tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
40543 commits 1 branch 0 tags 50 MiB
Commit graph

40543 commits

This branch
This branch
All branches
Author SHA1 Message Date
Seungjae Yoo
8fbe216555 Cleanup ro.boot.microdroid.app_debuggable 
Bug: 260147409
Test: N/A
Change-Id: I3d3e5dc7d26733b7faeeafb854f768d74831a648
 2022-12-09 13:46:26 +09:00
Austin Borger
7694071279 Merge "Create a new system property for the landscape to portrait override." am: 71708e3a1d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2320987

Change-Id: Ib516f4e7d953a946d7a43e6418af12ecec9497d9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-09 00:28:42 +00:00
Austin Borger
71708e3a1d Merge "Create a new system property for the landscape to portrait override." 2022-12-09 00:05:15 +00:00
Victor Hsieh
90fa43e395 Deprecate proc_fs_verity from API 33 
Bug: 249158715
Test: lunch aosp_cf_x86_64_phone-eng; m
Test: TH
Change-Id: I29e4e0a4beb44b0ba66a4dd14266d04dae588df2
 2022-12-08 13:15:27 -08:00
Pomai Ahlo
992b8aa2f3 Merge "[ISap hidl2aidl] Add ISap to sepolicy" am: 90d117d661 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2329593

Change-Id: Iad5a8ed9452c660f6986f76208cd82b257c16ddc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-08 17:54:18 +00:00
Pomai Ahlo
90d117d661 Merge "[ISap hidl2aidl] Add ISap to sepolicy" 2022-12-08 17:32:38 +00:00
Alan Stokes
26aa754f36 Add more zipfuse mount done props 
Allow one property per APK for zipfuse to signal readiness to
microdroid manager.

Bug: 252811466
Test: atest MicrodroidTests
Test: composd_cmd test-compile
Change-Id: Ibe5d0756cda807e677de68335258b96364e91880
 2022-12-08 14:26:19 +00:00
Maciej Żenczykowski
eb4770d68a Merge "bpf - neverallow improvements/cleanups" am: e8a09e2480 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2325355

Change-Id: Ic914741959e1dd2c138fc93068353d2dd8a54f2d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-08 13:03:24 +00:00
Maciej Żenczykowski
e8a09e2480 Merge "bpf - neverallow improvements/cleanups" 2022-12-08 12:39:41 +00:00
Treehugger Robot
c04df680d6 Merge "Remove proc_fs_verity as it's not used in microdroid" am: e596e1f243 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2285497

Change-Id: I14357354f309bc99bb17f1e6c04de2b46e96d997
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-07 18:40:53 +00:00
Treehugger Robot
e596e1f243 Merge "Remove proc_fs_verity as it's not used in microdroid" 2022-12-07 18:25:49 +00:00
Treehugger Robot
aeaf422fe5 Merge "Add permissions for remote_provisioning service" am: 61d823f9c7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2263548

Change-Id: I44fca2b112625e1fd8369788b91f46a1c9e6f40b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-07 18:15:15 +00:00
Treehugger Robot
61d823f9c7 Merge "Add permissions for remote_provisioning service" 2022-12-07 18:06:41 +00:00
Treehugger Robot
4767fc3207 Merge "Clean up proc_fs_verity which is no longer used" am: bb689eae58 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2285498

Change-Id: I1f27f39b89f42fbd679bf2ce08f6a55f7727134e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-07 17:32:08 +00:00
Treehugger Robot
bb689eae58 Merge "Clean up proc_fs_verity which is no longer used" 2022-12-07 17:17:52 +00:00
Gabriel Biren
bb8bb41278 Merge "Update file_contexts for WiFi Vendor HAL AIDL service." am: 41acafb1d6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2328178

Change-Id: I17a11d61834bd3da14e8a91589ff923914716d9c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-07 01:40:40 +00:00
Gabriel Biren
41acafb1d6 Merge "Update file_contexts for WiFi Vendor HAL AIDL service." 2022-12-07 01:30:05 +00:00
Jiyong Park
e9b4649515 Adb root is supported in Microdroid on user builds am: c99fde9178 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2324822

Change-Id: Ife6ddd35ba0718892bb8aeda44c1e9b07fa40961
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-07 01:23:27 +00:00
Martin Stjernholm
c8d686c9fb Remove dalvik.vm.usejitprofiles system property. 
Disabling profiles is no longer supported. Most of the profile support
has been active even when this property was false, and it won't be
supported in the ART Service.

