tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
40517 commits 1 branch 0 tags 50 MiB
Commit graph

9038 commits

Author SHA1 Message Date
Treehugger Robot
e3df03bc24 Merge "Add permissions for remote_provisioning service" am: 61d823f9c7 am: aeaf422fe5 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2263548

Change-Id: I3f9a414795d52f29fb436d80b9beb2911fda34a0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-07 18:36:16 +00:00
Treehugger Robot
61d823f9c7 Merge "Add permissions for remote_provisioning service" 2022-12-07 18:06:41 +00:00
Treehugger Robot
93010df706 Merge "Clean up proc_fs_verity which is no longer used" am: bb689eae58 am: 4767fc3207 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2285498

Change-Id: I1a0a61e28d8656c70e3158363ccaeec9079c1885
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-07 17:53:08 +00:00
Victor Hsieh
9999e20eed Clean up proc_fs_verity which is no longer used 
The reference was deleted in aosp/2281348.

Bug: 249158715
Test: TH
Change-Id: I07f63724e876e1db99acab73836bb52a8aa867d8
 2022-12-06 09:10:41 -08:00
Seth Moore
3accea479a Add permissions for remote_provisioning service 
Bug: 254112668
Test: manual + presubmit
Change-Id: I54d56c34ad4a8199b8aa005742faf9e1e12583c3
 2022-12-06 08:46:20 -08:00
Maciej Żenczykowski
5993a3d79e add fs_bpf_loader selinux type am: e14e69a947 am: 3ce95393bc 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2323334

Change-Id: I84623b3283cbbf156d52f98143853ac653d6ffcf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-03 10:16:15 +00:00
Maciej Żenczykowski
60105260e7 remove init/vendor_init access to bpffs_type am: ebb45f9dea am: e000271a3c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2323317

Change-Id: Ibf8f9deb3695361398adcb3e5ff0e94423a318ea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-02 15:19:13 +00:00
Maciej Żenczykowski
e14e69a947 add fs_bpf_loader selinux type 
To be used for things that only the bpfloader should be access.

Expected use case is for programs that the bpfloader should load,
pin into the filesystem, *and* attach.

[ie. no need for anything else to attach the programs]

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I035d3fcbf6cee523e41cdde23b8edc13311a45e8
 2022-12-02 12:26:49 +00:00
Maciej Żenczykowski
ebb45f9dea remove init/vendor_init access to bpffs_type 
There should be no need for this and it fixes a long outstanding TODO.

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Id1764cbc713addbbda6827fe6c6689e45e8f584c
 2022-12-02 12:26:03 +00:00
Treehugger Robot
2e04039b01 Merge "Provide network permissions to RKPD app." am: 89248159da am: cbe84dcb4d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2324014

Change-Id: Id777e36429984aef86b96674cc1fe6063de4cbc5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 22:32:02 +00:00
Vikram Gaur
592b345626 Provide network permissions to RKPD app. 
Test: TH
Change-Id: I5f721f5b3066ea95780487286a03b7028f11a3d5
 2022-12-01 18:54:08 +00:00
Steven Moreland
48b2b2e79b Merge "sepolicy for SE HAL" am: c3802445d0 am: ab6bb503e9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2285333

Change-Id: I2f259455750223b84731cd14b37671e5759373db
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-29 23:33:05 +00:00
Steven Moreland
c3802445d0 Merge "sepolicy for SE HAL" 2022-11-29 22:30:40 +00:00
Keir Fraser
901a778340 Merge "Adjust policy for hypervisor system properties" am: 255de93341 am: 6aea0833a1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2314862

Change-Id: I3510f7513fe450c21099fa9cdac6606f5726fb34
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-24 13:40:18 +00:00
Keir Fraser
84bb5eeccb Adjust policy for hypervisor system properties 
1. Allow them to be configured by vendor_init.
2. Introduce a new system property
   hypervisor.memory_reclaim.supported, which is configured by
   vendor_init and accessed only by virtualizationservice, and is not
   as widely accessible as the existing hypervisor sysprops.

Bug: 235579465
Test: atest MicrodroidTests
Change-Id: I952432568a6ab351b5cc155ff5eb0cb0dcddf433
 2022-11-24 10:23:58 +00:00
Alessandra Loro
c14a52f3b4 Merge "Hide ro.debuggable and ro.secure from ephemeral and isolated applications" am: 790d6b99ee am: 37db54ead6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2308440

Change-Id: I3d5320e7ff5d79c6f9741d3be72176b5cc63b214
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-21 15:39:02 +00:00
Alessandra Loro
790d6b99ee Merge "Hide ro.debuggable and ro.secure from ephemeral and isolated applications" 2022-11-21 14:34:40 +00:00
Treehugger Robot
61cd5fa9b3 Merge "allow com.android.vending to access vendor_apex_file" am: 25ccbc7d90 am: cd2ca82f6d 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2237570

