tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
1242 commits 1 branch 0 tags 50 MiB
Commit graph

1242 commits

This branch
This branch
All branches
Author SHA1 Message Date
Nick Kralevich
4cafcfd294 am 289fe68b: am 842a1111: Merge "Confine healthd, but leave it permissive for now." 
* commit '289fe68b3ecbc05395d78bfe77fb15bc9512a571':
  Confine healthd, but leave it permissive for now.
 2013-11-07 14:21:04 -08:00
Nick Kralevich
289fe68b3e am 842a1111: Merge "Confine healthd, but leave it permissive for now." 
* commit '842a1111c0544f7f855b0cdc4cceee8a370af759':
  Confine healthd, but leave it permissive for now.
 2013-11-07 14:18:39 -08:00
Nick Kralevich
842a1111c0 Merge "Confine healthd, but leave it permissive for now." 2013-11-07 22:15:35 +00:00
Nick Kralevich
d9a21dbcfe am 6b754790: am fec3c5ad: Merge "Make the keystore domain enforcing." 
* commit '6b754790b56cbe3617ea1f715d3f3236d7b7ad78':
  Make the keystore domain enforcing.
 2013-11-07 13:42:54 -08:00
Nick Kralevich
6b754790b5 am fec3c5ad: Merge "Make the keystore domain enforcing." 
* commit 'fec3c5ad80cb5323ab7b6b808faca032c3973fc5':
  Make the keystore domain enforcing.
 2013-11-07 13:40:21 -08:00
Nick Kralevich
fec3c5ad80 Merge "Make the keystore domain enforcing." 2013-11-07 21:37:09 +00:00
Elliott Hughes
dcb30a64a0 am 1e38a555: am aaac2468: /system/bin/ash and /system/bin/mksh are dead. 
* commit '1e38a5550160ccac8a9d90d8c4052072f2fa90af':
  /system/bin/ash and /system/bin/mksh are dead.
 2013-11-07 09:41:57 -08:00
Elliott Hughes
1e38a55501 am aaac2468: /system/bin/ash and /system/bin/mksh are dead. 
* commit 'aaac24688ee623a19525f25fe1fc81b60197f6f5':
  /system/bin/ash and /system/bin/mksh are dead.
 2013-11-07 09:01:20 -08:00
Elliott Hughes
aaac24688e /system/bin/ash and /system/bin/mksh are dead. 
Long live /system/bin/sh!

Change-Id: I5af63c1bdc3585835ee273ed9995d8fac14792da
 2013-11-07 08:36:16 -08:00
Stephen Smalley
2a604adf1b Confine healthd, but leave it permissive for now. 
Remove unconfined_domain() and add the allow rules required for
operation of healthd.  Restore the permissive declaration until
I8a3e0db15ec5f4eb05d455a57e8446a8c2b484c2 is applied to the 3.4
kernel.

Resolves the following denials in 4.4:
type=1400 audit(1383590167.750:14): avc:  denied  { read } for  pid=49 comm="healthd" path="/sbin/healthd" dev="rootfs" ino=1232 scontext=u:r:healthd:s0 tcontext=u:object_r:rootfs:s0 tclass=file
type=1400 audit(1383590167.750:15): avc:  denied  { mknod } for  pid=49 comm="healthd" capability=27  scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=capability
type=1400 audit(1383590167.750:16): avc:  denied  { create } for  pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=netlink_kobject_uevent_socket
type=1400 audit(1383590167.750:17): avc:  denied  { setopt } for  pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=netlink_kobject_uevent_socket
type=1400 audit(1383590167.750:17): avc:  denied  { net_admin } for  pid=49 comm="healthd" capability=12  scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=capability
type=1400 audit(1383590167.750:18): avc:  denied  { bind } for  pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=netlink_kobject_uevent_socket
shell@generic:/ $ type=1400 audit(1383590168.800:21): avc:  denied  { call } for  pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:servicemanager:s0 tclass=binder
type=1400 audit(1383590168.800:22): avc:  denied  { transfer } for  pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:servicemanager:s0 tclass=binder
type=1400 audit(1383590168.800:23): avc:  denied  { 0x10 } for  pid=49 comm="healthd" capability=36  scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=capability2
type=1400 audit(1383590168.800:24): avc:  denied  { read } for  pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=netlink_kobject_uevent_socket
type=1400 audit(1383590212.320:161): avc:  denied  { call } for  pid=376 comm="system_server" scontext=u:r:system_server:s0 tcontext=u:r:healthd:s0 tclass=binder
type=1400 audit(1383590212.320:161): avc:  denied  { transfer } for  pid=376 comm="system_server" scontext=u:r:system_server:s0 tcontext=u:r:healthd:s0 tclass=binder
type=1400 audit(1383590212.320:162): avc:  denied  { call } for  pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:system_server:s0 tclass=binder
type=1400 audit(1383590275.930:463): avc:  denied  { call } for  pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:system_server:s0 tclass=binder

