Commit graph

13 commits

Author SHA1 Message Date
Dan Willemsen
1f944107a3 Fix sepolicy_tests on Mac 10.15
This is dlopened by sepolicy_tests, which uses embeds the python
interpreter built from our tree. That python interpreter links against
the shared version of libc++, so mixing it with this static copy was
causing segfaults on Mac 10.15 (but apparently not elsewhere).

Test: SANITIZE_HOST=address m treble_sepolicy_tests
Test: `m` on Mac 10.15
Change-Id: I31744acd018ea4c980c46a9979bbad17ae1c4f68
2019-11-23 17:45:01 -08:00
Jeff Vander Stoep
1ca7a4c8f5 fc_sort: delete c version, migrate to python version
Test: build aosp_blueline-userdebug, run build-time tests
Change-Id: I9c466cd718602e6068ee31abd6de7dbab84f4949
2019-04-11 10:19:16 -07:00
Tri Vo
2777d18c20 combine_maps: only use python2
python3 is not required on host machines.

Bug: 117260689
Test: m selinux_policy
Change-Id: Iea31eadcb3f09ffadca82dd1862cf5538259c710
2018-10-04 10:22:49 -07:00
Tri Vo
438684b39f Only maintain maps between current and previous selinux versions.
New maintenance scheme for mapping files:
Say, V is the current SELinux platform version, then at any point in time we
only maintain (V->V-1) mapping. (V->V-n) map is constructed from top (V->V-n+1)
and bottom (V-n+1->V-n) without changes to previously maintained mapping files.

Caveats:
- 26.0.cil doesn't technically represent 27.0->26.0 map, but rather
current->26.0. We'll fully migrate to the scheme with future releases.

Bug: 67510052
Test: adding new public type only requires changing the latest compat map
Change-Id: Iab5564e887ef2c8004cb493505dd56c6220c61f8
2018-10-02 15:10:13 -07:00
Jeff Vander Stoep
3a3756feee searchpolicy depends on FcSort
Bug: 77965486
Test: run cts -m CtsSecurityHostTestCases -t
    android.cts.security.FileSystemPermissionTest#testDevHwRandomPermissions

Change-Id: Ib5965649e9b2b4bb0259383374dfac76cc0a8bd5
(cherry picked from commit cc541a80c3)
2018-04-24 14:12:50 -07:00
Jeff Vander Stoep
370a52fee5 Improve data separation test coverage
Two areas need better coverage:
1. Tests are not verifying that files in /data/vendor do not have the
core_data_file_type attribute.
2. No error is thrown if a type lives in both /data/vendor
/data/<not vendor>.

Bug: 72998741
Test: build all selinux policies on master (assert build time tests)
Test: build and boot Marlin and Taimen, verify no selinux denials and
    everything works as expected.

Change-Id: I133a068123139a599b9b81ddcc254616894621eb
(cherry picked from commit 55d5e28472)
2018-03-22 22:58:50 -07:00
Jeff Vander Stoep
3ca843a57d Prepare python tests to be run in CTS
Bug: 37008075
Test: build, all tests pass. Modify some attributes locally to
    cause tests to fail (verify that they are actually working).
Change-Id: If9f9ece61dff835f38ef9c8a57f5a7baddbae5cd
2017-10-04 19:46:12 +00:00
Jeff Vander Stoep
e9777e3402 Move python sepolicy tests to embedded launcher
This is a necessary for enforcing these tests in CTS.

Bug: 37008075
Test: build
Change-Id: I36b4ce71c26a0ba01cd0289fe363f0a9f7db1214
(cherry picked from commit 8d614b3f81)
2017-10-04 17:09:30 +00:00
Dan Cashman
91d398d802 Sync internal master and AOSP sepolicy.
Bug: 37916906
Test: Builds 'n' boots.
Change-Id: Ia1d86264446ebecc1ca79f32f11354921bc77668
Merged-In: I208ec6a864127a059fb389417a9c6b259d7474cb
2017-09-26 14:38:47 -07:00
Jeff Vander Stoep
a7d2c5bf17 Move python scripts to python_binary_host build rule
Fixes: 65263013
Test: build
Merged-In: I0ec412481c5990927fcbee7c4303bee2da876210
Change-Id: I0a5b9a80e988fcd16a29807ed83b2c65bba9000f
2017-09-23 14:45:02 -07:00
Dan Willemsen
948354abb9 Fix libsepolwrap with SANITIZE_HOST=address
Test: SANITIZE_HOST=true m treble_sepolicy_tests
Change-Id: I9190dc06715bbbac8a267a143801f99f911decf3
2017-09-01 14:08:46 -07:00
Jeff Vander Stoep
1fc0682ec6 Run Treble sepolicy tests at build time
Bug: 37008075
Test: build policy on Marlin
Change-Id: I53748f94c5df66fa17a53e7d0bed1be6b8603544
(cherry picked from commit e1ddc6df75)
2017-06-05 08:09:32 -07:00
Jeff Vander Stoep
bdfc0301a1 Verify correct application of labels and attributes
With project Treble, we're relying heavily on attributes for
permission inheritance and enforcement of separation between
platform and vendor components.

We neead tests that verify those attributes are correctly applied.
This change adds the framework for those tests including a wrapper
around libsepol for loading and querying policy, and a python module
for running tests on policy and file_contexts.

Included with the testing framework is a test asserting that the
coredomain attribute is only applied to core processes. This
verification is done using the following rules:
1. Domain's entrypoint is on /system - coredomain
2. Domain's entrypoint is on /vendor - not coredomain
3. Domain belongs to a whitelist of known coredomains - coredomain

In a subsequent commit these tests will be applied at build time.
However, I first need to fix existing Treble violations exposed by
this test. These tests will also be applied during CTS.

Test: LD_PRELOAD=$ANDROID_HOST_OUT/lib64/libsepolwrap.so python \
    treble.py -p $OUT/vendor/etc/selinux/precompiled_sepolicy \
    -f $OUT/vendor/etc/selinux/nonplat_file_contexts \
    -f $OUT/system/etc/selinux/plat_file_contexts
Bug: 37008075
Change-Id: I7825f5c2909a5801deaccf2bef2bfd227adb0ae9
(cherry picked from commit 0366afdf14)
2017-06-05 08:09:05 -07:00