David Drysdale
3242c6a271
Allow virtualizationserver->ISecretkeeper
...
Test: build and run in CF, see connection
Change-Id: I2d6f0c3836c4de061a456039ded899b4d3a3e7f5
2024-02-19 15:29:33 +00:00
Treehugger Robot
8dae0dd2db
Merge "Support multiple se_flags modules" into main am: f9f826fb30
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2963582
Change-Id: Ie6758c95131388b40c8731151529672e271dc430
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-19 05:01:22 +00:00
Treehugger Robot
f9f826fb30
Merge "Support multiple se_flags modules" into main
2024-02-19 04:30:04 +00:00
Jooyung Han
454fadc9bf
Merge "Revert^2 "Relax neverallows for vendor to use /system/bin/sh"" into main am: 77b2a438fc
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2967262
Change-Id: Ifc691316b223ba8bf5ddb3f2a4fad43afb580fdb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-19 02:12:48 +00:00
Jooyung Han
77b2a438fc
Merge "Revert^2 "Relax neverallows for vendor to use /system/bin/sh"" into main
2024-02-19 02:03:06 +00:00
Inseob Kim
b42fd4cb3d
Merge "label boot animations on oem with bootanim_oem_file" into main am: d1fada7e61
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2964524
Change-Id: I281fea83a7dc0144e7dc4383a61d7485688808f8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-19 01:51:41 +00:00
Inseob Kim
d1fada7e61
Merge "label boot animations on oem with bootanim_oem_file" into main
2024-02-19 01:21:00 +00:00
Jooyung Han
9a123be434
Revert^2 "Relax neverallows for vendor to use /system/bin/sh"
...
This reverts commit f77cf6780c
.
Reason for revert: sepolicy change is still necessary. (won't break things)
Change-Id: If47218b39ac34c21f3e09d29a5e713b240c4f0a6
2024-02-16 11:06:40 +00:00
Jernej Virag
dd1b00fa71
Merge "Revert "Relax neverallows for vendor to use /system/bin/sh"" into main am: bbff9f5ea1
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2967124
Change-Id: I41a1e6a99a393eaada22f0df0ce0a86b90200d11
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-16 10:49:56 +00:00
Jernej Virag
bbff9f5ea1
Merge "Revert "Relax neverallows for vendor to use /system/bin/sh"" into main
2024-02-16 10:13:22 +00:00
Håkan Kvist
1f915b4b13
label boot animations on oem with bootanim_oem_file
...
Bootanimation only access boot animation files on oem. Label
these files with bootanim_oem_file and remove oemfs file allow rule.
Also allow mediaserver and app to read this new label as they can access
/oem/media folder.
Bug: 324437684
Test: Confirm that boot animation on oem is shown without violations
Change-Id: I940ccde9391a5daa920f31926d32e68b1de5b7eb
2024-02-16 11:08:30 +01:00
Joonhun Shin
f77cf6780c
Revert "Relax neverallows for vendor to use /system/bin/sh"
...
Revert submission 2964802-sh_path
Reason for revert: <b/325569171>
Reverted changes: /q/submissionid:2964802-sh_path
Change-Id: I89e635e742d8f4f8a79afa1bb2646c7621705994
2024-02-16 09:22:42 +00:00
Jooyung Han
7f41c9d97c
Merge "Relax neverallows for vendor to use /system/bin/sh" into main am: 0ae95839d3
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2964802
Change-Id: If2cb6ee085b393d62a4884b2c3959fbb2a0bb078
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-16 07:58:34 +00:00
Inseob Kim
bf7f4a4401
Support multiple se_flags modules
...
Instead of centralized one se_flags module under system/sepolicy,
additional se_flags modules can be defined anywhere to support defining
downstream branches' own flagging.