(cherry-picked from commit 58314ecc31)

Test: atest -a CtsCompilationTestCases \
               CtsDexMetadataHostTestCases \
               propertyinfoserializer_tests
  with dalvik.vm.usejitprofiles undefined
Bug: 254434433
Merged-In: I4ca4ce5da49434552c76154f91e09d7ab0129e04
Change-Id: I4ca4ce5da49434552c76154f91e09d7ab0129e04
 2022-12-06 17:38:42 +00:00
Victor Hsieh
9999e20eed Clean up proc_fs_verity which is no longer used 
The reference was deleted in aosp/2281348.

Bug: 249158715
Test: TH
Change-Id: I07f63724e876e1db99acab73836bb52a8aa867d8
 2022-12-06 09:10:41 -08:00
Seth Moore
3accea479a Add permissions for remote_provisioning service 
Bug: 254112668
Test: manual + presubmit
Change-Id: I54d56c34ad4a8199b8aa005742faf9e1e12583c3
 2022-12-06 08:46:20 -08:00
Jiyong Park
c99fde9178 Adb root is supported in Microdroid on user builds 
In Android, adb root is disabled at build-time by not compiling
sepolicies which allows adbd to run in the `su` domain.

However in Microdroid, adb root should be supported even on user builds
because fully-debuggable VMs can be started and adb root is expected
there. Note that adb root is still not supported in non-debuggable VMs
by not starting it at all.

This change removes `userdebug_or_end` conditions from the policies for
adb root. In addition, the `su` domain where adbd runs when rooted is
explicitly marked as a permissive domain allowed.

Bug: 259729287
Test: build a user variant, run fully debuggable microdroid VM. adb root
works there.
Test: run non-debuggable microdroid VM. adb shell (not even adb root)
doesn't work.

Change-Id: I8bb40b7472dcda6619a587e832e22d3cb290c6b9
 2022-12-06 22:30:36 +09:00
Jiyong Park
7b123d4758 Add permissive_domains_on_user_builds to se_policy_binary am: ef56721555 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2324821

Change-Id: I17ea00ad53f395b3445bd682ebdf1c75b6dcb8a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-06 04:01:04 +00:00
Jiyong Park
4ca8349cd5 Remove su_exec from Microdroid am: f970df2f44 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2324820

Change-Id: I51151982f3891737a5f5e32907702512597d836e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-06 04:01:02 +00:00
Austin Borger
f393df9d2b Create a new system property for the landscape to portrait override. 
Apps commonly do not handle landscape orientation cameras correctly. In
order to prevent stretching and rotation issues in these apps, this
patch adds a flag to override the behavior of these landscape cameras
to produce a portrait image instead by changing the SENSOR_ORIENTATION
reported by CameraCharacteristics and applying a 90 degree rotate and
crop.

The camera2 framework needs to be able to turn this on only for certain
devices. Hence, this patch adds a system property for it.

Test: Snow (successful), XRecorder (successful)
Test: Snapchat (successful), Instagram (successful)
Test: Telegram (Zoomed)
Bug: 250678880
Change-Id: I13783d81f5fada71805865a840e4135580f1d876
Merged-In: I13783d81f5fada71805865a840e4135580f1d876
 2022-12-05 19:38:57 -08:00
Jiyong Park
ef56721555 Add permissive_domains_on_user_builds to se_policy_binary 
In Android, we don't allow any domain to be permissive in user builds.
However, in Microdroid permissive domains should be allowed even in user
builds because fully debuggable VMs (where adb root is supported) can be
created there.

