tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
40407 commits 1 branch 0 tags 50 MiB
Commit graph

40407 commits

This branch
This branch
All branches
Author SHA1 Message Date
Paul Lawrence
b39cbc0856 Add ro.fuse.bpf.is_running 
is_running flag signals to tests whether fuse-bpf is running

Test: Builds, runs, ro.fuse.bpf.is_running is correct, fuse-bpf works
Bug: 202785178
Change-Id: I0b02e20ab8eb340733de1138889c8f618f7a17fa
 2022-12-12 17:08:13 -08:00
Akilesh Kailash
64711e9de5 Merge "Virtual_ab: Add property to control batch writes" 2022-12-12 16:39:00 +00:00
Jiakai Zhang
7269c1bfe9 Merge "Allow artd to access primary dex'es in external and vendor partitions." 2022-12-12 16:32:37 +00:00
Jiakai Zhang
5e531051b6 Allow artd to access primary dex'es in external and vendor partitions. 
Otherwise, we will get SELinux denials like:
W binder:6098_5: type=1400 audit(0.0:138): avc: denied { search } for name="framework" dev="dm-6" ino=478 scontext=u:r:artd:s0 tcontext=u:object_r:vendor_framework_file:s0 tclass=dir permissive=0

Bug: 262230400
Test: No longer see such SELinux denials.
Change-Id: Ic31fdabb16341c51466531c88ca040698331b248
 2022-12-12 14:28:40 +00:00
Seungjae Yoo
2ca7ebd8a2 Merge "Cleanup ro.boot.microdroid.app_debuggable" 2022-12-12 00:16:58 +00:00
Akilesh Kailash
5fa04f20f5 Virtual_ab: Add property to control batch writes 
Bug: 254188450
Test: OTA
Change-Id: I43c35859e98e449a45164b4d55db43b63ddbaba8
Signed-off-by: Akilesh Kailash <akailash@google.com>
 2022-12-11 16:14:47 +00:00
Treehugger Robot
d838f6443e Merge "Remove netdomain from Microdroid" 2022-12-10 06:57:54 +00:00
Chris Weir
caf905ff3c Merge "SEPolicy for AIDL CAN HAL" 2022-12-09 22:09:12 +00:00
Xin Li
bfd51973aa Merge "Merge Android 13 QPR1" 2022-12-09 21:51:16 +00:00
Treehugger Robot
39617aca42 Merge "sepolicy - move proc bpf writes from bpfloader.rc to bpfloader binary" 2022-12-09 20:25:48 +00:00
Chris Weir
eee59458c2 SEPolicy for AIDL CAN HAL 
CAN HAL moving to AIDL, SEPolicy will need to be adjusted.

Bug: 170405615
Test: AIDL CAN HAL VTS
Change-Id: I0d238d38aebb5895ae27fcb52cf43cd481327421
 2022-12-09 11:00:10 -08:00
Xin Li
31e494e804 Merge Android 13 QPR1 
Bug: 261731544
Merged-In: I07f63724e876e1db99acab73836bb52a8aa867d8
Change-Id: I2b3e98b6dfb05e1b787db4f14f3084f3c11f716e
 2022-12-09 10:31:11 -08:00
Jiyong Park
2660633d34 Remove netdomain from Microdroid 
Nothing in Microdroid uses tcp/udp/rawip sockets. Removing netdomain
attribute for the capability. Note that some processes can use
networking via vsock.

Bug: N/A
Test: watch TH

Change-Id: Id10861d0520770578503dd93b0c72c3d6be993e8
 2022-12-09 14:31:40 +09:00
Seungjae Yoo
8fbe216555 Cleanup ro.boot.microdroid.app_debuggable 
Bug: 260147409
Test: N/A
Change-Id: I3d3e5dc7d26733b7faeeafb854f768d74831a648
 2022-12-09 13:46:26 +09:00
Austin Borger
7694071279 Merge "Create a new system property for the landscape to portrait override." am: 71708e3a1d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2320987

Change-Id: Ib516f4e7d953a946d7a43e6418af12ecec9497d9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-09 00:28:42 +00:00
Austin Borger
71708e3a1d Merge "Create a new system property for the landscape to portrait override." 2022-12-09 00:05:15 +00:00
Pomai Ahlo
992b8aa2f3 Merge "[ISap hidl2aidl] Add ISap to sepolicy" am: 90d117d661 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2329593

Change-Id: Iad5a8ed9452c660f6986f76208cd82b257c16ddc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-08 17:54:18 +00:00
Pomai Ahlo
90d117d661 Merge "[ISap hidl2aidl] Add ISap to sepolicy" 2022-12-08 17:32:38 +00:00
Maciej Żenczykowski
eb4770d68a Merge "bpf - neverallow improvements/cleanups" am: e8a09e2480 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2325355

