This patch allows ioctls() to support zoned device.
Bug: 172377740
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I69b322ceffd45c7e191d3a37e67ac7324c5b7ee2
This change enables xfrm netlink socket use for the system server,
and the network_stack process. This will be used by IpSecService
to configure SAs, and network stack to monitor counters & replay
bitmaps for monitoring of IPsec tunnels.
Bug: 233392908
Test: Compiled
Change-Id: I25539dc579f21d6288fa962d1fad9b51573f017d
Commit ea9921f4f5b9 ("f2fs-tools: support zoned device in Android") in
f2fs-tools supports zoned device in Android. When detecting the disk
supports zoned device with proper types, we need to access its sysfs
entry. Note that, we need to check sysfs entries by default for
non-zoned disks in general as well.
If a product doesn't use metadata encryption which sets a device mapper, vendor
selinux needs to allow sysfs entries for raw disks such as sysfs_scsi_devices or
sysfs_devices_block.
avc: denied { search } for comm="fsck.f2fs" name="dm-44" dev="sysfs" ino=82102 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_dm:s0 tclass=dir permissive=0
avc: denied { read } for comm="fsck.f2fs" name="zoned" dev="sysfs" ino=82333 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_dm:s0 tclass=file permissive=0
Bug: 172377740
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: Iaa4dc9826b614b71b928c33ebc207afab96e586a
To perform sdk sandbox data isolation, the zygote gets the selinux label
of SDK sandbox storage (e.g. /data/misc_{ce,de}/<user-id>/sdksandbox)
before tmpfs is mounted onto /data/misc_{ce,de} (or other volumes). It
relabels it back once bind mounting of required sandbox data is done.
This change allows for the zygote to perform these operations.
Bug: 214241165
Test: atest SdkSandboxStorageHostTest
Change-Id: I28d1709ab4601f0fb1788435453ed19d023dc80b
Currently, app process can freely execute path at
`/data/misc_ce/0/sdksandbox/<package-name>` since it's labeled as system
file. They can't read or write, but use 403/404
error to figure out if an app is installed or not.
By changing the selinux label of the parent directory:
`/data/misc_ce/0/sdksandbox`, we can restrict app process from executing
inside the directory and avoid the privacy leak.
Sandbox process should only have "search" permission on the new label so
that it can pass through it to its data directory located in
`/data/misc_ce/0/sdksandbox/<package-name>/<per-sdk-dir>`.
Bug: 214241165
Test: atest SdkSandboxStorageHostTest
Test: `adb shell cd /data/misc_ce/0/sdksandbox` gives error
Test: manual test to verify webview still works
Change-Id: Id8771b322d4eb5532eaf719f203ca94035e2a8ed
Merged-In: Id8771b322d4eb5532eaf719f203ca94035e2a8ed
Remove references in sepolicy. Leave a few of the types defined since
they're public and may be used in device-specific policy.
Bug: 211461392
Test: build/boot cuttlefish
Change-Id: I615137b92b82b744628ab9b7959ae5ff28001169
Let vendor_init can react Vendor System Native Experiment
changes via persist.device_config.vendor_system_native.* properties.
Bug: 223685902
Test: Build and check no avc denied messages in dmesg
Change-Id: If69d1dab02d6c36cdb1f6e668887f8afe03e5b0e
Merged-In: If69d1dab02d6c36cdb1f6e668887f8afe03e5b0e
r.android.com/2060021 made it possible for tombstone_transmit to remove
the tombstone file from guest after reading it. This is the required
Selinux policy for that.
Bug: 232403725
Test: atest MicrodroidHostTestCases & check vm logs for avc:
denials
Change-Id: Ic071c0bd5ecb85f4ceae84e435afdec155fbba0b
am skip reason: Merged-In Idb5c4a4c6f175e338722971944bf08ba99835476 with SHA-1 3bd63cc206 is already in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1959735
Change-Id: I585e61bf161a3696393ae3b2ea51927625ef7e6c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
am skip reason: Merged-In I2e84193668dcdf24bde1c7e12b3cfd8a03954a16 with SHA-1 23173455ab is already in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1956657
Change-Id: I293aafe8554d6221caeabae5ad23a331906423c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
am skip reason: Merged-In I6463965c094b9b3c4f3f70929a09e109ee9c84b9 with SHA-1 39f29f758e is already in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1956656
Change-Id: I655e1680b593a3ef6eded0343d4bd2b5530a3847
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
am skip reason: Change-Id Idf0ba09cbe51cbff6a7b2a464c4651a1f7fcf343 with SHA-1 2367ba358f is in history
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1146877
Change-Id: Ic21917c6dfa1e578bd4bc2fcf963884954e37d5f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>