tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
710 commits 1 branch 0 tags 50 MiB
Commit graph

20 commits

Author SHA1 Message Date
Alex Klyubin
8d688315ae Restrict access to /dev/hw_random to system_server and init. 
/dev/hw_random is accessed only by init and by EntropyMixer (which
runs inside system_server). Other domains are denied access because
apps/services should be obtaining randomness from the Linux RNG.

Change-Id: Ifde851004301ffd41b2189151a64a0c5989c630f
 2013-10-03 14:25:15 -07:00
Alex Klyubin
77ec892be6 SELinux policy for users of libcutils klog_write. 
klog_write/init create /dev/__kmsg__ backed by a kernel character
device, keep the file descriptor, and then immediately unlink the
file.

Change-Id: I729d224347a003eaca29299d216a53c99cc3197c
 2013-05-09 12:39:32 -07:00
Ben Murdoch
a3f6568590 Revert "DO NOT MERGE Split some device nodes out from device." 
This reverts commit 69fbbdd54b.
 2013-04-25 12:01:37 +01:00
repo sync
69fbbdd54b DO NOT MERGE Split some device nodes out from device. 
Some of these will get factored out into device-specific
configs later.

Change-Id: I359915e2607b56112bb22456d28e06c162fcbdff
 2013-04-24 22:09:13 -07:00
Stephen Smalley
74ba8c8613 run-as policy fixes. 
- Remove dac_read_search as it is no longer required by run-as.
- Introduce a separate type for /dev/tty so that we can allow use of own tty for
for a run-as shell without allowing access to other /dev/tty[0-9]* nodes.
- Allow sigchld notifications for death of run-as and its descendants by adbd.
- Drop redundant rules for executing shell or system commands from untrusted_app;
now covered by rules in app.te.

Change-Id: Ic3bf7bee9eeabf9ad4a20f61fbb142a64bb37c6c
 2013-04-05 13:11:12 -07:00
Robert Craig
507304c20b Remove unneeded device type. 
timerirq_device has been removed in favor
of using the existing sensors_device domain.

Change-Id: I503e4a511c2901890356559c0afb971392b4ec6f
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
 2013-04-05 13:06:55 -07:00
Geremy Condra
c529c66f2c Add policy for __properties__ device. 
Change-Id: Ie9b391283362fb6930f1ae858f0a879835c91e32
 2013-03-29 12:59:21 -07:00
Robert Craig
65d4f44c1f Various policy updates. 
Assortment of policy changes include:
 * Bluetooth domain to talk to init and procfs.
 * New device node domains.
 * Allow zygote to talk to its executable.
 * Update system domain access to new device node domains.
 * Create a post-process sepolicy with dontaudits removed.
 * Allow rild to use the tty device.

Change-Id: Ibb96b590d0035b8f6d1606cd5e4393c174d10ffb
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
 2013-03-27 06:30:25 -04:00
Robert Craig
f62af81817 Introduce security labels for 2 new device nodes. 
iio: Industrial I/O subsystem
usb_accessory: accessory protocol for usb

Allow system access in both cases.

Change-Id: I02db9775ec2ddaaeda40fae6d5e56e320957b09c
Signed-off-by: Robert Craig <rpcraig@tycho.ncsc.mil>
 2013-03-26 08:38:58 -04:00
rpcraig
905e316d0b Make ion_device mls trusted. 
Allow device node access irrespective
of MLS restrictions. Third party apps
(untrusted_app) domains need access too.

Change-Id: I132b8201bccb1ff31dc0c15a735f81f645c9836d
 2013-03-22 17:49:43 -07:00
Robert Craig
18b5f87ea1 racoon policy. 
Initial policy for racoon (IKE key management).

Signed-off-by: Robert Craig <rpcraig@tycho.ncsc.mil>
Change-Id: If1e344f39ea914e42afbaa021b272ba1b7113479
 2013-03-22 17:09:26 -07:00
rpcraig
bac9992e86 watchdog security policy. 
Initial policy for software watchdog daemon
which is started by init.

Change-Id: I042a5b1698bf53ce2e50ea06851c374e5123ee2c
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
 2013-03-19 22:48:38 +00:00
hqjiang
4c06d273bc Target the denials/policies over qtaguid file and device: 1. Relabel /proc/net/xt_qtaguid/ctrl from "qtaguid" to "qtaguid_proc"; 2. Label /dev/xt_qtaguid with "qtaguid_device"; 3. Allow mediaserver read/[write] to qtaguid_proc and qtaguid_device; 4. Allow media apps read/[write] to qtaguid_proc and qtaguid_device; 5. Allow system read/[write] to qtaguid_proc and qtaguid_device. 
Actually, some of policies related to qtaguid have been there already, but
we refind existing ones and add new ones.
 2012-07-19 16:11:24 -04:00
hqjiang
ee5f400562 Correct denies of rpmsg device when accessing to remote processors. 2012-07-12 09:28:33 -04:00
hqjiang
81039ab556 Corrected denials for LocationManager when accessing gps over uart. 2012-07-12 09:27:40 -04:00
William Roberts
07ef7227f9 ion fix 2012-06-20 08:03:16 -04:00
William Roberts
80ea1d2305 sdcard policy and fuse device label. 2012-05-31 09:44:51 -04:00
William Roberts
7fa2f9e0f5 Policy for hci_attach service. 2012-05-31 09:40:12 -04:00
Stephen Smalley
c94e2392f6 Further policy for Motorola Xoom. 2012-01-06 10:25:53 -05:00
Stephen Smalley
2dd4e51d5c SE Android policy. 2012-01-04 12:33:27 -05:00