tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
41353 commits 1 branch 0 tags 50 MiB
Commit graph

41353 commits

This branch
This branch
All branches
Author SHA1 Message Date
Devin Moore
fdaed41d46 Give dumpstate permissions to dump the sensor HAL 
Test: adb shell dumpstate && check the bugreport
Bug: 273937310
Change-Id: I8c796dfe5fc1377a9eb14d62eee74f983b6442fc
 2023-03-16 20:51:59 +00:00
Vikram Gaur
01390087b1 Add set property permissions to RKPD application. 
Test: atest RkpdAppGoogleIntegrationTests
Change-Id: Ib1680319f7299b27aab2cc36cc917a8da35ec216
 2023-03-16 18:05:10 +00:00
Maciej Żenczykowski
737ee6ee89 clatd.te - no longer need netlink 
After:
  https://android-review.git.corp.google.com/c/platform/external/android-clat/+/2491075
  clatd: remove ipv6 address monitoring

clatd no longer does any netlink.

Test: TreeHugger, ping 1.1.1.1 on ipv6-only network works
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Id1c87b926a75c94f3c0ede04effd73c25844fefd
 2023-03-16 10:53:18 +00:00
Treehugger Robot
964872fbe5 Merge "Allow composd to enable fs-verity to compiled artifacts" am: 15c64f5a21 am: 05d1c76bf9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2488601

Change-Id: I2f0beca46bec3a4469b4bc7d49e1d4524987387b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 18:24:56 +00:00
Treehugger Robot
05d1c76bf9 Merge "Allow composd to enable fs-verity to compiled artifacts" am: 15c64f5a21 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2488601

Change-Id: I3c7bcfe68eb5c0fdaf14618ecff76201667ecad1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 17:47:01 +00:00
Treehugger Robot
15c64f5a21 Merge "Allow composd to enable fs-verity to compiled artifacts" 2023-03-15 17:04:04 +00:00
Victor Hsieh
a115d49cd6 Allow composd to enable fs-verity to compiled artifacts 
Bug: 272587415
Test: com.android.tests.odsign.CompOsSigningHostTest
Change-Id: Icfdf72478481492a18a231e63faac0492a1e4536
 2023-03-15 08:14:52 -07:00
Treehugger Robot
e8776c20b6 Merge "Move cardisplayproxyd to system_ext" am: a5dbf64602 am: eb879ba0b1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2486580

Change-Id: I61578f6557b5f4cfc5a9722f72f7eb6bf2d2d3ff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 06:44:49 +00:00
Treehugger Robot
eb879ba0b1 Merge "Move cardisplayproxyd to system_ext" am: a5dbf64602 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2486580

Change-Id: I2ef2d356502c5f29c5ecfc873d98afe85da7b430
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 06:10:00 +00:00
Treehugger Robot
a5dbf64602 Merge "Move cardisplayproxyd to system_ext" 2023-03-15 05:31:20 +00:00
Nikita Ioffe
ca0aad6185 Merge "Add selinux rules for perfetto daemones" am: 103794c43c am: b164310273 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2468440

Change-Id: Iacfd179c752a6d1d505faf9a970c95cc815ea5b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 23:21:55 +00:00
Xin Li
77a960ac8a [automerger skipped] Merge Android 13 QPR2 am: 8086fce77e -s ours am: ebd51b2c49 -s ours 
am skip reason: Merged-In Id5f052116834034a9e4fd5c3adf17d3d7ef6610a with SHA-1 a8b6900a49 is already in history

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2487130

Change-Id: Ic81ddb542e28fece912b7409316c1687ef85f007
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 23:06:11 +00:00
Nikita Ioffe
b164310273 Merge "Add selinux rules for perfetto daemones" am: 103794c43c 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2468440

Change-Id: Ide807183e07b0008c7266e9b96302eb4b85dc8fd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 23:01:43 +00:00
Tri Vo
4bb2d30701 Remove RemoteProvisioner and remoteprovisioning services 
Bug: 273325840
Test: keystore2_test
Change-Id: I295ccdda5a3d87b568098fdf97b0ca5923e378bf
 2023-03-14 15:45:35 -07:00
Xin Li
ebd51b2c49 [automerger skipped] Merge Android 13 QPR2 am: 8086fce77e -s ours 
am skip reason: Merged-In Id5f052116834034a9e4fd5c3adf17d3d7ef6610a with SHA-1 a8b6900a49 is already in history

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2487130

Change-Id: I87e3a8ec615e2b75a758f6b13befac950ceccd5f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 22:32:17 +00:00
Nikita Ioffe
103794c43c Merge "Add selinux rules for perfetto daemones" 2023-03-14 22:06:34 +00:00
Nikita Ioffe
6069e7c8f2 Add selinux rules for perfetto daemones 
Note: this is a somewhat minimal set of rules required to be able to
capture traces on Microdroid. After the trace is captured I still see a
bunch of SELinux denials. We might need to add more allow rules in the
follow up changes.

