Commit graph

7 commits

Author SHA1 Message Date
Rob Seymour
ecbadbb141 Allow service managers access to apex data.
VintfObject will monitor for /apex directory for VINTF data.
Add permissions for service managers to read this data.

Bug: 239055387
Test: m && boot
Change-Id: I179e008dadfcb323cde58a8a460bcfa2825a7b4f
2022-09-23 21:33:58 +00:00
Steven Moreland
fd1eb68337 servicemanager started property
If something starts before servicemanager does,
intelligently wait for servicemanager to start rather
than sleeping for 1s.

Bug: 239382640
Test: boot
Change-Id: If0380c3a1fce937b0939cd6137fcb25f3e47d14c
2022-07-28 17:09:14 +00:00
Jooyung Han
133ca4ea6b Allow (hw)servicemanager use bootstrap bionic
Bug: 237672865
Test: m && boot
Change-Id: I436cf97c4c8e852e36cd1faa9da646c9f8a4d0a4
2022-07-14 11:31:03 +09:00
Jon Spivack
839e3db7c7 Allow servicemanager to start processes
Used to lazily start AIDL services.

Bug: 138756857
Test: Manual (using mediaextractor as a test service)
Change-Id: Ia1f2c10072e42d8917985c38500be0955f98b8eb
2019-08-02 00:23:16 +00:00
Alex Klyubin
f5446eb148 Vendor domains must not use Binder
On PRODUCT_FULL_TREBLE devices, non-vendor domains (except vendor
apps) are not permitted to use Binder. This commit thus:
* groups non-vendor domains using the new "coredomain" attribute,
* adds neverallow rules restricting Binder use to coredomain and
  appdomain only, and
* temporarily exempts the domains which are currently violating this
  rule from this restriction. These domains are grouped using the new
  "binder_in_vendor_violators" attribute. The attribute is needed
  because the types corresponding to violators are not exposed to the
  public policy where the neverallow rules are.

Test: mmm system/sepolicy
Test: Device boots, no new denials
Test: In Chrome, navigate to ip6.me, play a YouTube video
Test: YouTube: play a video
Test: Netflix: play a movie
Test: Google Camera: take a photo, take an HDR+ photo, record video with
      sound, record slow motion video with sound. Confirm videos play
      back fine and with sound.
Bug: 35870313
Change-Id: I0cd1a80b60bcbde358ce0f7a47b90f4435a45c95
2017-03-24 07:54:00 -07:00
Mark Salyzyn
d33a9a194b logd: restrict access to /dev/event-log-tags
Create an event_log_tags_file label and use it for
/dev/event-log-tags.  Only trusted system log readers are allowed
direct read access to this file, no write access.  Untrusted domain
requests lack direct access, and are thus checked for credentials via
the "plan b" long path socket to the event log tag service.

Test: gTest logd-unit-tests, liblog-unit-tests and logcat-unit-tests
Bug: 31456426
Bug: 30566487
Change-Id: Ib9b71ca225d4436d764c9bc340ff7b1c9c252a9e
2017-01-31 15:50:15 +00:00
dcashman
cc39f63773 Split general policy into public and private components.
Divide policy into public and private components.  This is the first
step in splitting the policy creation for platform and non-platform
policies.  The policy in the public directory will be exported for use
in non-platform policy creation.  Backwards compatibility with it will
be achieved by converting the exported policy into attribute-based
policy when included as part of the non-platform policy and a mapping
file will be maintained to be included with the platform policy that
maps exported attributes of previous versions to the current platform
version.

Eventually we would like to create a clear interface between the
platform and non-platform device components so that the exported policy,
and the need for attributes is minimal.  For now, almost all types and
avrules are left in public.

Test: Tested by building policy and running on device.

Change-Id: Idef796c9ec169259787c3f9d8f423edf4ce27f8c
2016-10-06 13:09:06 -07:00