This change adds a new property `permissive_domains_on_user_builds` to
the `se_policy_binary` module as a controlled way of adding exceptions
to the enforcement.

Bug: 259729287
Test: m. This CL doesn't add any exception.
Change-Id: I2ae240e92dfdeadd827f027534e3e11ce4534240
 2022-12-06 10:41:29 +09:00
Pomai Ahlo
ff82b77ae8 [ISap hidl2aidl] Add ISap to sepolicy 
Test: m
Bug: 241969533
Change-Id: If9b67605481132d2908adae9fa1f9b1501c37ea0
 2022-12-05 16:23:25 -08:00
Gabriel Biren
52b5ff67b9 Update file_contexts for WiFi Vendor HAL 
AIDL service.

Bug: 205044134
Test: Manual test - check that AIDL service
      starts successfully on Cuttlefish
Change-Id: If6dbb20ca982b998485257e212aa4aa82749d23d
 2022-12-05 23:53:30 +00:00
Jiyong Park
f970df2f44 Remove su_exec from Microdroid 
Microdroid doesn't have the executable `su`. Removing su_exec and any
reference to it.

Bug: N/A
Test: run Microdroid instance and adb root works.
Change-Id: If6c356acbf85ba20a1face3e29e4cb38d002ea06
 2022-12-05 11:54:16 +09:00
Maciej Żenczykowski
4a960869e0 sepolicy - move proc bpf writes from bpfloader.rc to bpfloader binary 
As a reminder, per:
  https://source.corp.google.com/search?q=p:aosp-master%20file:sepolicy%20-file:prebuilts%20proc_bpf%20file:genfs

we currently have:
  aosp-master system/sepolicy/private/genfs_contexts

genfscon proc /sys/kernel/bpf_ u:object_r:proc_bpf:s0
genfscon proc /sys/kernel/unprivileged_bpf_ u:object_r:proc_bpf:s0
genfscon proc /sys/net/core/bpf_ u:object_r:proc_bpf:s0

So the above are the files which will no longer be writable by init.

A cs/ search for p:android$ (/sys/kernel/bpf_|/sys/kernel/unprivileged_bpf_|/sys/net/core/bpf_) file:[.]rc

only finds bpfloader.rc init script as actually doing these writes.

Those writes are removed in:
  https://android-review.git.corp.google.com/c/platform/system/bpf/+/2325617
  'bpfloader - move sysctl setting from rc to binary'

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I19ccdf293966dd982e1d36836b0b962d99ed7275
 2022-12-03 15:22:29 +00:00
Maciej Żenczykowski
9a76805ac3 bpf - neverallow improvements/cleanups 
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I569d88bcfa0089d13d23dfeda111bf3584cad2c0
 2022-12-03 12:33:33 +00:00
Maciej Żenczykowski
3ce95393bc add fs_bpf_loader selinux type am: e14e69a947 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2323334

Change-Id: I2adb019e1ce289838b9aa6d6da6c9a973d97591c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-03 09:46:50 +00:00
Myles Watson
671a0c3bda sepolicy: Add Bluetooth AIDL 
Bug: 205758693
Test: manual - boot local image with Cuttlefish
Change-Id: Ic0c5408d83f8c352b72f79e9024212c7ff0c84c1
 2022-12-02 13:08:26 -08:00
Maciej Żenczykowski
e000271a3c remove init/vendor_init access to bpffs_type am: ebb45f9dea 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2323317

Change-Id: I6648a7a444f4b865d74345a03e2b3f6d0fb12922
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-02 14:49:23 +00:00
Maciej Żenczykowski
e14e69a947 add fs_bpf_loader selinux type 
To be used for things that only the bpfloader should be access.