Change-Id: Iacd058edfa1e913a8f24ce8937d2d76c928d6740
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-11-07 09:23:12 -05:00
Nick Kralevich
fdc009d44d am a74edc15: am f232f25b: Merge "Move audio_firmware_file and /data/misc/audio entry to core sepolicy." 
* commit 'a74edc1522492d143fddec1dccbe49859acf6767':
  Move audio_firmware_file and /data/misc/audio entry to core sepolicy.
 2013-11-06 16:10:16 -08:00
Nick Kralevich
1da95ae398 am ca056dce: am 2d8dcb73: Revert "Make the keystore domain enforcing." 
* commit 'ca056dce951b22970a3426ff2ca9a29ef42e9e06':
  Revert "Make the keystore domain enforcing."
 2013-11-06 16:10:12 -08:00
Nick Kralevich
a74edc1522 am f232f25b: Merge "Move audio_firmware_file and /data/misc/audio entry to core sepolicy." 
* commit 'f232f25b0b1fe736a713239963aa0fae1835f0e5':
  Move audio_firmware_file and /data/misc/audio entry to core sepolicy.
 2013-11-06 16:02:07 -08:00
Nick Kralevich
f232f25b0b Merge "Move audio_firmware_file and /data/misc/audio entry to core sepolicy." 2013-11-06 23:58:34 +00:00
Stephen Smalley
870c4e5e77 Make the keystore domain enforcing. 
Change-Id: I7ef479ac1806b0a52bb0145a82d6d4265edc1f3e
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Bug: 11518274
 2013-11-06 15:40:19 -08:00
Nick Kralevich
ca056dce95 am 2d8dcb73: Revert "Make the keystore domain enforcing." 
* commit '2d8dcb732cc6e5f54fe3b3bb57a81c287c419e93':
  Revert "Make the keystore domain enforcing."
 2013-11-06 12:58:20 -08:00
Stephen Smalley
a7c8ea864e Move audio_firmware_file and /data/misc/audio entry to core sepolicy. 
Change-Id:  Ib8c96ab9e19d34e8e34a4c859528345763be4906
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-11-06 13:00:52 -05:00
Stephen Smalley
2e0b4a149e Move goldfish-specific rules to their own directory. 
Change-Id:  I1bdd80f641db05fef4714654515c1e1fbb259794
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-11-06 10:27:19 -05:00
Nick Kralevich
2d8dcb732c Revert "Make the keystore domain enforcing." 
This is causing runtime restarts on flo/deb when uninstalling
some APKs. Revert while I investigate it.

11-04 21:52:41.487   687   704 I ActivityManager: Force stopping com.android.development appid=10078 user=-1: uninstall pkg
11-04 21:52:41.487   687   712 W PackageManager: Couldn't delete native library directory /data/app-lib/com.android.development
11-04 21:52:41.557   687   712 W dalvikvm: threadid=20: thread exiting with uncaught exception (group=0x959dfae8)
11-04 21:52:41.557   687   712 E AndroidRuntime: *** FATAL EXCEPTION IN SYSTEM PROCESS: PackageManager
11-04 21:52:41.557   687   712 E AndroidRuntime: java.lang.NullPointerException
11-04 21:52:41.557   687   712 E AndroidRuntime:        at android.security.KeyStore.clearUid(KeyStore.java:327)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService.removeKeystoreDataIfNeeded(PackageManagerService.java:9787)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService.removePackageDataLI(PackageManagerService.java:9384)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService.deleteInstalledPackageLI(PackageManagerService.java:9503)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService.deletePackageLI(PackageManagerService.java:9612)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService.deletePackageX(PackageManagerService.java:9239)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService.access$4100(PackageManagerService.java:178)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at com.android.server.pm.PackageManagerService$7.run(PackageManagerService.java:9173)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at android.os.Handler.handleCallback(Handler.java:733)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at android.os.Handler.dispatchMessage(Handler.java:95)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at android.os.Looper.loop(Looper.java:136)
11-04 21:52:41.557   687   712 E AndroidRuntime:        at android.os.HandlerThread.run(HandlerThread.java:61)
11-04 21:52:41.567   687   712 I Process : Sending signal. PID: 687 SIG: 9

and

[    7.324554] type=1400 audit(1383601030.823:5): avc:  denied  { read write } for  pid=192 comm="keystore" name="qseecom" dev="tmpfs" ino=7521 scontext=u:r:keystore:s0 tcontext=u:object_r:device:s0 tclass=chr_file

This reverts commit 709d71836d.