Bug: 249050813
Test: boot Microdroid VM, capture traces with record_android_traces
Change-Id: I62098fb79a8db65706a5bb28c8acce7ff3821f15
 2023-03-14 15:07:54 +00:00
Changyeon Jo
fc0b3da21f Move cardisplayproxyd to system_ext 
Bug: 218588089
Bug: 273324345
Test: 1. m -j selinux_policy
      2. Build cf_x86_64_auto lunch target.
      3. Launch cvd in the accelerated graphics mode.
      4. Run evs_app and confirm the color bar pattern is shown on the
         display.
         > adb root && adb shell evs_app --test
      6. Do the same on sdk_car_x86_64 lunch target.
Change-Id: I1f570e7d43981ce2f5a7ae0d78ee3d5bfa8c7576
 2023-03-14 14:28:28 +00:00
Xin Li
8086fce77e Merge Android 13 QPR2 
Bug: 273316506
Merged-In: Id5f052116834034a9e4fd5c3adf17d3d7ef6610a
Change-Id: I8eeb4e5dc1c7257f1b4ae83b8088fb9c2b7d81c0
 2023-03-13 23:11:40 -07:00
Ioannis Ilkos
c3fa8c0d82 update api=33 sepolicy prebuilts for perfetto oome heap dumps 
Bug: 272719059
Ignore-AOSP-First: tm-qpr-dev backports
Change-Id: I7e0703ce8fb8fb46217f67046c19fb71653bc86e
 2023-03-13 17:48:46 +00:00
Ioannis Ilkos
900d221a1f Fix incorrect domain used in system_server.te 
This was accidentally copied and pasted from the app domain. The intent
was for system_server to be able to read the prop.

Test: manually
Bug: 269246893
Bug: 272719059
Ignore-AOSP-First: tm-qpr-dev backport
Change-Id: I78d5fa62a2e112d3bf363b8d96348a645ef4caaa
Merged-In: I78d5fa62a2e112d3bf363b8d96348a645ef4caaa
 2023-03-13 17:45:42 +00:00
Ioannis Ilkos
ddd99acbb8 Sysprop for the count of active OOME tracing sessions 
In order for ART code to call perfetto DataSource::Trace() we need to
wait for all data source instances to have completed their setup. To do
so, we need to know how many of them exist.

This introduces a new sysprop traced.oome_heap_session.count, writeable
by perfetto traced and readable by apps and system_server that can be
used to communicate this.

See go/art-oom-heap-dump for more details

Test: manual, atest HeapprofdJavaCtsTest
Bug: 269246893
Bug: 272719059
Ignore-AOSP-First: tm-qpr-dev backport
Change-Id: Ib8220879a40854f98bc2f550ff2e7ebf3e077756
Merged-In: Ib8220879a40854f98bc2f550ff2e7ebf3e077756
 2023-03-13 17:45:35 +00:00
Ryan Savitski
be99ac546a update api=33 sepolicy prebuilts for perfetto profiling of system_server and sys/platform apps 
Bug: 272719059
Ignore-AOSP-First: tm-qpr-dev backports
Change-Id: Iadee4b1a04d032e901b58bc76a0b658782fe027f
 2023-03-13 17:14:04 +00:00
Ryan Savitski
b2fecc3954 tm-qpr backport: allow perfetto profiling of system_server and sys/platform apps 
This is a reduced backport of aosp/2419280, as the full change adds
domain-wide allow rules as well as neverallows, and we want to avoid
conflicts against pre-existing TM vendor policies.

This backport is downscoped to:
* system_server.te:  allow profiling system_server, runs as "system".
* system_app.te:     allow profiling all other apps running as "system",
                     e.g. com.android.settings.
* platform_app.te:   for platform-signed apps running in the normal app
                     UID range, e.g. com.android.systemui.

Merging logistics:
* AOSP and udc-dev have the full change, so prevent automerged conflicts
  via Merged-In.
* api=33 sepolicy prebuilts are in a stacked patch as those should flow
  into downstream branches, and afaiu will need to be CP'd to AOSP.

