Commit graph

25835 commits

Author SHA1 Message Date
Bram Bonné
882b7c8d39 Re-audit SELinux denials for external storage.
Denial logging was suppressed in r.android.com/1199618 to de-flake
presubmit tests. Since Android 11, FUSE is enabled for all devices by
default, which is expected to prevent these denials from happening.

This change re-enables logging to check that assumption.

Bug: 145267097
Test: DeviceBootTest#SELinuxUncheckedDenialBootTest
Change-Id: I1e9aa6d1234f2f158ba7a7f6bf8aa8588249eee7
2020-09-11 13:24:50 +00:00
Treehugger Robot
fd735237e4 Merge "Add sepolicy for IFingerprint" 2020-09-11 01:11:03 +00:00
Yifan Hong
bf40692c20 Merge "Add modules partition" 2020-09-11 00:25:24 +00:00
Ilya Matyukhin
c71c2993e9 Add sepolicy for IFingerprint
Bug: 152416783
Test: run on cuttlefish
Change-Id: I58d7c3bc9c81612b03bab3b9da938c091c02e3c1
2020-09-10 16:50:19 -07:00
Xin Li
27ba511b4e Merge Android R
Bug: 168057903
Merged-In: I0b680ac97ee447483de5b99ffa30a9b8d5c02d41
Change-Id: If6cfdea13b18a5b760e9469c4c1d56d4d98bcea0
2020-09-09 20:21:28 -07:00
Yifan Hong
1fea7a2712 Reorder 30.0.ignore.cil am: 99f6010820
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1421853

Change-Id: I0b680ac97ee447483de5b99ffa30a9b8d5c02d41
2020-09-09 07:35:23 +00:00
Yifan Hong
648d956cc0 Add modules partition
Add updateable_module_file that describes all files under /modules. If
more directories (e.g. /modules/apex etc.) are added in the future,
separate labels should be applied to them.

Bug: 163543381
Test: on CF check /proc/mounts

Change-Id: Iceafebd85a2ffa47a73dce70d268d8a6fb5a5103
2020-09-08 16:35:51 -07:00
Yifan Hong
99f6010820 Reorder 30.0.ignore.cil
Test: pass
Change-Id: Ib6e55348641db3eeb26eaa74423ccd62724ec7ed
2020-09-08 16:35:51 -07:00
Treehugger Robot
9822c7e5a1 Merge "Allow GKI APEX to use apexd:fd" am: 5f8de11dae
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1415170

Change-Id: I274cadfcc21f94ec642ce685af0c285c5b2eba5d
2020-09-08 22:10:18 +00:00
Treehugger Robot
5f8de11dae Merge "Allow GKI APEX to use apexd:fd" 2020-09-08 21:39:26 +00:00
Marco Ballesio
8e0ea3114f Merge "sepolicy: restrict BINDER_FREEZE to system_server" am: a16308f09a
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1419071

Change-Id: Iada71ad80a4e8b59feb5bf8b07cf278c5b5753b0
2020-09-08 16:22:22 +00:00
Marco Ballesio
a16308f09a Merge "sepolicy: restrict BINDER_FREEZE to system_server" 2020-09-08 16:00:41 +00:00
Yi Kong
f725783f58 Merge "Policies for profcollectd" am: fbb6546cbd
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1418828

Change-Id: Idb6774696ae8776da1c7a998f9600d3a12052f2f
2020-09-08 14:01:50 +00:00
Yi Kong
fbb6546cbd Merge "Policies for profcollectd" 2020-09-08 13:44:17 +00:00
Yi Kong
4555123090 Policies for profcollectd
Bug: 79161490
Test: run profcollect with enforcing
Change-Id: I19591dab7c5afb6ace066a3e2607cd290c0f43a6
2020-09-08 12:29:47 +00:00
Marco Ballesio
5fe69e082a sepolicy: restrict BINDER_FREEZE to system_server
BINDER_FREEZE is used to block ipc transactions to frozen processes, so
only system_server must be allowed to use it.

Bug: 143717177
Test: manually verified that attempts to use BINDER_FREEZE by processes
other
than system_server receive a sepolicy denial
Test: verified that system_server can enable/disable the freezer in
binder

Change-Id: I0fae3585c6ec409809e8085c1cc9862be4755889
2020-09-03 14:12:17 -07:00
Marvin Ramin
30ab116b7f Add ro.hdmi.cec.source.set_menu_language.enabled context am: bc1fbf57fa
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1418592

Change-Id: I02fe54be0c62c7936934db3b733acd29e3cbeb7e
2020-09-03 14:18:52 +00:00
Marvin Ramin
bc1fbf57fa Add ro.hdmi.cec.source.set_menu_language.enabled context
Add ro.hdmi.cec.source.set_menu_language.enabled to hdmi_config_prop.