Bug: 11518274
 2013-11-05 09:57:40 -08:00
Nick Kralevich
3bd55a8aba am 3cedab40: am 7316b18a: README: recommend concatenation vs assignment 
* commit '3cedab401851ee714233f99ce97cb91fc13a2f26':
  README: recommend concatenation vs assignment
 2013-11-04 09:52:44 -08:00
Nick Kralevich
3cedab4018 am 7316b18a: README: recommend concatenation vs assignment 
* commit '7316b18a6c8706635592d2c60c40a505b4654312':
  README: recommend concatenation vs assignment
 2013-11-04 09:48:45 -08:00
Nick Kralevich
7316b18a6c README: recommend concatenation vs assignment 
Recommend using concatenation versus assignment when making
policy declarations inside BoardConfig.mk. This will allow
sepolicy to exist in the vendor directory.

Change-Id: If982217fcb3645d9c6b37a341755b5b65f26fc5f
 2013-11-01 16:23:15 -07:00
Nick Kralevich
92c77e5500 am ed06d204: am cd95e0ac: Allow system_server to set powerctl_prop 
* commit 'ed06d204fb356a7211290c30b8a6ef91506e68a2':
  Allow system_server to set powerctl_prop
 2013-11-01 12:24:07 -07:00
Nick Kralevich
ed06d204fb am cd95e0ac: Allow system_server to set powerctl_prop 
* commit 'cd95e0acf18c940288f4abb8e1cfe6c052bb6543':
  Allow system_server to set powerctl_prop
 2013-11-01 12:22:16 -07:00
Nick Kralevich
cd95e0acf1 Allow system_server to set powerctl_prop 
Otherwise we break "adb root && adb shell svc power reboot",
which has the side effect of killing all of our test automation
(oops).

Bug: 11477487
Change-Id: I199b0a3a8c47a4830fe8c872dae9ee3a5a0cb631
 2013-11-01 12:16:36 -07:00
Nick Kralevich
3f5dfde881 am 74ae46a0: am dd1ec6d5: Give system_server / system_app ability to write some properties 
* commit '74ae46a0a5eaa40b2d012adb9d67fb23a1a2a789':
  Give system_server / system_app ability to write some properties
 2013-11-01 11:00:55 -07:00
Nick Kralevich
74ae46a0a5 am dd1ec6d5: Give system_server / system_app ability to write some properties 
* commit 'dd1ec6d557e80c688f7f1e4aef522b6441e8151a':
  Give system_server / system_app ability to write some properties
 2013-11-01 10:57:50 -07:00
Nick Kralevich
dd1ec6d557 Give system_server / system_app ability to write some properties 
Allow writing to persist.sys and debug.

This addresses the following denials (which are actually being enforced):

<4>[  131.700473] avc:  denied  { set } for property=debug.force_rtl scontext=u:r:system_server:s0 tcontext=u:object_r:shell_prop:s0 tclass=property_service
<3>[  131.700625] init: sys_prop: permission denied uid:1000  name:debug.force_rtl
<4>[  132.630062] avc:  denied  { set } for property=persist.sys.dalvik.vm.lib scontext=u:r:system_app:s0 tcontext=u:object_r:system_prop:s0 tclass=property_service
<3>[  132.630184] init: sys_prop: permission denied uid:1000  name:persist.sys.dalvik.vm.lib