Bug: 272719059
Ignore-AOSP-First: tm-qpr-dev backport
Merged-In: I792ec1812d94b4fa9a8688ed74f2f62f6a7f33a6
Change-Id: I5de4a39b002baabad7ef9e5a21c10dc6d87295eb
 2023-03-13 17:13:54 +00:00
Pawan Wagh
48d7cb584e Merge "Adding netd and authorization fuzzers to bindings" am: 6ad15b7c74 am: 194ea6e259 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2478135

Change-Id: Ifec7436c21bb4a2ba645b98e14a52fbdeef801bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 21:20:30 +00:00
Pawan Wagh
194ea6e259 Merge "Adding netd and authorization fuzzers to bindings" am: 6ad15b7c74 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2478135

Change-Id: Iaef9f76a995c2ccc3367b9a96e25f6a8eb110fc0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 20:51:16 +00:00
Pawan Wagh
6ad15b7c74 Merge "Adding netd and authorization fuzzers to bindings" 2023-03-10 20:11:33 +00:00
Nathan Huckleberry
7bedb9d1a0 Allow vold to use FS_IOC_GET_ENCRYPTION_KEY_STATUS 
This ioctl can be used to avoid a race condition between key
reinstallation and busy files clean up.

Test: Trigger busy file clean-up and ensure that the ioctl succeeds
Bug: 140762419

Change-Id: I153c2e7b2d5eb39e0f217c9ef8b9dceba2a5a487
(cherry picked from commit ffb9f8855a)
Ignore-AOSP-First: Prebuilts needed to be updated when cherry-picking.
 2023-03-10 18:58:42 +00:00
Shikha Panwar
cf5d5051ff Microdroid sepolicy changes to handle crash export 
Change1# Add property export_tombstones.enabled - This is set by
microdroid_manager to indicate that tombstones in Microdroid be exported
out to host. This read by crash_dump (specifically tombstone_handler).

Change2# allow crash_dump to create/connect/write on vsock.

Change3# Deleting rules/domain related to tombstoned &
tombstone_transmit in Microdroid.

Test: atest MicrodroidHostTests#testTombstonesAreGeneratedUponUserspaceCrash
Test: Look for selinux denials in log
Bug: 243494912
Change-Id: Ibd607eb11202d492bcb0c4ba40a6888683420fb9
 2023-03-09 16:01:35 +00:00
Thiébaud Weksteen
825680bd17 Merge "Refactor treble_sepolicy_tests.py" am: c691211c02 am: 31b4d1ac73 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2469661

Change-Id: Id1afc97b742e668a127cae3bdb4b186dc2c71161
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 07:29:38 +00:00
Thiébaud Weksteen
31b4d1ac73 Merge "Refactor treble_sepolicy_tests.py" am: c691211c02 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2469661

Change-Id: Ic2e999ba3c74f2fdafdd9e4559e796737861d330
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 06:53:46 +00:00
Thiébaud Weksteen
c691211c02 Merge "Refactor treble_sepolicy_tests.py" 2023-03-09 06:10:48 +00:00
Pawan Wagh
9f5825c863 Adding netd and authorization fuzzers to bindings 
Test: m
Bug: 232439428
Change-Id: Ic0d94e7e6a89992619fe87f58737efddffc91408
 2023-03-08 18:37:58 +00:00
Jaewan Kim
154e678fe8 Merge "microdroid: allow init_debug_policy.sh to handle AVF debug policy" am: 11feefd839 am: 7a942187a1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2439933

Change-Id: I2ea1fe124cb173a5e60162a86243cde3abbe2f71
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-07 11:29:54 +00:00
Jaewan Kim
7a942187a1 Merge "microdroid: allow init_debug_policy.sh to handle AVF debug policy" am: 11feefd839 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2439933

Change-Id: Ia5d6bb7190ecb224f338ae2cb89b61bc6b5bf78f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-07 10:56:59 +00:00
Jaewan Kim
11feefd839 Merge "microdroid: allow init_debug_policy.sh to handle AVF debug policy" 2023-03-07 10:23:51 +00:00
Jaewan Kim
dc8ce5f8dc microdroid: allow init_debug_policy.sh to handle AVF debug policy 
Test: Boot microdroid with no issue
Bug: 2437372
Change-Id: I485228864cce58922e7e3b3eed4b9bd1c5cce306
 2023-03-07 08:27:34 +09:00
Ioannis Ilkos
77d6fce233 Fix incorrect domain used in system_server.te am: 0e978ba9f1 am: e8c801ee24 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2470105

Change-Id: Ifbe5fa9d5ae33a9d0f44470f38ddb5a84f80e0b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 22:53:23 +00:00
Ioannis Ilkos
e8c801ee24 Fix incorrect domain used in system_server.te am: 0e978ba9f1 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2470105

Change-Id: Ib00319669b979ddf0c8fd888d9d5c2c9eae60cb8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 22:16:15 +00:00
Ioannis Ilkos
0e978ba9f1 Fix incorrect domain used in system_server.te 
This was accidentally copied and pasted from the app domain. The intent
was for system_server to be able to read the prop.

