Commit graph

41130 commits

Author SHA1 Message Date
Pawan Wagh
194ea6e259 Merge "Adding netd and authorization fuzzers to bindings" am: 6ad15b7c74
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2478135

Change-Id: Iaef9f76a995c2ccc3367b9a96e25f6a8eb110fc0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-10 20:51:16 +00:00
Pawan Wagh
6ad15b7c74 Merge "Adding netd and authorization fuzzers to bindings" 2023-03-10 20:11:33 +00:00
Shikha Panwar
cf5d5051ff Microdroid sepolicy changes to handle crash export
Change1# Add property export_tombstones.enabled - This is set by
microdroid_manager to indicate that tombstones in Microdroid be exported
out to host. This read by crash_dump (specifically tombstone_handler).

Change2# allow crash_dump to create/connect/write on vsock.

Change3# Deleting rules/domain related to tombstoned &
tombstone_transmit in Microdroid.

Test: atest MicrodroidHostTests#testTombstonesAreGeneratedUponUserspaceCrash
Test: Look for selinux denials in log
Bug: 243494912
Change-Id: Ibd607eb11202d492bcb0c4ba40a6888683420fb9
2023-03-09 16:01:35 +00:00
Thiébaud Weksteen
31b4d1ac73 Merge "Refactor treble_sepolicy_tests.py" am: c691211c02
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2469661

Change-Id: Ic2e999ba3c74f2fdafdd9e4559e796737861d330
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-09 06:53:46 +00:00
Thiébaud Weksteen
c691211c02 Merge "Refactor treble_sepolicy_tests.py" 2023-03-09 06:10:48 +00:00
Pawan Wagh
9f5825c863 Adding netd and authorization fuzzers to bindings
Test: m
Bug: 232439428
Change-Id: Ic0d94e7e6a89992619fe87f58737efddffc91408
2023-03-08 18:37:58 +00:00
Jaewan Kim
7a942187a1 Merge "microdroid: allow init_debug_policy.sh to handle AVF debug policy" am: 11feefd839
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2439933

Change-Id: Ia5d6bb7190ecb224f338ae2cb89b61bc6b5bf78f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-07 10:56:59 +00:00
Jaewan Kim
11feefd839 Merge "microdroid: allow init_debug_policy.sh to handle AVF debug policy" 2023-03-07 10:23:51 +00:00
Jaewan Kim
dc8ce5f8dc microdroid: allow init_debug_policy.sh to handle AVF debug policy
Test: Boot microdroid with no issue
Bug: 2437372
Change-Id: I485228864cce58922e7e3b3eed4b9bd1c5cce306
2023-03-07 08:27:34 +09:00
Ioannis Ilkos
e8c801ee24 Fix incorrect domain used in system_server.te am: 0e978ba9f1
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2470105

Change-Id: Ib00319669b979ddf0c8fd888d9d5c2c9eae60cb8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-06 22:16:15 +00:00
Ioannis Ilkos
0e978ba9f1 Fix incorrect domain used in system_server.te
This was accidentally copied and pasted from the app domain. The intent
was for system_server to be able to read the prop.

Test: manually
Bug: 269246893
Change-Id: I78d5fa62a2e112d3bf363b8d96348a645ef4caaa
2023-03-06 18:31:25 +00:00
David Brazdil
4bbcdf55e8 Allow system_server to kill crosvm/virtualizationmanager am: f3a922c453
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2456048

Change-Id: I6b8e4c9f04f2956c95652776c75573e977d79696
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-06 16:28:17 +00:00
David Brazdil
f3a922c453 Allow system_server to kill crosvm/virtualizationmanager
VirtualizationManager (and indirectly crosvm) now runs as a child
process of the client, which could be a process forked from zygote.
As a result, these get tracked as phantom processes of the client and
system_server will try to kill them if it chooses to kill the client.

Currently this does not work because system_server is not allowed
sigkill for the corresponding domains. In theory, that should not be
a problem because virtualizationmanager will automatically kill any
crosvm instances and terminate itself if its parent dies, but we should
not rely on that fact and instead give system_server the ultimate
control over app process termination.

