tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
39050 commits 1 branch 0 tags 50 MiB
Commit graph

5 commits

Author SHA1 Message Date
Inseob Kim
85091cd806 Allow init to relabelto console_device 
Init will try restorecon /dev/console, together with /dev, at the second
stage boot.

Bug: 193118220
Test: atest MicrodroidHostTestCases
Change-Id: Ie9796368b54bb0773eabf5ff6feb2b4aa41d0bfa
 2022-03-22 22:11:03 +09:00
Jiyong Park
16c1ae3a3d Add use_bionic_libs macro 
... to dedupe rules for allowing access to bootstrap bionic libraries.

Bug: N/A
Test: m
Change-Id: I575487416a356c22f5f06f1713032f11d979d7d4
 2022-01-25 09:47:56 +09:00
Inseob Kim
5ee61a7628 microdroid: Narrow property permissions 
microdroid's domains have been able to read/write any properties. That's
just for convenience while bringing up microdroid. This cleans up such
global permission and grants minimal access.

Bug: 194447534
Test: atest MicrodroidHostTestCases ComposHostTestCases
Test: run microdroid demo app
Change-Id: I09ce1174d4af9c228b788a522a6ab845cafd4505
 2021-09-23 17:23:28 +09:00
Inseob Kim
0abc4fdf2b Temporarily dontaudit ueventd->tmpfs access 
This is the only blocker for SELinux denial test on microdroid. Rather
than consuming more time, this temporarily suppresses the audit message
to turn on the test.

Bug: 193118220
Test: atest MicrodroidHostTestCases -c
Change-Id: Id703107cbaae42352bebe34d0a6373f0701c0f6f
 2021-08-04 10:58:22 +00:00
Inseob Kim
e1389977e0 Move microdroid sepolicy to system/sepolicy 
Bug: 190511750
Test: boot microdroid
Change-Id: I4aa4a56e9be5103d70469c3508110a973f3e4f12
 2021-07-19 07:48:34 +00:00