Change-Id: I5d114c0d963bf393f49f1bf13d1ed84137fbcca6
 2013-11-01 10:45:03 -07:00
Nick Kralevich
767df85ac9 am 4358866a: am 58da198a: Merge "Confine system_server, but leave it permissive for now." 
* commit '4358866a267693cfd2157bc92372d3386fcf75bb':
  Confine system_server, but leave it permissive for now.
 2013-11-01 10:08:52 -07:00
Nick Kralevich
e1a0353cd5 am 20f4ed47: am 98f8b27f: Merge "Confine hci_attach, but leave it permissive for now." 
* commit '20f4ed470879fe29ddee1d1f983e100d3b1f052d':
  Confine hci_attach, but leave it permissive for now.
 2013-11-01 10:08:52 -07:00
Nick Kralevich
afe8e06f25 am 63f32e72: am 893cbcfd: Merge "Confine surfaceflinger, but leave it permissive for now." 
* commit '63f32e724744a06efa7e5f126a2aa237fa4ae903':
  Confine surfaceflinger, but leave it permissive for now.
 2013-11-01 10:08:52 -07:00
Nick Kralevich
4358866a26 am 58da198a: Merge "Confine system_server, but leave it permissive for now." 
* commit '58da198a9071ca0797081579762955346621816e':
  Confine system_server, but leave it permissive for now.
 2013-11-01 10:06:43 -07:00
Nick Kralevich
20f4ed4708 am 98f8b27f: Merge "Confine hci_attach, but leave it permissive for now." 
* commit '98f8b27fdec640309e8a0aec5076fbabb065e2ef':
  Confine hci_attach, but leave it permissive for now.
 2013-11-01 10:06:43 -07:00
Nick Kralevich
63f32e7247 am 893cbcfd: Merge "Confine surfaceflinger, but leave it permissive for now." 
* commit '893cbcfd7a8f908ea1e3c46737f21d0209eabc3e':
  Confine surfaceflinger, but leave it permissive for now.
 2013-11-01 10:06:42 -07:00
Nick Kralevich
58da198a90 Merge "Confine system_server, but leave it permissive for now." 2013-11-01 17:05:02 +00:00
Nick Kralevich
98f8b27fde Merge "Confine hci_attach, but leave it permissive for now." 2013-11-01 17:04:30 +00:00
Nick Kralevich
893cbcfd7a Merge "Confine surfaceflinger, but leave it permissive for now." 2013-11-01 17:03:56 +00:00
Nick Kralevich
3b716c327a am d25955eb: am e4ba4723: Merge "Make the keystore domain enforcing." 
* commit 'd25955eb7b206c83bf6eaf899149008c5375e3da':
  Make the keystore domain enforcing.
 2013-11-01 09:48:09 -07:00
Nick Kralevich
d25955eb7b am e4ba4723: Merge "Make the keystore domain enforcing." 
* commit 'e4ba472363c80ccd7b09bfa58376ba91c96191f9':
  Make the keystore domain enforcing.
 2013-11-01 09:44:55 -07:00
Nick Kralevich
e4ba472363 Merge "Make the keystore domain enforcing." 2013-11-01 16:41:35 +00:00
Robert Craig
75cb79938f am e12f0d91: am c9bb91da: Reintroduce -Wall -Werror to check_seapp. 
* commit 'e12f0d91513aa1eaf76bf036237b20496143e952':
  Reintroduce -Wall -Werror to check_seapp.
 2013-11-01 09:15:17 -07:00
Robert Craig
e12f0d9151 am c9bb91da: Reintroduce -Wall -Werror to check_seapp. 
* commit 'c9bb91da5fc84bce936f0795d18bf5c36fa5db6f':
  Reintroduce -Wall -Werror to check_seapp.
 2013-11-01 09:11:32 -07:00
Robert Craig
c9bb91da5f Reintroduce -Wall -Werror to check_seapp. 
Also add attribute for a potential unused
function argument when dealing with darwin
SDK builds.

Change-Id: Iefdbecb050cc5fff6036f15413566e10cefa3813
 2013-11-01 11:53:46 -04:00
Nick Kralevich
e27d69999b am 28683e04: am 2d8a4237: Revert -Wall -Werror 
* commit '28683e048ab8fdc4abdcfd8968c7bc909e68732a':
  Revert -Wall -Werror
 2013-10-31 15:40:47 -07:00
Nick Kralevich
28683e048a am 2d8a4237: Revert -Wall -Werror 
* commit '2d8a42373e483d0f3b952699ada5bbf323593d8a':
  Revert -Wall -Werror
 2013-10-31 15:39:14 -07:00
Nick Kralevich
2d8a42373e Revert -Wall -Werror 
Temporarily revert -Wall -Werror on checkseapp.
This is causing a compiler error on darwin SDK builds.

cc1: warnings being treated as errors
external/sepolicy/tools/check_seapp.c: In function 'rule_map_free':
external/sepolicy/tools/check_seapp.c:439: warning: unused parameter 's'
make: *** [out/host/darwin-x86/obj/EXECUTABLES/checkseapp_intermediates/check_seapp.o] Error 1

Change-Id: I9776777a751f16d5ca0d90e731482c31dac813f9
 2013-10-31 15:33:37 -07:00
Nick Kralevich
0950812bd7 am 11214434: am 9056b19d: Merge "Add sepolicy-analyze tool." 
* commit '1121443496923d06f9d9d1bbbf9051fab8e1f94d':
  Add sepolicy-analyze tool.
 2013-10-31 14:22:11 -07:00
Nick Kralevich
1121443496 am 9056b19d: Merge "Add sepolicy-analyze tool." 
* commit '9056b19da55a4e6786432f859705761ba99e435a':
  Add sepolicy-analyze tool.
 2013-10-31 14:18:40 -07:00
Nick Kralevich
9056b19da5 Merge "Add sepolicy-analyze tool." 2013-10-31 21:15:03 +00:00
Nick Kralevich
684b02fddd am 514724db: am e45b7de4: Merge "Confine drmserver, but leave it permissive for now." 
* commit '514724db211a9627b09a53fe126789eb0b68d8fe':
  Confine drmserver, but leave it permissive for now.
 2013-10-31 13:02:56 -07:00