Change-Id: I8b044c81808b8fc05a34d81f7b5aedacdad05b8b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-21 08:20:54 +00:00
Treehugger Robot
25ccbc7d90 Merge "allow com.android.vending to access vendor_apex_file" 2022-11-21 07:18:37 +00:00
Etienne Ruffieux
e701db71ea Merge "Add bluetooth_prop to system_server sepolicy." am: fb4ca780fe am: 65c71b2657 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2299497

Change-Id: I1b1bdafe7992d498a2d48793ed32e01d1ae5a331
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-18 23:12:32 +00:00
Etienne Ruffieux
fb4ca780fe Merge "Add bluetooth_prop to system_server sepolicy." 2022-11-18 22:08:11 +00:00
Devin Moore
34ef290b1e Merge "Add sepolicy for new AIDL sensorservice" am: 45d8baf70d am: dce4fb0d63 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2292579

Change-Id: I8ecdfc673b39f53f2d21990c18066cf1016ad92c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-18 20:04:23 +00:00
Devin Moore
45d8baf70d Merge "Add sepolicy for new AIDL sensorservice" 2022-11-18 19:21:47 +00:00
Alessandra Loro
24d90e792e Hide ro.debuggable and ro.secure from ephemeral and isolated applications 
Bug: 193912100
Test: N/A

Change-Id: I916c9795d96e4a4a453f9aed5e380f11981804e9
 2022-11-18 14:13:36 +00:00
Seth Moore
2cface3262 Merge "Add new appdomain for RKPD mainline app" am: dcef71f890 am: 121ad0534e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2276971

Change-Id: I2f63a743771dd01b732a4bfe53e2de4ef856271c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-17 16:23:09 +00:00
Seth Moore
dcef71f890 Merge "Add new appdomain for RKPD mainline app" 2022-11-17 15:45:18 +00:00
Seth Moore
71fa94edae Add new appdomain for RKPD mainline app 
This app talks to the remote provisioning HALs, and therefore requires
access to the tee_device domain.

Bug: 254112668
Test: Manually verify rkpd can run and find remote provisioning hals
Change-Id: I876b0890f3d4e8956406d73e956084b99488ce56
 2022-11-16 12:55:31 -08:00
Chris Paulo
d22ef9a1ae system/sepolicy: Update prebuilts for adaptive haptics system prop am: 272f84ebb5 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/20469962

Change-Id: I45394ed8306e8654034bbcb201bde437bab2744d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-16 20:52:17 +00:00
Chris Paulo
272f84ebb5 system/sepolicy: Update prebuilts for adaptive haptics system prop 
Update prebuilts and api compat for the adaptive haptics restricted
system property.

Bug: 198239103
Test: Verified functionality
Ignore-AOSP-First: Prebuilts on top of aosp/2300027
Change-Id: I2e299053cc2ebdb5d69aa8d3551e602609daaeaf
Signed-off-by: Chris Paulo <chrispaulo@google.com>
 2022-11-16 17:12:30 +00:00
Chris Paulo
2a3c5cbca3 system/sepolicy: Add adaptive haptics system prop 
Add system prop for adaptive haptics feature

Bug: 198239103
Test: Verified functionality
Ignore-AOSP-First: Cherry pick of aosp/2300027
Change-Id: I67a8047d015e007d22cbd54bc4f9a2fea0527b49
Merged-In: I67a8047d015e007d22cbd54bc4f9a2fea0527b49
Merged-In: I5dd21700c9f64d08785855436c4c5eeb2e88a616
Signed-off-by: Chris Paulo <chrispaulo@google.com>
 2022-11-16 17:09:36 +00:00
Steven Moreland
4c6586817a sepolicy for SE HAL 
Bug: 205762050
Test: N/A
Change-Id: I76cd5ebc4d0e456a3e4f1aa22f5a932fb21f6a23
 2022-11-15 22:41:09 +00:00
Sandro
bcc04e69fc Move get_prop rules from public/domain.te to private/domain.te 
This way we can prevent private types (e.g., sdk_sandbox) from accessing
those properties.

Bug: 210811873
Test: m -j, boot device
Change-Id: Idbcc4928c8d0d433f819d8b114e84a5f09466ad0
 2022-11-15 17:05:11 +00:00
Deyao Ren
dfb3182725 allow com.android.vending to access vendor_apex_file 
Widevine is now in an APEX. com.android.vending tries to access widevine
apex, which results in a sepolicy error. Modifying sepolicy to allow
com.android.vending to access apex directory.

Bug: 247100406
Test: https://android-build.googleplex.com/builds/abtd/run/L54600000956675013
Change-Id: Ie73411dbe1c35027cb498c2cfa6847515a41d08a
 2022-11-15 13:28:49 +09:00
Seungjae Yoo
b43e1b1c19 Merge "Allow reading proc file in crosvm process for reading cpu/mem stat in VM" 2022-11-15 01:47:50 +00:00
Devin Moore
e714ba95ed Add sepolicy for new AIDL sensorservice 
Test: boot cuttlefish and check for avc denials
Bug: 205764765
Change-Id: Ie9d02b43250ca3c5f642b2d87d2a5b532a9b5195
 2022-11-14 17:26:24 +00:00
Treehugger Robot
bc37c334e5 Merge "Add adaptive haptics restricted system property" 2022-11-14 10:52:56 +00:00
Chris Paulo
ad2f883271 Add adaptive haptics restricted system property 
Create adaptive haptics system property to store adaptive haptics enable
state.