Test: manually
Bug: 269246893
Change-Id: I78d5fa62a2e112d3bf363b8d96348a645ef4caaa
 2023-03-06 18:31:25 +00:00
David Brazdil
1fefb129c1 Allow system_server to kill crosvm/virtualizationmanager am: f3a922c453 am: 4bbcdf55e8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2456048

Change-Id: I4c7a200c4c6b7176f4f1b87ccdab10c10fc71076
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 17:04:40 +00:00
David Brazdil
4bbcdf55e8 Allow system_server to kill crosvm/virtualizationmanager am: f3a922c453 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2456048

Change-Id: I6b8e4c9f04f2956c95652776c75573e977d79696
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 16:28:17 +00:00
David Brazdil
f3a922c453 Allow system_server to kill crosvm/virtualizationmanager 
VirtualizationManager (and indirectly crosvm) now runs as a child
process of the client, which could be a process forked from zygote.
As a result, these get tracked as phantom processes of the client and
system_server will try to kill them if it chooses to kill the client.

Currently this does not work because system_server is not allowed
sigkill for the corresponding domains. In theory, that should not be
a problem because virtualizationmanager will automatically kill any
crosvm instances and terminate itself if its parent dies, but we should
not rely on that fact and instead give system_server the ultimate
control over app process termination.

Bug: 269461627
Test: atest MicrodroidTestApp
Change-Id: Ie0ba5388d00a51812c9424c37f2f74983bea9db8
 2023-03-06 14:31:51 +00:00
Ye Jiao
b0ccb7b46a Fix SE policy violation of Wi-Fi vendor AIDL service am: 10a639613a am: 539b81669a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2459688

Change-Id: I9da38c1cc1c6712c50caa055507597a0fbe17730
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 10:40:26 +00:00
Ye Jiao
539b81669a Fix SE policy violation of Wi-Fi vendor AIDL service am: 10a639613a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2459688

Change-Id: Iaf3b1178c1048a799e10049588a7bbdf08c6e924
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 10:05:10 +00:00
Thiébaud Weksteen
dab3b1a1c0 Refactor treble_sepolicy_tests.py 
Introduce a new class TestPolicy to capture all the previous global
variables. This class contains the constructor and loading methods
(Get*) to load its internal state. The tests are modified to accept a
TestPolicy as first argument.

This commit is a no-op. There is no change to the tests.

`git show --ignore-space-change` can be used to skip over the
re-indentation due to the new class.

Bug: 269182257
Test: m selinux_policy (runs treble_sepolicy_tests against all
			compatible versions)
Test: Set DEBUG=True, compare generated scontexts. Identical.
Change-Id: Ia8da115dc1c0109b835e03b95da029b35712d251
 2023-03-06 14:08:11 +11:00
Ye Jiao
10a639613a Fix SE policy violation of Wi-Fi vendor AIDL service 
Wi-Fi vendor AIDL service uses NDK to register itself to service
manager. AServiceManager_registerLazyService registers an
IClientCallback to service manager. The callback is invoked when there
is a transition between having >= 1 clients and having 0 clients (or
vice versa). Please check IClientCallback.aidl. As a result servicemanager may
make binder call to Wi-Fi vendor AIDL service. Since this is not allowed
per current SE policies, "avc denied" occurred:

servicemanager: type=1400 audit(0.0:248): avc: denied { call } for scontext=u:r:servicemanager:s0 tcontext=u:r:hal_wifi_default:s0 tclass=binder permissive=0

We add SE policy for hal_wifi_default to allow binder call like this.

Bug: 270511173
Test: manually build and test, check logs for avc denied

Change-Id: Ia6fcf5fc1cafff0381fc9857805bdc61cc838c1e
 2023-03-03 02:10:50 +00:00
Treehugger Robot
944863e08e Merge "Add ro.boot.serialconsole property" am: fcf62c8cf4 am: b5f39da9c9 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2450910

Change-Id: I359d481a3c9b64ba4a5cdb86ea2ca7f3a8c9f6f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-03 01:21:00 +00:00
Treehugger Robot
b5f39da9c9 Merge "Add ro.boot.serialconsole property" am: fcf62c8cf4 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2450910

Change-Id: I316ee9fc0db8abae6bab40b19acb560239d89c9f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 20:29:11 +00:00
Treehugger Robot
fcf62c8cf4 Merge "Add ro.boot.serialconsole property" 2023-03-02 20:04:33 +00:00