Bug: 269461627
Test: atest MicrodroidTestApp
Change-Id: Ie0ba5388d00a51812c9424c37f2f74983bea9db8
2023-03-06 14:31:51 +00:00
Ye Jiao
539b81669a Fix SE policy violation of Wi-Fi vendor AIDL service am: 10a639613a
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2459688

Change-Id: Iaf3b1178c1048a799e10049588a7bbdf08c6e924
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-06 10:05:10 +00:00
Thiébaud Weksteen
dab3b1a1c0 Refactor treble_sepolicy_tests.py
Introduce a new class TestPolicy to capture all the previous global
variables. This class contains the constructor and loading methods
(Get*) to load its internal state. The tests are modified to accept a
TestPolicy as first argument.

This commit is a no-op. There is no change to the tests.

`git show --ignore-space-change` can be used to skip over the
re-indentation due to the new class.

Bug: 269182257
Test: m selinux_policy (runs treble_sepolicy_tests against all
			compatible versions)
Test: Set DEBUG=True, compare generated scontexts. Identical.
Change-Id: Ia8da115dc1c0109b835e03b95da029b35712d251
2023-03-06 14:08:11 +11:00
Ye Jiao
10a639613a Fix SE policy violation of Wi-Fi vendor AIDL service
Wi-Fi vendor AIDL service uses NDK to register itself to service
manager. AServiceManager_registerLazyService registers an
IClientCallback to service manager. The callback is invoked when there
is a transition between having >= 1 clients and having 0 clients (or
vice versa). Please check IClientCallback.aidl. As a result servicemanager may
make binder call to Wi-Fi vendor AIDL service. Since this is not allowed
per current SE policies, "avc denied" occurred:

servicemanager: type=1400 audit(0.0:248): avc: denied { call } for scontext=u:r:servicemanager:s0 tcontext=u:r:hal_wifi_default:s0 tclass=binder permissive=0

We add SE policy for hal_wifi_default to allow binder call like this.

Bug: 270511173
Test: manually build and test, check logs for avc denied

Change-Id: Ia6fcf5fc1cafff0381fc9857805bdc61cc838c1e
2023-03-03 02:10:50 +00:00
Treehugger Robot
b5f39da9c9 Merge "Add ro.boot.serialconsole property" am: fcf62c8cf4
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2450910

Change-Id: I316ee9fc0db8abae6bab40b19acb560239d89c9f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-02 20:29:11 +00:00
Treehugger Robot
fcf62c8cf4 Merge "Add ro.boot.serialconsole property" 2023-03-02 20:04:33 +00:00
Charles Chen
d2473045b5 Merge "Enable NNAPI for isolated compute app" am: 19f9c34d2c
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2464353

Change-Id: Ieca26d4fca6fd39ee293ce7609ceb619a87c1637
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-02 18:00:37 +00:00
Charles Chen
19f9c34d2c Merge "Enable NNAPI for isolated compute app" 2023-03-02 17:07:42 +00:00
Cole Faust
de73e80b8e Replace SortedStringKeys with SortedKeys am: 22f253cdfc
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2463524

Change-Id: Id98acd71d25615c6f370e43991c375fecec51780
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-01 23:32:17 +00:00
Alistair Delva
902ca66bb8 Add ro.boot.serialconsole property
Bootloaders on Android 14 devices will set this.

Bug: 266982931
Bug: 223797063
Bug: 267428635
Change-Id: I45981baf5123090188f7b700bf5987b1ca897490
2023-03-01 20:53:38 +00:00
Charles Chen
31a7fb09be Enable NNAPI for isolated compute app
Need access to TPU/GPU for neural models in isolated_compute_app.

Bug: 266923392
Test: m
Change-Id: I2ea7c551b5fe678f383d3854ae295b448e78b460
2023-03-01 20:27:13 +00:00
Cole Faust
22f253cdfc Replace SortedStringKeys with SortedKeys
SortedStringKeys is deprecated.

Bug: 193460475
Test: presubmits
Change-Id: I8b0f62964c078ab1d29c27df8ccddf05bd171c23
2023-03-01 11:00:15 -08:00
Neil Fuller
f9cc371b35 Allow timedetector_service access 4 ephemeral apps am: 05f8ebe1db
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2458789

Change-Id: I01f709577ee85fd357b8ca7eec7c84431c8fae9f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-28 19:39:55 +00:00
Neil Fuller
05f8ebe1db Allow timedetector_service access 4 ephemeral apps
Allow timedetector_service access for ephemeral apps.

The service call behind currentNetworkTimeClock() moved from
AlarmManager to TimeDetector.

Before this change, alarm_service is accessible by ephemeral apps but
timedetector_service is not. After this change, timedetector_service is
accessible by ephemeral apps, unbreaking the call.