Change-Id: Ic914741959e1dd2c138fc93068353d2dd8a54f2d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-08 13:03:24 +00:00
Maciej Żenczykowski
e8a09e2480 Merge "bpf - neverallow improvements/cleanups" 2022-12-08 12:39:41 +00:00
Treehugger Robot
c04df680d6 Merge "Remove proc_fs_verity as it's not used in microdroid" am: e596e1f243 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2285497

Change-Id: I14357354f309bc99bb17f1e6c04de2b46e96d997
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-07 18:40:53 +00:00
Treehugger Robot
e596e1f243 Merge "Remove proc_fs_verity as it's not used in microdroid" 2022-12-07 18:25:49 +00:00
Treehugger Robot
aeaf422fe5 Merge "Add permissions for remote_provisioning service" am: 61d823f9c7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2263548

Change-Id: I44fca2b112625e1fd8369788b91f46a1c9e6f40b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-07 18:15:15 +00:00
Treehugger Robot
61d823f9c7 Merge "Add permissions for remote_provisioning service" 2022-12-07 18:06:41 +00:00
Treehugger Robot
4767fc3207 Merge "Clean up proc_fs_verity which is no longer used" am: bb689eae58 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2285498

Change-Id: I1f27f39b89f42fbd679bf2ce08f6a55f7727134e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-07 17:32:08 +00:00
Treehugger Robot
bb689eae58 Merge "Clean up proc_fs_verity which is no longer used" 2022-12-07 17:17:52 +00:00
Gabriel Biren
bb8bb41278 Merge "Update file_contexts for WiFi Vendor HAL AIDL service." am: 41acafb1d6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2328178

Change-Id: I17a11d61834bd3da14e8a91589ff923914716d9c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-07 01:40:40 +00:00
Gabriel Biren
41acafb1d6 Merge "Update file_contexts for WiFi Vendor HAL AIDL service." 2022-12-07 01:30:05 +00:00
Jiyong Park
e9b4649515 Adb root is supported in Microdroid on user builds am: c99fde9178 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2324822

Change-Id: Ife6ddd35ba0718892bb8aeda44c1e9b07fa40961
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-07 01:23:27 +00:00
Victor Hsieh
9999e20eed Clean up proc_fs_verity which is no longer used 
The reference was deleted in aosp/2281348.

Bug: 249158715
Test: TH
Change-Id: I07f63724e876e1db99acab73836bb52a8aa867d8
 2022-12-06 09:10:41 -08:00
Seth Moore
3accea479a Add permissions for remote_provisioning service 
Bug: 254112668
Test: manual + presubmit
Change-Id: I54d56c34ad4a8199b8aa005742faf9e1e12583c3
 2022-12-06 08:46:20 -08:00
Jiyong Park
c99fde9178 Adb root is supported in Microdroid on user builds 
In Android, adb root is disabled at build-time by not compiling
sepolicies which allows adbd to run in the `su` domain.

However in Microdroid, adb root should be supported even on user builds
because fully-debuggable VMs can be started and adb root is expected
there. Note that adb root is still not supported in non-debuggable VMs
by not starting it at all.

This change removes `userdebug_or_end` conditions from the policies for
adb root. In addition, the `su` domain where adbd runs when rooted is
explicitly marked as a permissive domain allowed.

Bug: 259729287
Test: build a user variant, run fully debuggable microdroid VM. adb root
works there.
Test: run non-debuggable microdroid VM. adb shell (not even adb root)
doesn't work.

Change-Id: I8bb40b7472dcda6619a587e832e22d3cb290c6b9
 2022-12-06 22:30:36 +09:00
Jiyong Park
7b123d4758 Add permissive_domains_on_user_builds to se_policy_binary am: ef56721555 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2324821

Change-Id: I17ea00ad53f395b3445bd682ebdf1c75b6dcb8a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-06 04:01:04 +00:00
Jiyong Park
4ca8349cd5 Remove su_exec from Microdroid am: f970df2f44 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2324820

Change-Id: I51151982f3891737a5f5e32907702512597d836e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-06 04:01:02 +00:00
Austin Borger
f393df9d2b Create a new system property for the landscape to portrait override. 
Apps commonly do not handle landscape orientation cameras correctly. In
order to prevent stretching and rotation issues in these apps, this
patch adds a flag to override the behavior of these landscape cameras
to produce a portrait image instead by changing the SENSOR_ORIENTATION
reported by CameraCharacteristics and applying a 90 degree rotate and
crop.

The camera2 framework needs to be able to turn this on only for certain
devices. Hence, this patch adds a system property for it.

Test: Snow (successful), XRecorder (successful)
Test: Snapchat (successful), Instagram (successful)
Test: Telegram (Zoomed)
Bug: 250678880
Change-Id: I13783d81f5fada71805865a840e4135580f1d876
Merged-In: I13783d81f5fada71805865a840e4135580f1d876
 2022-12-05 19:38:57 -08:00
Jiyong Park
ef56721555 Add permissive_domains_on_user_builds to se_policy_binary 
In Android, we don't allow any domain to be permissive in user builds.
However, in Microdroid permissive domains should be allowed even in user
builds because fully debuggable VMs (where adb root is supported) can be
created there.