Bug: 198239103
Test: Verified system property usage
Change-Id: I5d4f0a5c8ec4a5b0ce18bc03a6d30879dd76d58b
Signed-off-by: Chris Paulo <chrispaulo@google.com>
 2022-11-14 09:20:56 +00:00
Seungjae Yoo
9f240f2d68 Allow reading proc file in crosvm process for reading cpu/mem stat in VM 
Bug: 257159905
Test: N/A
Change-Id: Ica4da2f7f29be2c4f3f9446040247bee36e42f1a
 2022-11-14 15:24:27 +09:00
Max Bires
37992dce8d Merge "Allow shell to call IRemotelyProvisionedComponent" 2022-11-12 00:20:34 +00:00
Etienne Ruffieux
3b39e92bd9 Add bluetooth_prop to system_server sepolicy. 
We need to be able to access Bluetooth sysprops from
BluetoothManagerService.

Bug: 217292806
Test: atest CtsBluetoothTestCases
Tag: #feature
Change-Id: Ia4d5d286ccf94f61bbc87e9063d22b8822806e5c
 2022-11-10 18:00:55 -08:00
Jeff Pu
1c92a1262e Merge "Add properties for virtual fingerprint HAL" 2022-11-10 23:29:29 +00:00
Sandeep Dhavale
d64fb55474 Merge "Fastboot AIDL Sepolicy changes" 2022-11-10 18:29:00 +00:00
Treehugger Robot
c041485773 Merge "Use CAP_SYS_RESOURCE instead of CAP_IPC_LOCK for crosvm" 2022-11-10 18:24:04 +00:00
David Brazdil
88f98d96da Use CAP_SYS_RESOURCE instead of CAP_IPC_LOCK for crosvm 
Instead of giving CAP_IPC_LOCK to crosvm, give virtualizationservice
CAP_SYS_RESOURCE so it can modify the rlimit_memlock of itself and its
children. This is done in preparation for running crosvm as a child
process of the requestor, in which case it will not have the option to
use CAP_IPC_LOCK anymore, but it also allows us to set an upper bound on
the amount of pinnable memory if necessary.

Bug: 204298056
Bug: 245727626
Test: atest MicrodroidTestApp
Change-Id: Ic7f161fe4232440a0dd9924d971f22fc053d973b
 2022-11-10 16:18:35 +00:00
Jeff Pu
be8ede8c35 Add properties for virtual fingerprint HAL 
Bug: 228638448
Test: N/A
Change-Id: I58bfe2dd7f359b00203a1d10351ccdc5001bb166
 2022-11-10 09:50:16 -05:00
Sandeep Dhavale
f0ea953e60 Fastboot AIDL Sepolicy changes 
Bug: 205760652
Test: Build & flash
Change-Id: I2709c5cc2ca859481aac6fecbc99fe30a52a668b
Signed-off-by: Sandeep Dhavale <dhavale@google.com>
 2022-11-09 22:21:27 +00:00
Max Bires
4d3dcd64d3 Allow shell to call IRemotelyProvisionedComponent 
This change gives the shell process the needed permissions to call the
rkp_factory_extraction_tool without also granting the ability to access
the KeyMint HAL service.

To run the tool from a shell accessible folder, push
rkp_factory_extraction_tool to /data/local/tmp with:

adb push out/target/product/<path/to/tool>/rkp_factory_extraction_tool \
/data/local/tmp

Test: the tool can be executed in SELinux enforcing mode
Change-Id: Idebebffa9bb405d527ab37c17030db3999efe3d1
 2022-11-09 12:42:28 -08:00
Lakshman Annadorai
4d277b7baa Revert "Add sepolicies for CPU HAL." 
This reverts commit f4ab6c9f3c.

Reason for revert: CPU HAL is no longer required because the CPU frequency sysfs files are stable Linux Kernel interfaces and could be read directly from the framework.

Change-Id: I8e992a72e59832801fc0d8087e51efb379d0398f
 2022-11-09 16:47:07 +00:00
Lakshman Annadorai
f4ab6c9f3c Add sepolicies for CPU HAL. 
Change-Id: Ia091bf8f597a25351b5ee33b2c2afc982f175d51
Test: Ran `m; emulator; adb logcat -b all -d > logcat.txt;`
      and verified CPU HAL is running without any sepolicy violation.
Bug: 252883241
 2022-11-04 18:13:00 +00:00
Sandro
080c579d47 Move get_prop rules from public/app.te to private/app.te 
This way we can prevent private types (e.g., sdk_sandbox) from accessing
those properties.

Bug: 210811873
Test: m -j, boot device
Change-Id: I55e3a4b76cabb6f47cee0972e6bad30565f0db7a
 2022-11-04 09:34:22 +00:00