The removal of domain_deprecated broke the ability for adbd to
pull files from /sdcard. Re-allow it.
Addresses the following denials:
avc: denied { search } for pid=2753 comm=73657276696365203530 name="/" dev="tmpfs" ino=6242 scontext=u:r:adbd:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir permissive=0
avc: denied { getattr } for pid=2755 comm=73657276696365203431 path="/sdcard" dev="rootfs" ino=5472 scontext=u:r:adbd:s0 tcontext=u:object_r:rootfs:s0 tclass=lnk_file permissive=0
Change-Id: I70257933f554abd008932c7f122dd0151f464b05
- Add a new 'dumpstate' context for system properties. This context
will be used to share state between dumpstate and Shell. For example,
as dumpstate progresses, it will update a system property, which Shell
will use to display the progress in the UI as a system
notification. The user could also rename the bugreport file, in which
case Shell would use another system property to communicate such
change to dumpstate.
- Allow Shell to call 'ctl.bugreport stop' so the same system
notification can be used to stop dumpstate.
BUG: 25794470
Change-Id: I74b80bda07292a91358f2eea9eb8444caabc5895
Certain tests depend on the ability to examine directories
in /system. Allow it to the shell user.
Addresses the following denials:
avc: denied { read } for name="egl" dev="dm-1" ino=104 scontext=u:r:shell:s0 tcontext=u:object_r:system_file:s0 tclass=dir permissive=0
Bug: 26020967
Bug: 26023420
Change-Id: I509d921e159e99164c85fae9e8b2982a47573d14
Remove bluetooth's access to tun_device. Auditallow rule demonstrates
that it's not used.
Strengthen the neverallow on opening tun_device to include all Apps.
Bug: 24744295
Change-Id: Iba85ba016b1e24c6c12d5b33e46fe8232908aac1
Properties are now broken up from a single /dev/__properties__ file into
multiple files, one per property label. This commit provides the
mechanism to control read access to each of these files and therefore
sets of properties.
This allows full access for all domains to each of these new property
files to match the current permissions of /dev/__properties__. Future
commits will restrict the access.
Bug: 21852512
Change-Id: Ie9e43968acc7ac3b88e354a0bdfac75b8a710094
Allows safetynet to scan the system partition which is made up of
files labeled system_file (already allowed) and/or files with the
exec_type attribute.
Bug: 25821333
Change-Id: I9c1c9c11bc568138aa115ba83238ce7475fbc5e4
Remove domain_deprecated from bootanim. This removes some unnecessarily
permissive rules.
As part of this, re-allow access to cgroups, proc and sysfs, removed as
a result of removing domain_deprecated.
Bug: 25433265
Change-Id: I58658712666c719c8f5a39fe2076c4f6d166616c
am: 15a1e0d41a
* commit '15a1e0d41a644a283a1b71e8807b5c64da879659':
Explicitly added permissions that were previously granted through domain_deprecated.
Remove domain_deprecated from mdnsd. This removes some unnecessarily
permissive rules from mdnsd.
As part of this, re-allow /proc/net access, which is removed as
a result of removing domain_deprecated.
Bug: 25433265
Change-Id: Ie1cf27179ac2e9170cf4cd418aea3256b9534603
Allow directory reads to allow tab completion in rootfs to work.
"pm" is crashing due to failure to access /data/dalvik-cache. Add
back in the permissions from domain_deprecated.
Allow /sdcard to work again.
Bug: 25954400
Change-Id: I48cfa92fabfa47ed3007a63b85284659ba94ea73
Addresses the following denial:
avc: denied { write } for path="/dev/cpuctl/bg_non_interactive/tasks" dev="cgroup" ino=716 scontext=u:r:shell:s0 tcontext=u:object_r:cgroup:s0 tclass=file permissive=0
which started occurring because of https://android-review.googlesource.com/184260
Bug: 25945485
Change-Id: I6dcfb4bcfc473478e01e0e4690abf84c24128045
The extra permissions are not needed. Delete them.
This change also adds read permission for /data/misc/zoneinfo
back to all domains. libc refernces this directory for timezone
related files, and it feels dangerous and of little value to
try to restrict access. In particular, this causes problems when the
shell user attempts to run "ls -la" to show file time stamps in
the correct timezone.
Bug: 25433265
Change-Id: I666bb460e440515151e3bf46fe2e0ac0e7c99f46
This allow bspatch to have same perssion as update_engine.
Also added a rule to allow update_engine to execute bspatch.
Bug: 24478450
Test: No more permission deny during delta update.
Change-Id: If94bc703b2f3fc32f901f0d7f300934316d4e9a4
libselinux stats selinuxfs, as does every process that links against
libselinux such as toolbox. grant:
allow domain selinuxfs:filesystem getattr;
domain is already granted:
allow domain self:dir r_dir_perms;
allow domain self:lnk_file r_file_perms;
allow domain self:{ fifo_file file } rw_file_perms;
To make these possible, also grant:
allow domain proc:dir search;
Change-Id: Ife6cfa2124c9d61bf908ac89a8444676acdb4259
All apps should have access to the country_detector service.
avc: denied { find } for service=country_detector pid=1802 uid=1010002 scontext=u:r:untrusted_app:s0:c522,c768 tcontext=u:object_r:country_detector_service:s0 tclass=service_manager
Bug: 25766732
Change-Id: Ie3f1a801114030dada7ad70c715a62907a2d264f
Don't mix bluetooth rules with bluetoothdomain. The bluetoothdomain
rules are used by several other SELinux domains, not just bluetooth,
and keeping them in the same file is confusing.
Change-Id: I487251ab1c1392467a39c7a87328cdaf802fc1f8
