Commit graph

3 commits

Author SHA1 Message Date
Jeff Sharkey
a0e7a6da28 Update language to comply with Android's inclusive language guidance
See https://source.android.com/setup/contribute/respectful-code for reference

Bug: 161896447
Change-Id: I0caf39b349c48e44123775d98c52a773b0b504ff
2020-07-31 12:28:11 -06:00
Sandeep Patil
d46b5d3519 Allow init to run vendor toybox for modprobe
vendor implementations need to be able to run modprobe as part of
init.rc scripts.  They cannot do so because of the strict neverallow
currently in place that disallows all coredomains (including init)
to execute vendor toybox.

Fix this by adding init to the exception list for the neverallow so
vendors can then run modprobe from .rc scripts and also add the rule to
allow init to transition to modprobe domain using vendor_toolbox.

Bug: b/38212864
Test: Boot sailfish

Change-Id: Ib839246954e9002859f3ba986094f206bfead137
Signed-off-by: Sandeep Patil <sspatil@google.com>
2017-05-24 15:01:20 -07:00
Sandeep Patil
4fe441fb5f toolbox: add sepolicy for vendor toybox
The vendor toybox MUST always be executed without transition and
non-vendor processes are not allowed to execute the binary.

Bug: 36463595
Test: Boot and test if system shell can run /vendor/bin/echo
      Result: requires 'su'

Change-Id: Ifb9aa61f247f91fb870b99d60ac7f849ee9c6adc
Signed-off-by: Sandeep Patil <sspatil@google.com>
(cherry picked from commit c112cd18e8999c0242a2560219033231a0e19898)
2017-04-13 16:32:34 -07:00