Expected use case is for programs that the bpfloader should load,
pin into the filesystem, *and* attach.

[ie. no need for anything else to attach the programs]

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I035d3fcbf6cee523e41cdde23b8edc13311a45e8
 2022-12-02 12:26:49 +00:00
Maciej Żenczykowski
ebb45f9dea remove init/vendor_init access to bpffs_type 
There should be no need for this and it fixes a long outstanding TODO.

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Id1764cbc713addbbda6827fe6c6689e45e8f584c
 2022-12-02 12:26:03 +00:00
Treehugger Robot
cbe84dcb4d Merge "Provide network permissions to RKPD app." am: 89248159da 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2324014

Change-Id: I7e28568a57eee51c407e08232bab06fab4babf66
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 22:03:05 +00:00
Treehugger Robot
89248159da Merge "Provide network permissions to RKPD app." 2022-12-01 21:38:16 +00:00
Treehugger Robot
b9e9451c42 Merge "Move microdroid_*.config_done part to diff context" am: 98d709b4df 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2323437

Change-Id: I9f8e4487de318c0dcf23cece3276adb35da05516
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 19:47:51 +00:00
Treehugger Robot
98d709b4df Merge "Move microdroid_*.config_done part to diff context" 2022-12-01 19:07:38 +00:00
Vikram Gaur
592b345626 Provide network permissions to RKPD app. 
Test: TH
Change-Id: I5f721f5b3066ea95780487286a03b7028f11a3d5
 2022-12-01 18:54:08 +00:00
Treehugger Robot
8078bc949f Merge "Sepolicy for microdroid_manager.init_done" am: 3c41cfa51f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2322655

Change-Id: I887404471156e417cdc3fe52e512fc598bc977bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 16:58:45 +00:00
Treehugger Robot
3c41cfa51f Merge "Sepolicy for microdroid_manager.init_done" 2022-12-01 16:23:43 +00:00
Shikha Panwar
f9089686e9 Move microdroid_*.config_done part to diff context 
We introduced selinux context: microdroid_lifecycle_prop to group the
properties set by microdroid_manager related to its boot lifecycle.
microdroid_manager.config_done is more suitable to be grouped in this
context.

Test: MicrodroidHostTests#testMicrodroidBoots which also checks selinux
denials

Bug: 260005615
Change-Id: I81729146c2fc98479b9a71053e4cf8ba5d89de5e
 2022-12-01 15:13:05 +00:00
Shikha Panwar
e1578a50fb Sepolicy for microdroid_manager.init_done 
Add a new selinux context: microdroid_lifecycle_prop for properties like
microdroid_manager.init_done. Also adding neverallow rule to not let
anyone other than init & microdroid_manager set it.

Bug: 260713790
Test: Builds
Change-Id: I81470ce596cfe5870b6777b6ae6fde3a0dc486d1
 2022-12-01 14:59:06 +00:00
Yu Shan
96c3b41113 Allow wider remote access names. 
Test: local test @v1-tcu-test-service.
Bug: 254547153
Change-Id: I82ed9e9e439913602e26042e357b5fa33338ef97
 2022-11-30 17:07:49 -08:00
Steven Moreland
ab6bb503e9 Merge "sepolicy for SE HAL" am: c3802445d0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2285333

Change-Id: I6d8b7c34c3600c49adb9035bf204d30000495432
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-29 23:05:05 +00:00
Steven Moreland
c3802445d0 Merge "sepolicy for SE HAL" 2022-11-29 22:30:40 +00:00
Nikita Ioffe
2039173556 Merge "Add sepolicy for microdroid_config_prop sysprops" am: ddc29b8d79 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2318890

Change-Id: I10cd67f604e3f9e1246cc51130988d906d037426
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-29 11:19:13 +00:00
Nikita Ioffe
ddc29b8d79 Merge "Add sepolicy for microdroid_config_prop sysprops" 2022-11-29 10:48:24 +00:00