Bug: 321875465
Test: TH
Test: soong test
Change-Id: I6e45c859b7f09e27ba1d60033b0db1424472cb63
2024-02-16 16:14:40 +09:00
Jooyung Han
0ae95839d3
Merge "Relax neverallows for vendor to use /system/bin/sh" into main
2024-02-16 06:56:45 +00:00
Trevor David Black
db14b179d2
Add fifo_file read access to enable gpuservice within device cts am: 4105da26f9
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2966382
Change-Id: I71db3ebeccff51145f667a2315cc536df058d345
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-16 05:32:10 +00:00
Trevor David Black
4105da26f9
Add fifo_file read access to enable gpuservice within device cts
...
Bug: 299537644
Test: atest -c CtsGraphicsTestCases:VulkanFeaturesTest#testAndroidBaselineProfile2021Support
Change-Id: Iab5c4255f01317c197488158ef8cc63fcf0ebb3b
2024-02-15 22:21:30 +00:00
Mikhail Naganov
f5b07ca2a3
Merge "Add ro.audio.ihaladaptervendorextension_enabled property" into main am: ead55ce93a
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2964162
Change-Id: I623ddbc287c48ec0c7fad5b8f566ee1fc951f9f3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-15 17:47:17 +00:00
Mikhail Naganov
ead55ce93a
Merge "Add ro.audio.ihaladaptervendorextension_enabled property" into main
2024-02-15 17:08:10 +00:00
Dennis Shen
7254b104f6
Merge "selinux setup for files under /metadata/aconfig dir" into main am: 537a704088
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2960462
Change-Id: I9e170a4fa7293aed2bf9d0818f6ba0c8d558b151
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-15 13:53:00 +00:00
Dennis Shen
537a704088
Merge "selinux setup for files under /metadata/aconfig dir" into main
2024-02-15 13:20:02 +00:00
Tej Singh
4ed39a7a6e
Merge "stats_service: only disallow untrusted access" into main am: aebd92592a
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2962926
Change-Id: I8aa5df2f2472046ebc59a76df5bfc3c49a491476
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-15 09:20:12 +00:00
Tej Singh
aebd92592a
Merge "stats_service: only disallow untrusted access" into main
2024-02-15 08:30:19 +00:00
Jooyung Han
f0ba322926
Relax neverallows for vendor to use /system/bin/sh
...
Since 202404, vendor components will use /system/bin/sh for system(3),
popen(3), etc.
Bug: 324142245
Test: system("readlink /proc/$$/exe") in vendor HALs
Change-Id: I521499678e87a7d0216a276e014888867f495803
2024-02-15 13:18:40 +09:00
Tej Singh
000b251c7d
stats_service: only disallow untrusted access
...
Allow device-specific domains to access stats_service. All access must
be done over proper APIs (StatsManager, AStatsManager) instead of
accessing the AIDL interfaces directly.
Test: build
Bug: 318788254
Change-Id: I98ddc1900350daf755372be7249f25a462e3242d
2024-02-14 15:07:21 -08:00
Brandon Liu
dbf77ceff6
Merge "Revert "[res] Allow accessing idmap files in all zygotes"" into main am: 37c4c7c500
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2962104
Change-Id: I65b5d1e3048828d13cb63653c965ca54b5af0d3b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-14 21:37:09 +00:00
Brandon Liu
37c4c7c500
Merge "Revert "[res] Allow accessing idmap files in all zygotes"" into main
2024-02-14 20:49:22 +00:00
Mikhail Naganov
8b69e5fd48
Add ro.audio.ihaladaptervendorextension_enabled property
...
This property is used by libaudiohal@aidl to detect whether
the system_ext partition provides an instance of
IHalAdapterVendorExtension. This is a "system internal"
property because it belongs to `system_ext`.
Bug: 323989070
Test: atest audiorouting_test
Ignore-AOSP-First: coupled with Pixel change, will upstream
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:17406cd0a723cb89a03705709ec78d37b3d66042 )
Merged-In: I81267da070958a70f2f3c4882718cac4600e3476
Change-Id: I81267da070958a70f2f3c4882718cac4600e3476
2024-02-14 18:53:37 +00:00
Dennis Shen
6c8210da20
selinux setup for files under /metadata/aconfig dir
...