Test: make; flash
Bug: 158527048
2020-09-03 09:23:20 +00:00
Treehugger Robot
61d4da7602 Merge "Add shell_test_data_file for /data/local/tests" am: d482ae77d1
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1416433

Change-Id: I71009bfcae1753f0cf46042a41e567e543f02322
2020-09-03 03:07:05 +00:00
Treehugger Robot
d482ae77d1 Merge "Add shell_test_data_file for /data/local/tests" 2020-09-03 02:26:10 +00:00
Xin Li
bcbd2f8916 Merge "Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709)" into stage-aosp-master 2020-09-01 20:03:58 +00:00
Colin Cross
da4e51b71f Add shell_test_data_file for /data/local/tests
Add a domain for /data/local/tests which will be used by atest
to execute tests on devices as shell or root.

Bug: 138450837
Test: atest binderVendorDoubleLoadTest memunreachable_unit_test memunreachable_binder_test
Change-Id: Ia34314bd9430e21c8b3304ac079e3d9b5705e19c
2020-09-01 11:17:19 -07:00
Yo Chiang
e54e86ee05 Merge changes I1dd435e3,I779e4d49 am: 86209626ce
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1415849

Change-Id: Idcae2f7db280aa0169c933dc931fdd841377110c
2020-09-01 08:53:01 +00:00
Yo Chiang
86209626ce Merge changes I1dd435e3,I779e4d49
* changes:
  Allow gsid to read from /storage/emulated/...
  Allow gsid to read from FIFO
2020-09-01 08:38:04 +00:00
Yo Chiang
04429cc35f Allow gsid to read from /storage/emulated/...
so that `gsi_tool install ... < /storage/emulated/...` can work.

Bug: 165471299
Test: adb push system.img /storage/emulated/0/Download &&
  adb root && adb shell 'gsi_tool install \
  --gsi-size $(du -b /storage/emulated/0/Download/system.img | cut -f1) \
  < /storage/emulated/0/Download/system.img'
Change-Id: I1dd435e32a4b5b5ebe2473cc703bfdd0d755a4e7
2020-09-01 08:37:52 +00:00
Yo Chiang
45fb38b8ec Allow gsid to read from FIFO
`gsid` may receive a FIFO if invoked via `gsi_tool`.
For the `su root` case, allow `gsid` to read `shell` FIFO.
For the `adb root` case, allow `gsid` to read `su` FIFO.

Move `gsi_tool` related allow rules to userdebug and
eng build only, because these are development features
that require root permission, thus shouldn't be shipped
on a user build.

Bug: 166589508
Test: adb unroot && gzip -c system.raw | adb shell "zcat | su root gsi_tool install ..."
Test: adb root && gzip -c system.raw | adb shell "zcat | gsi_tool install ..."
Change-Id: I779e4d49eb57240b1a5422139d7683dbac0da988
2020-08-31 18:12:09 +00:00
Yi Kong
4561f7ba65 Move a couple of treble policies to private am: 1be8dfacfd
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1416068

Change-Id: Ied4e38564e78c7c4188538144a4f22c713383b99
2020-08-31 15:26:16 +00:00
Yi Kong
1be8dfacfd Move a couple of treble policies to private
We need to add an exception for a private type, it can only be
recognised if these are private policies.

Bug: 79161490
Test: TreeHugger
Change-Id: Icc902389e545f1ff4c92d2ab81c0617a3439f466
2020-08-31 13:55:41 +00:00
Yi Kong
ccb2e75500 Add file context type for /sys/devices/cs_etm am: cdacc620b7
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1415848

Change-Id: I3256e310d827b3e03da6299f2ae349c6e1c4ec76
2020-08-31 11:18:36 +00:00
Yi Kong
cdacc620b7 Add file context type for /sys/devices/cs_etm
This is the cs_etm (Coresight ETM) sysfs directory.

Bug: 79161490
Test: build
Change-Id: I9a66bb4b2684ef8637106a36f7d490d8f805cabf
2020-08-31 08:28:12 +00:00
Xin Li
11da9e6792 Merge Android R (rvc-dev-plus-aosp-without-vendor@6692709)
Bug: 166295507
Merged-In: I6d0b1be1a46288fff42c3689dbef2f7443efebcc
Change-Id: I133180d20457b9f805f3da0915e2cf6e48229132
2020-08-29 01:45:24 -07:00
Yifan Hong
a5809013a4 Allow GKI APEX to use apexd:fd
/dev/zero is inherited from apexd. This is required for
sh to start.

