350de16ae Define SurfaceFlinger HDR priming opt-in sysprop 
Bug: 295257834
Test: manual - check that the sysprop can be defined after applying
Change-Id: I3be32ba76cf97d50c56f2dde0aeafb937b530508
 2023-10-16 16:27:54 +00:00
Thiébaud Weksteen
51cc740ca8 Ignore access from priv_app to wifi_config_prop 
Bug: 303581276
Bug: 291197167
Bug: 208360714
Bug: 208919128
Test: presubmit
Change-Id: Ia0750d39d7c1d666f2f5d58f4c16169b5348d32f
 2023-10-16 11:00:24 +11:00
Jiakai Zhang
4d70f0bf4b Allow artd to reopen its own memfd. 
Bug: 257532944
Test: atest CtsCompilationTestCases
Change-Id: I6e2a04fe2b9145aebd7db4d6a0d1ac560eddb66b
 2023-10-13 18:26:56 +00:00
Dennis Shen
72da88530f Merge "add next_boot_prop SELinux context to store staged sys prop" into main 2023-10-13 18:22:56 +00:00
Vadim Caen
f6e88ec70a Policy for virtual_camera native service 
Change-Id: Id0c582f9259ffd056b22f111d7e81bc061c2371d
 2023-10-13 16:42:11 +02:00
Dennis Shen
bb028e3e9a add next_boot_prop SELinux context to store staged sys prop 
Bug: b/300111812
Change-Id: I02f1ba586fb6dfec90ae1ff6d4bb6518f294c5d7
Merged-In: I02f1ba586fb6dfec90ae1ff6d4bb6518f294c5d7
 2023-10-12 16:12:30 +00:00
Jiakai Zhang
b6a3360ea3 Merge "Allow profman to read from memfd created by artd." into main 2023-10-12 14:59:38 +00:00
Jiakai Zhang
8ff6c55fc4 Allow profman to read from memfd created by artd. 
Bug: 257532944

Change-Id: I13a953c533b1789eb06158a5ffa227fa986870fc
 2023-10-12 13:48:00 +00:00
Treehugger Robot
57056e5249 Merge "Fix context for mapping/xx.yy.compat.cil files" into main 2023-10-11 03:18:57 +00:00
Maciej Żenczykowski
834447d058 file_contexts: remove btfloader, add netbpfload 
btfloader is dead.  bpfloader is being split in twain.
(it will eventually get it's own context, but for now this works)

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I7577e777545a0fa77a6467fb425aefc99a6e68d0
 2023-10-09 18:46:07 +00:00
Daniele Di Proietto
c9b8e1b2b0 Merge "tracing: SELinux access to a couple of more binder events" into main 2023-10-09 10:23:06 +00:00
Vladimir Komsiyski
6e07de8088 Merge "Policy for virtualdevice_native service." into main 2023-10-06 14:20:09 +00:00
Vladimir Komsiyski
31facf0677 Policy for virtualdevice_native service. 
A parallel implementation of certain VDM APIs that need to
be exposed to native framework code.

Similar to package_native_service.

Not meant to be used directly by apps but should still be
available in the client process via the corresponding native
manager (e.g. SensorManager).

Starting the service: ag/24955732
Testing the service: ag/24955733

Bug: 303535376
Change-Id: I90bb4837438de5cb964d0b560585b085cc8eabef
Test: manual
 2023-10-06 12:52:42 +00:00
Thiébaud Weksteen
6bf1581f1c Fix context for mapping/xx.yy.compat.cil files 
The current file_contexts regular expression did not include the
.compat part of the policy.

Before:
  # ls -alZ /system/etc/selinux/mapping
  drwxr-xr-x 2 root root u:object_r:system_file:s0       332 2009-01-01 00:00 .
  drwxr-xr-x 3 root root u:object_r:system_file:s0       376 2009-01-01 00:00 ..
  -rw-r--r-- 1 root root u:object_r:sepolicy_file:s0  224062 2009-01-01 00:00 10000.0.cil
  -rw-r--r-- 1 root root u:object_r:sepolicy_file:s0  112668 2009-01-01 00:00 29.0.cil
  -rw-r--r-- 1 root root u:object_r:system_file:s0      1003 2009-01-01 00:00 29.0.compat.cil
  -rw-r--r-- 1 root root u:object_r:sepolicy_file:s0  125916 2009-01-01 00:00 30.0.cil
  -rw-r--r-- 1 root root u:object_r:system_file:s0      1059 2009-01-01 00:00 30.0.compat.cil
After:
  # ls -alZ /system/etc/selinux/mapping
  drwxr-xr-x 2 root root u:object_r:system_file:s0       332 2023-10-06 03:40 .
  drwxr-xr-x 3 root root u:object_r:system_file:s0       376 2023-10-06 03:40 ..
  -rw-r--r-- 1 root root u:object_r:sepolicy_file:s0  224062 2023-10-04 22:58 10000.0.cil
  -rw-r--r-- 1 root root u:object_r:sepolicy_file:s0  112668 2023-10-04 22:58 29.0.cil
  -rw-r--r-- 1 root root u:object_r:sepolicy_file:s0    1003 2023-09-06 01:51 29.0.compat.cil
  -rw-r--r-- 1 root root u:object_r:sepolicy_file:s0  125916 2023-10-04 22:58 30.0.cil
  -rw-r--r-- 1 root root u:object_r:sepolicy_file:s0    1059 2023-09-06 01:51 30.0.compat.cil

Test: boot cf & inspect new labels
Bug: 299839280
Change-Id: Ic833ccf59a6c75b0757df9de6e3fed0992839c74
 2023-10-06 15:20:35 +11:00
Treehugger Robot
c6dc0891a3 Merge "Ignore non-API access by gmscore_app" into main am: e63aa48664 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2773824

