/vendor/framework is now designated location for vendor's platform
libraries. The directory is thus only made available for 'dex2oat'
coredomain.
Bug: 36680116
Test: Boot sailfish & angler and launch gApps, dialer w/ no denials for
'vendor_framework_file'
Change-Id: I24c2ec30f836330005a972ae20d839bef9dcb8aa
Signed-off-by: Sandeep Patil <sspatil@google.com>
The change makes 'vendor_overlay_file' accessible only to few platform
domains like idmap, system_server, zygote and appdomain.
The overlay files contains RROs (runtime resource overlays)
Bug: 36681210
Test: Boot sailfish (treble device) from wiped flashall
Test: Connect to wifi and launch chrome to load few websites.
Test: Launch camera and record + playback video
Change-Id: I3596ca89ad51d0e7d78c75121f22ea71209ee332
Signed-off-by: Sandeep Patil <sspatil@google.com>
The change makes 'vendor_app_file' accessible only to few platform
domains like dex2oat, idmap, installd, system_server and appdomain.
Bug: 36681210
Test: Boot sailfish (treble device) from wiped flashall
Test: Connect to wifi and launch chrome to load few websites.
Test: Launch camera and record + playback video
Change-Id: Ib8757fedbf2e19c8381c8cd0f8f2693b2345534b
Signed-off-by: Sandeep Patil <sspatil@google.com>
This is a necessary first step to finalizing the SELinux policy build
process. The mapping_sepolicy.cil file is required to provide backward
compatibility with the indicated vendor-targeted version.
This still needs to be extended to provide N mapping files and corresponding
SHA256 outputs, one for each of the N previous platform versions with which
we're backward-compatible.
Bug: 36783775
Test: boot device with matching sha256 and non-matching and verify that
device boots and uses either precompiled or compiled policy as needed. Also
verify that mapping_sepolicy.cil has moved.
Change-Id: I5692fb87c7ec0f3ae9ca611f76847ccff9182375
sepolicy-analyze allows users to see all types that have a given
attribute, but not the reverse case: all attributes of a given type.
Add a '--reverse' option which enables this, but keeps the previous
interface.
Usage: sepolicy-analyze sepolicy attribute -r init
Bug: 36508258
Test: Build and run against current policy.
(cherry picked from commit d444ebedac)
Change-Id: I9813ebf61d50fb5abbc8e52be4cf62751979bbd4
logcatd is the same as logcat, except that the -L flag, if supplied,
runs once, then the command re-runs itself without the -L flag with
the same argument set. By introducing a logcatd daemon executable
we can solve the problem of the longish reads from pstore that
sometimes occur when the system is excessively busy spinning in a
foreground task starving this daemon as we absorb the delay in
an init service, rather than in an init exec. This would not have
been efficiently possible without the introduction of liblogcat.
Test: gTest logcat-unit-tests
Test: Manual check logpersist operations
Bug: 28788401
Bug: 30041146
Bug: 30612424
Bug: 35326290
Change-Id: I3454bad666c66663f59ae03bcd72e0fe8426bb0a
The CL splits /vendor labeling from /system. Which was allowing all
processes read, execute access to /vendor.
Following directories will remain world readable
/vendor/etc
/vendor/lib(64)/hw/
Following are currently world readable but their scope
will be minimized to platform processes that require access
/vendor/app
/vendor/framework/
/vendor/overlay
Files labelled with 'same_process_hal_file' are allowed to be
read + executed from by the world. This is for Same process HALs and
their dependencies.
Bug: 36527360
Bug: 36832490
Bug: 36681210
Bug: 36680116
Bug: 36690845
Bug: 36697328
Bug: 36696623
Bug: 36806861
Bug: 36656392
Bug: 36696623
Bug: 36792803
All of the tests were done on sailfish, angler, bullhead, dragon
Test: Boot and connect to wifi
Test: Run chrome and load websites, play video in youtube, load maps w/
current location, take pictures and record video in camera,
playback recorded video.
Test: Connect to BT headset and ensure BT audio playback works.
Test: OTA sideload using recovery
Test: CTS SELinuxHostTest pass
Change-Id: I278435b72f7551a28f3c229f720ca608b77a7029
Signed-off-by: Sandeep Patil <sspatil@google.com>
Add selinux policies for init script and shell script to unzip a tar
containing ASAN libraries on boot.
Bug: 36458146
Test: m && m SANITIZE_TARGET=address
Test: manual (build steps for tar missing)
Change-Id: I5c3cb233aae93ee9985431090af902b0e3c1b0a7
(cherry picked from commit 0b74305011)
Merged-In: I5c3cb233aae93ee9985431090af902b0e3c1b0a7
Test: adbd_test (with and without adb root)
Note: one test fails without root with and without this change
because of an unrelated shell selinux denial.
Test: adb screencap, pull, and verify
Test: Android Studio screenshot
Bug: 36643190
Change-Id: Ib534240bc9bb3a1f32b8865ca66db988902a0f4a
