tequilaOS/platform_system_sepolicy

Fork 0

Commit graph

Author	SHA1	Message	Date
Alan Stokes	7aa40413ae	Split user_profile_data_file label. user_profile_data_file is mlstrustedobject. And it needs to be, because we want untrusted apps to be able to write to their profile files, but they do not have levels. But now we want to apply levels in the parent directories that have the same label, and we want them to work so they need to not be MLS-exempt. To resolve that we introduce a new label, user_profile_root_file, which is applied to those directories (but no files). We grant mostly the same access to the new label as directories with the existing label. Apart from appdomain, almost every domain which accesses user_profile_data_file, and now user_profile_root_file, is already mlstrustedsubject and so can't be affected by this change. The exception is postinstall_dexopt which we now make mlstrustedobject. Bug: 141677108 Bug: 175311045 Test: Manual: flash with wipe Test: Manual: flash on top of older version Test: Manual: install & uninstall apps Test: Manual: create & remove user Test: Presubmits. Change-Id: I4e0def3d513b129d6c292f7edb076db341b4a2b3	2020-12-11 17:35:06 +00:00
Igor Murashkin	9f74a428c4	sepolicy: Add iorap_prefetcherd rules /system/bin/iorapd fork+execs into /system/bin/iorap_prefetcherd during startup See also go/android-iorap-security for the design doc Bug: 137403231 Change-Id: Ie8949c7927a98e0ab757bc46230c589b5a496360	2019-10-22 12:45:46 -07:00

Author

SHA1

Message

Date

Alan Stokes

7aa40413ae

Split user_profile_data_file label.

user_profile_data_file is mlstrustedobject. And it needs to be,
because we want untrusted apps to be able to write to their profile
files, but they do not have levels.

But now we want to apply levels in the parent directories that have
the same label, and we want them to work so they need to not be
MLS-exempt. To resolve that we introduce a new label,
user_profile_root_file, which is applied to those directories (but no
files). We grant mostly the same access to the new label as
directories with the existing label.

Apart from appdomain, almost every domain which accesses
user_profile_data_file, and now user_profile_root_file, is already
mlstrustedsubject and so can't be affected by this change. The
exception is postinstall_dexopt which we now make mlstrustedobject.

Bug: 141677108
Bug: 175311045
Test: Manual: flash with wipe
Test: Manual: flash on top of older version
Test: Manual: install & uninstall apps
Test: Manual: create & remove user
Test: Presubmits.
Change-Id: I4e0def3d513b129d6c292f7edb076db341b4a2b3

2020-12-11 17:35:06 +00:00

Igor Murashkin

9f74a428c4

sepolicy: Add iorap_prefetcherd rules

/system/bin/iorapd fork+execs into /system/bin/iorap_prefetcherd during
startup

See also go/android-iorap-security for the design doc

Bug: 137403231
Change-Id: Ie8949c7927a98e0ab757bc46230c589b5a496360

2019-10-22 12:45:46 -07:00

2 commits