Bug: 126787589
Bug: 161563386
Test: apply GKI update
Change-Id: I8624996c129872b26d4c17242cb911b5e948d9bd
2020-08-28 17:29:58 -07:00
Treehugger Robot
28f61248f1 Merge "Support GKI updates" am: 4c5220c2bc
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1377700

Change-Id: I6ab33869ff501994d73a4371268e78823c345208
2020-08-28 21:39:49 +00:00
Treehugger Robot
4c5220c2bc Merge "Support GKI updates" 2020-08-28 21:24:34 +00:00
Steven Moreland
c9a29ce488 Merge "Remove binder_in_vendor_violators." am: 6ced6ff339
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/961391

Change-Id: Ic1139330561078755a40a77163cbd1e9036f8e28
2020-08-28 17:17:56 +00:00
Steven Moreland
6ced6ff339 Merge "Remove binder_in_vendor_violators." 2020-08-28 17:04:07 +00:00
Steven Moreland
5c0a0a8190 Remove binder_in_vendor_violators.
It's release blocking if devices specify it. Since none are used
in-tree anymore, no reason to every use this again.

Bug: 131617943
Test: grepping source/build (which validates this isn't used)
Change-Id: I6f98ab9baed93e11403a10f3a0497c855d3a8695
2020-08-27 00:00:35 +00:00
Gavin Corkery
06550f6337 Merge "Selinux policy for new userspace reboot logging dir" am: df9d784e6d
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1308233

Change-Id: Ie630cb9254b851f9434c3ddc7b82d1556d9dc642
2020-08-26 22:07:35 +00:00
Gavin Corkery
df9d784e6d Merge "Selinux policy for new userspace reboot logging dir" 2020-08-26 21:47:19 +00:00
Gavin Corkery
ed62b31812 Selinux policy for new userspace reboot logging dir
Add userspace_reboot_metadata_file, which is written to by init,
and read by system server. System server will also handle the
deletion policy and organization of files within this directory,
so it needs additional permissions.

Test: Builds
Bug: 151820675
Change-Id: Ifbd70a6564e2705e3edf7da6b05486517413b211
2020-08-26 21:00:09 +01:00
Treehugger Robot
ffd9daa36a Merge "sepolicy: allow system_server to write to cgroup_v2" am: e30e8a7cc4
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1411887

Change-Id: I4da689ebd67caa5b40c8db765995cf2afc548ceb
2020-08-26 16:52:55 +00:00
Treehugger Robot
e30e8a7cc4 Merge "sepolicy: allow system_server to write to cgroup_v2" 2020-08-26 16:15:22 +00:00
Hiroki Sato
553f3f5d9c Replace hal_dumpstate with hal_dumpstate_server am: 09882d209c
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1411827

Change-Id: I3a16d2bb994e06b2376e75f247246da02398bdf0
2020-08-26 12:33:07 +00:00
Hiroki Sato
09882d209c Replace hal_dumpstate with hal_dumpstate_server
After change Ia7437b8297794502d496e9bd9998dddfdcb747ef, some build
targets are broken. This change fixes it.

Bug: 166334688
Test: build
Change-Id: Iaf6ca1ae5c461bd3c5059b27a148c7858679f795
2020-08-26 10:23:05 +00:00
Marco Ballesio
95aa74d6cd sepolicy: allow system_server to write to cgroup_v2
During boot, system_server will need to write to files under
/sys/fs/cgroup/freezer. Change the cgroup_v2 policy to allow this
operation.

Test: booted device with change, verified that files are properly
accessed.
Bug: 154548692

Change-Id: I2ccc112c8870129cb1b8312023b54268312efcca
2020-08-25 18:12:24 -07:00
Jeff Vander Stoep
21e31aa106 Refer to hal_dumpstate_server in neverallow rules am: 684d25b75a
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1409808

Change-Id: I774bc0e8a6f2113b0cfd5033eb19b6261056a667
2020-08-25 16:07:47 +00:00
Jeff Vander Stoep
684d25b75a Refer to hal_dumpstate_server in neverallow rules
hal_dumpstate gets optimized away by the policy compiler causing
a CTS failure:
neverallow {   -init   -dumpstate   -hal_dumpstate   -vendor_init } hal_dumpstate_config_prop:file { { append create link unlink relabelfrom rename setattr write } open read ioctl lock watch watch_mount watch_sb watch_with_perm watch_reads };
Warning!  Type or attribute hal_dumpstate used in neverallow undefined in policy being checked

Fixes: 166168257
Test: build policy
Change-Id: Ia7437b8297794502d496e9bd9998dddfdcb747ef
2020-08-25 11:41:00 +02:00
Treehugger Robot
a7189abd95 Merge "Fix product property type macros" am: dab50ef0a3
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1409727

Change-Id: I2b4df7b5d0e0403345fb560e4f50bde6ee76af5a
2020-08-25 09:40:38 +00:00
Treehugger Robot
dab50ef0a3 Merge "Fix product property type macros" 2020-08-25 08:50:18 +00:00
Inseob Kim
c9610def68 Fix product property type macros
Bug: N/A
Test: build with product_*_prop(...)
Change-Id: Iac906b41ec69023abd41881462f09e268944816b
2020-08-25 16:38:13 +09:00