Change-Id: Ia4dccb7864a7a0fcb7db4c948d0df67e882acbdf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-05 09:22:22 +00:00
Treehugger Robot
e63aa48664 Merge "Ignore non-API access by gmscore_app" into main 2023-10-05 08:53:18 +00:00
Hyundo Moon
91c06fcea1 Merge "Add system property bluetooth.profile.pbap.sim.enabled" into main am: c044f04024 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2771284

Change-Id: I88e1aae7e15e589a62cb7e8132117696c6a6f610
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-05 08:05:57 +00:00
Hyundo Moon
c044f04024 Merge "Add system property bluetooth.profile.pbap.sim.enabled" into main 2023-10-05 07:30:40 +00:00
Thiébaud Weksteen
a9020309f6 Ignore non-API access by gmscore_app 
Bug: 303319090
Bug: 303272800
Bug: 303374964
Test: m selinux_policy
Change-Id: I0999023b315bd31d70b1908353acebc87182747c
 2023-10-05 09:49:49 +11:00
Hyundo Moon
db5f0df869 Add system property bluetooth.profile.pbap.sim.enabled 
Bug: 291519380
Test: Builds successfully
Change-Id: Ic19dd934c84c28e9a5d78c06fb07c2579b2c0a35
 2023-10-04 23:18:45 +09:00
Steve Muckle
bd24038bb1 Merge "allow writes to /sys/power/sync_on_suspend from init" into main am: a4c440948b 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2771125

Change-Id: I45a1841088438d19052353bab114b2d28006d103
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-04 14:05:29 +00:00
Steve Muckle
a4c440948b Merge "allow writes to /sys/power/sync_on_suspend from init" into main 2023-10-04 13:32:58 +00:00
Steve Muckle
75603e3ccd allow writes to /sys/power/sync_on_suspend from init 
When suspend.disable_sync_on_suspend is set init must write to
/sys/power/sync_on_suspend.

Bug: 285395636
Change-Id: Ica1b039c3192f08ec84aa07d35c2d0c61e7449c0
 2023-10-04 07:44:33 +00:00
Thiébaud Weksteen
0ae3f11e2d Merge "Track denials from gmscore_app to read_policy" into main am: c9daa54919 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2770201

Change-Id: I7e0172f0bd3eb401648c64281ff9f3406af449c3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-04 05:43:56 +00:00
Thiébaud Weksteen
6f67245436 Track denials from gmscore_app to read_policy 
avc:  denied  { read_policy } for  comm="IntentService[D" scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:kernel:s0 tclass=security permissive=0 app=com.google.android.gms

Bug: 303319090
Test: presubmit
Change-Id: I99f328e1a8e116120d4915ed5dc55c305c6ca77f
 2023-10-04 05:10:39 +00:00
Treehugger Robot
fad17a0f0b Merge "create disable_sync_on_suspend property" into main am: da002632a2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2762619

Change-Id: Ica5164157405df6ef1963e57f372680a462bdb0b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-28 00:52:03 +00:00
Treehugger Robot
da002632a2 Merge "create disable_sync_on_suspend property" into main 2023-09-28 00:03:50 +00:00
Steve Muckle
931b1a0f35 create disable_sync_on_suspend property 
Bug: 285395636
Test: suspend/resume testing
Change-Id: I6a770241bca41929bc99dd86828b28a570dea68c
 2023-09-27 16:33:09 +00:00
Yu-Ting Tseng
f3e2bf3bc2 Merge "Revert "Revert "SELinux policy changes for uprobe.""" into main am: 7a9e87c4dc 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2762026

Change-Id: I8bc9096be89bea5d84e63e5f040a4ee170171676
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-27 16:26:11 +00:00
Yu-Ting Tseng
7a9e87c4dc Merge "Revert "Revert "SELinux policy changes for uprobe.""" into main 2023-09-27 15:17:44 +00:00
Changyeon Jo
cbf259e0cc Allow dumpstate to make binder IPC to automotive display service am: 152a2f1755 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2763750

Change-Id: I9e10befa1abd12dd3b35e62ad4a036bc359070ce
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-26 22:38:09 +00:00
Changyeon Jo
152a2f1755 Allow dumpstate to make binder IPC to automotive display service 
Bug: 280837170
Test: atest android.security.cts.SELinuxHostTest#testNoBugreportDenials
Change-Id: I8239ba23bb60b95e7dd07a4c8a99167f1e08192b
 2023-09-26 18:47:45 +00:00
Yu-Ting Tseng
3e8e8eac08 Revert "Revert "SELinux policy changes for uprobe."" 
This reverts commit e2bd44d48d.

Reason for revert: 2nd attempt to add the policy change

Test: m selinux_policy
Change-Id: I5b9a102879a65917d496ba2194187ddd2b4545d1
 2023-09-25 13:30:34 -07:00
Victor Hsieh
f5900cbb89 Merge "Allow system_server to enable fs-verity on staging APK" into main am: 8ee7e50799 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2759627

Change-Id: Idfaab2dda7dd63b69a3d7d4d5955a393dd9347d9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-25 16:20:23 +00:00
Victor Hsieh
8ee7e50799 Merge "Allow system_server to enable fs-verity on staging APK" into main 2023-09-25 15:35:48 +00:00
Qais Yousef
2376f09b33 Merge "Revert "SELinux policy changes for uprobe."" into main am: e11729f825 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2759328

Change-Id: I6756e4cf2038bcc8ff67e547ff6368e7dcf8cbc7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-25 09:59:24 +00:00