Commit graph

3 commits

Author SHA1 Message Date
Miguel
f63164a474 Add SEPolicy tags for concrypt cacerts.
Test: booting
Change-Id: I53815eb272fcdff739ba596cc1dd6bcca57c7d12
2022-12-21 06:42:21 +00:00
Tobias Thierer
353ad0fd47 SEPolicy for boringssl_self_test.
This CL adds hand-written SELinux rules to:
 - define the boringssl_self_test security domain
 - label the corresponding files at type boringssl_self_test_marker
   and boringssl_self_test_exec.
 - define an automatic transition from init to boringssl_self_test
   domains, plus appropriate access permissions.

Bug: 137267623
Test: When run together with the other changes from draft CL topic
      http://aosp/q/topic:bug137267623_bsslselftest, check that:
      - both /dev/boringssl/selftest/* marker files are
        present after the device boots.
      - Test: after the boringssl_self_test{32,64} binaries have
        run, no further SELinux denials occur for processes
        trying to write the marker file.

Change-Id: I77de0bccdd8c1e22c354d8ea146e363f4af7e36f
2019-09-05 02:40:57 +01:00
Adam Vartanian
8e4412d5e1 Add SELinux policy for Conscrypt APEX
Bug: 110404540
Test: cts -m CtsLibcoreTestCases -t com.android.org.conscrypt
Change-Id: Id89fc0f5e39515093f1d9d8a4fd075d717b50cf8
2018-12-07 10:49:44 +00:00