1, /metadata/aconfig is the directory that stores aconfig storage
related protobuf files and flag value files boot copy. Grant read
access to everybody. But limit the write access only to init and
aconfig storage service process (to be created later)
2, /metadata/aconfig/flags is the sub directory that stores persistent
aconfig value files.Initially set it up to be accessible by
system_server process only . When aconfig storage service process is
created, will add another permission to storage service process.
Context to why we are hosting flag data on /metadata partition:
Android is adopting trunk stable workflow, flagging and A/B testing is
essential to every platform component. We need some place to host the
flag that are accessible to system processes that starts before /data
partition becomes available.
In addition, there has been a long discussion regarding utilizing
/metadata partition for some process data, another example is mainline
modules, we are trying to make them to be able to be mounted earlier,
but cannot due to /data availability.
Bug: 312444587
Test: m
Change-Id: I7e7dae5cf8c4268d71229c770af31b5e9f071428
2024-02-14 17:56:29 +00:00
Patrick Baumann
7ee66a0391
Revert "[res] Allow accessing idmap files in all zygotes"
...
This reverts commit 1195b5eb14
.
Reason for revert: b/325161357
Change-Id: I7e6846791020938fb732311105e0f692c648a0f1
2024-02-14 16:24:59 +00:00
Changyeon Jo
31a94f218a
[automerger skipped] [RESTRICT AUTOMERGE] Allow dumpstate to make binder IPC to automotive display service am: d16bdc461f
-s ours am: 41f83574eb
-s ours
...
am skip reason: skipped by inseob
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2960075
Change-Id: Icc415475c4be9d6024dfdfa02eb70e99760fd6ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-14 06:27:24 +00:00
Changyeon Jo
41f83574eb
[automerger skipped] [RESTRICT AUTOMERGE] Allow dumpstate to make binder IPC to automotive display service am: d16bdc461f
-s ours
...
am skip reason: skipped by inseob
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2960075
Change-Id: I44f8d2b6ad20f33521b363781a843a5aa1d5cfed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-14 05:03:04 +00:00
Yurii Zubrytskyi
940443d4df
[res] Allow accessing idmap files in all zygotes am: 1195b5eb14
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2962670
Change-Id: I7eb51708ceca8b3dafdaf9dd65c0595cf801f432
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-14 04:20:01 +00:00
Yurii Zubrytskyi
1195b5eb14
[res] Allow accessing idmap files in all zygotes
...
Resources now cache open idmap fds to speed up the up-to-date
checks, and this requires zygote processes to be able to access
them
Bug: 282215580
Test: atest android.text.cts.EmojiTest
Change-Id: I808be8a5d321a01193e7f76e316f5f64d4235753
2024-02-14 02:04:55 +00:00
Seungjae Yoo
ec2735ac6a
Allow appdomain to read dir and files under vendor_microdroid_file am: 01c4f57431
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2960542
Change-Id: Idd6fae593bbe92fd7b15500aa0ce3c3ff1bb0013
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-14 01:31:41 +00:00
Inseob Kim
ee509ccd48
Merge changes from topic "revert-2954994-revert-2952245-vfrc_as_tot_sepolicy-AMFGMLDWQF-IIRWTIICIK" into main am: d88d8959a8
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2960346
Change-Id: Ifcee813c4dcbbe3ec133737e8532586e71a41f8e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-13 13:55:31 +00:00
Inseob Kim
ed15451e78
Revert^2 "Fix freeze test condition to board api" am: e28eb52f4e
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2960345
Change-Id: Ifbc4f013eea02d908efdce8666057391fc3fcf30
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-13 13:55:25 +00:00
Seungjae Yoo
01c4f57431
Allow appdomain to read dir and files under vendor_microdroid_file
...