This change adds a new property `permissive_domains_on_user_builds` to
the `se_policy_binary` module as a controlled way of adding exceptions
to the enforcement.

Bug: 259729287
Test: m. This CL doesn't add any exception.
Change-Id: I2ae240e92dfdeadd827f027534e3e11ce4534240
 2022-12-06 10:41:29 +09:00
Pomai Ahlo
ff82b77ae8 [ISap hidl2aidl] Add ISap to sepolicy 
Test: m
Bug: 241969533
Change-Id: If9b67605481132d2908adae9fa1f9b1501c37ea0
 2022-12-05 16:23:25 -08:00
Gabriel Biren
52b5ff67b9 Update file_contexts for WiFi Vendor HAL 
AIDL service.

Bug: 205044134
Test: Manual test - check that AIDL service
      starts successfully on Cuttlefish
Change-Id: If6dbb20ca982b998485257e212aa4aa82749d23d
 2022-12-05 23:53:30 +00:00
Jiyong Park
f970df2f44 Remove su_exec from Microdroid 
Microdroid doesn't have the executable `su`. Removing su_exec and any
reference to it.

Bug: N/A
Test: run Microdroid instance and adb root works.
Change-Id: If6c356acbf85ba20a1face3e29e4cb38d002ea06
 2022-12-05 11:54:16 +09:00
Maciej Żenczykowski
4a960869e0 sepolicy - move proc bpf writes from bpfloader.rc to bpfloader binary 
As a reminder, per:
  https://source.corp.google.com/search?q=p:aosp-master%20file:sepolicy%20-file:prebuilts%20proc_bpf%20file:genfs

we currently have:
  aosp-master system/sepolicy/private/genfs_contexts

genfscon proc /sys/kernel/bpf_ u:object_r:proc_bpf:s0
genfscon proc /sys/kernel/unprivileged_bpf_ u:object_r:proc_bpf:s0
genfscon proc /sys/net/core/bpf_ u:object_r:proc_bpf:s0

So the above are the files which will no longer be writable by init.

A cs/ search for p:android$ (/sys/kernel/bpf_|/sys/kernel/unprivileged_bpf_|/sys/net/core/bpf_) file:[.]rc

only finds bpfloader.rc init script as actually doing these writes.

Those writes are removed in:
  https://android-review.git.corp.google.com/c/platform/system/bpf/+/2325617
  'bpfloader - move sysctl setting from rc to binary'

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I19ccdf293966dd982e1d36836b0b962d99ed7275
 2022-12-03 15:22:29 +00:00
Maciej Żenczykowski
9a76805ac3 bpf - neverallow improvements/cleanups 
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I569d88bcfa0089d13d23dfeda111bf3584cad2c0
 2022-12-03 12:33:33 +00:00
Maciej Żenczykowski
3ce95393bc add fs_bpf_loader selinux type am: e14e69a947 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2323334

Change-Id: I2adb019e1ce289838b9aa6d6da6c9a973d97591c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-03 09:46:50 +00:00
Maciej Żenczykowski
e000271a3c remove init/vendor_init access to bpffs_type am: ebb45f9dea 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2323317

Change-Id: I6648a7a444f4b865d74345a03e2b3f6d0fb12922
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-02 14:49:23 +00:00
Maciej Żenczykowski
e14e69a947 add fs_bpf_loader selinux type 
To be used for things that only the bpfloader should be access.

Expected use case is for programs that the bpfloader should load,
pin into the filesystem, *and* attach.

[ie. no need for anything else to attach the programs]

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I035d3fcbf6cee523e41cdde23b8edc13311a45e8
 2022-12-02 12:26:49 +00:00
Maciej Żenczykowski
ebb45f9dea remove init/vendor_init access to bpffs_type 
There should be no need for this and it fixes a long outstanding TODO.

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Id1764cbc713addbbda6827fe6c6689e45e8f584c
 2022-12-02 12:26:03 +00:00
Treehugger Robot
cbe84dcb4d Merge "Provide network permissions to RKPD app." am: 89248159da 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2324014

Change-Id: I7e28568a57eee51c407e08232bab06fab4babf66
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 22:03:05 +00:00
Treehugger Robot
89248159da Merge "Provide network permissions to RKPD app." 2022-12-01 21:38:16 +00:00
Treehugger Robot
b9e9451c42 Merge "Move microdroid_*.config_done part to diff context" am: 98d709b4df 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2323437

Change-Id: I9f8e4487de318c0dcf23cece3276adb35da05516
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 19:47:51 +00:00
Treehugger Robot
98d709b4df Merge "Move microdroid_*.config_done part to diff context" 2022-12-01 19:07:38 +00:00
Vikram Gaur
592b345626 Provide network permissions to RKPD app. 
Test: TH
Change-Id: I5f721f5b3066ea95780487286a03b7028f11a3d5
 2022-12-01 18:54:08 +00:00