For testing purpose, now we need to use microdroid vendor image for the
production due to vendor hashtree digest value comes from the
bootloader. In the past, we've used distinguished image file for testing
purpose, but we can't now.
Bug: 323768068
Test: atest MicrodroidTests#bootsWithVendorPartition
Test: atest MicrodroidBenchmarks#testMicrodroidDebugBootTime_withVendorPartition
Change-Id: Ic58e51466da0273cf27219d9228f33000e0ecb88
2024-02-13 05:44:15 +00:00
Changyeon Jo
d16bdc461f
[RESTRICT AUTOMERGE] Allow dumpstate to make binder IPC to automotive display service
...
Bug: 280837170
Bug: 313360015
Test: atest android.security.cts.SELinuxHostTest#testNoBugreportDenials
Change-Id: I8239ba23bb60b95e7dd07a4c8a99167f1e08192b
(cherry picked from commit 152a2f1755
)
2024-02-13 05:16:32 +00:00
Inseob Kim
d88d8959a8
Merge changes from topic "revert-2954994-revert-2952245-vfrc_as_tot_sepolicy-AMFGMLDWQF-IIRWTIICIK" into main
...
* changes:
Revert^2 "Add 1000000.0 mapping file temporarily"
Revert^2 "Fix freeze test condition to board api"
2024-02-13 04:02:36 +00:00
Inseob Kim
e28eb52f4e
Revert^2 "Fix freeze test condition to board api"
...
f3fad1a66b
Change-Id: I19b36342de003a32a2c76fb513382f1b34cf5a7e
2024-02-13 02:19:48 +00:00
Inseob Kim
e41e95e0ea
Revert^2 "Add 1000000.0 mapping file temporarily"
...
82126e9d77
Change-Id: Ia2ef237d9918532f24cd00688ae2bc15196123e9
2024-02-13 02:19:24 +00:00
Treehugger Robot
5ce39158f3
Merge "Add rules for Perfetto to be used from system_server" into main am: f80a830b32
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2958867
Change-Id: Ie3a299620a9aa99c92bde99bd27ea72fdade9a69
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-12 20:59:08 +00:00
Nate Myren
0980c27aef
Merge "Remove mounton from app and web zygote" into main am: a8f2bbf7c2
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2947925
Change-Id: I4143393154c2850cd4891420d0dc0eddcca0e3ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-12 20:58:29 +00:00
Treehugger Robot
f80a830b32
Merge "Add rules for Perfetto to be used from system_server" into main
2024-02-12 20:51:16 +00:00
Nate Myren
a8f2bbf7c2
Merge "Remove mounton from app and web zygote" into main
2024-02-12 20:13:33 +00:00
Carmen Jackson
28b811df1c
Add rules for Perfetto to be used from system_server
...
This includes rules for starting Perfetto as well as rules for
communicating over stdio between Perfetto and system_server.
Bug: 293957254
Test: Presubmit & tested in conjunction with internal change
Change-Id: I7e4c044a6a2afb48c33d65cc421e797d77aacc12
2024-02-12 18:33:32 +00:00
Carlos Galo
34b93f22b7
lmkd: Add ro.lmkd.direct_reclaim_threshold_ms property policies
...
Add policies to control ro.lmkd.direct_reclaim_threshold_ms lmkd property.
Test: m
Bug: 244232958
Change-Id: Ic2438a17569ef12925c45ee2f15a05449c77f205
Signed-off-by: Carlos Galo <carlosgalo@google.com>
2024-02-12 09:37:00 -08:00
Yisroel Forta
f86fab0d6d
Merge "SELinux permissions for ProfilingService" into main am: e510cb8696
...
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2955343
Change-Id: Id393a7cdbcbb82d767b2457c33daf2c96c5bead7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2024-02-12 14:51:42 +00:00
Yisroel Forta
e510cb8696
Merge "SELinux permissions for ProfilingService" into main
2024-02-12 14:22:31 +00:00