The breakage was not previously noticed because the test involved does
not run in the ephemeral case because of restrictions around what test
infra can do in the ephemeral case. A recent test refactor tests the
method in a different way, revealing the issue.

Bug: 270788539
Test: run cts -m CtsOsTestCases -t android.os.cts.SystemClockNetworkTimeTest#testCurrentNetworkTimeClock
Change-Id: Iafdfb9f13d473bcc65c4e60733e57f1d25c511ab
2023-02-28 10:11:28 +00:00
Seth Moore
98524e7333 Allow shell to change RKP properties am: d3bd68607e
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2456270

Change-Id: I2cf629ec5325c22199dcfe4619441a6e3d67add9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-25 04:56:10 +00:00
Seth Moore
d3bd68607e Allow shell to change RKP properties
This way, we can change things like the RKP hostname or enablement
from the shell for tests.

Bug: 265196434
Test: manual (adb shell setprop ...)
Change-Id: Ib853eaf29b395705eba57d241df064152220457e
2023-02-24 13:33:36 -08:00
Alice Wang
13e58cf7b1 [dice] Remove all the sepolicy relating the hal service dice am: 5e94b1698c
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2426073

Change-Id: I60664669f08fa3d83dfacb57ebd7da912951ad0a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-24 19:57:23 +00:00
Alice Wang
5e94b1698c [dice] Remove all the sepolicy relating the hal service dice
As the service is not used anywhere for now and in the near future.

Bug: 268322533
Test: m
Change-Id: I0350f5e7e0d025de8069a9116662fee5ce1d5150
2023-02-24 08:34:26 +00:00
Nathan Huckleberry
fd4f3224bf Merge "Allow vold to use FS_IOC_GET_ENCRYPTION_KEY_STATUS" am: a5df438a2a
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2451745

Change-Id: I131ca1785c4815a6d2fd7d4bd93c8f45ed88b345
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-24 08:30:59 +00:00
Treehugger Robot
733344c1fd Merge "Track tombstone_transmit denial" am: 0970a31811
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2452626

Change-Id: Iccd5c0b0e5ff9f347295559a425ebe7c1e6003fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-24 08:30:36 +00:00
Nathan Huckleberry
a5df438a2a Merge "Allow vold to use FS_IOC_GET_ENCRYPTION_KEY_STATUS" 2023-02-24 08:18:07 +00:00
Fenglin Wu
fe916342fc Add label for charger property
Label charger property: ro.product.charger.unplugged_shutdown_time.

Bug: 267265061
Test: update the property in charger mode
Change-Id: I6c67123ac53f489851a8ad313e8aa40f67a3786e
2023-02-24 15:58:27 +08:00
Treehugger Robot
0970a31811 Merge "Track tombstone_transmit denial" 2023-02-24 03:11:00 +00:00
Inseob Kim
1c9a82974a Track tombstone_transmit denial
Bug: 264420112
Test: N/A
Change-Id: I5caec836d540b8686ed1d8b6ceb537038db866d8
2023-02-24 00:32:55 +09:00
Nathan Huckleberry
ffb9f8855a Allow vold to use FS_IOC_GET_ENCRYPTION_KEY_STATUS
This ioctl can be used to avoid a race condition between key
reinstallation and busy files clean up.

Test: Trigger busy file clean-up and ensure that the ioctl succeeds
Bug: 140762419

Change-Id: I153c2e7b2d5eb39e0f217c9ef8b9dceba2a5a487
2023-02-23 00:49:42 +00:00
Jeffrey Carlyle
05ed381f07 Add DCK property to read SE capabilities am: 923a51af57
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2444719

Change-Id: Iaae283bfad7a7c9fe84746f09b68abee64f2266c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-22 22:50:23 +00:00
Jeffrey Carlyle
923a51af57 Add DCK property to read SE capabilities
Bug: 229777047
Test: verify that property is correcly read during system boot
Change-Id: I3c7d2fabb575864ee0a9e5277f7cb715374872c6
Signed-off-by: Jeffrey Carlyle <jcarlyle@google.com>
2023-02-22 19:58:31 +00:00
Atneya Nair
75c3754684 Merge "Allow STHAL to read model params from system" am: b2ad5b058b
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2441620

Change-Id: I057efbee332c305b37e02bacd562027e739cc6d0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-22 18:38:37 +00:00
Frederick Mayle
707bd25fdb Merge "Allow crash_dump on crosvm" am: b01c7addc2
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2441306

Change-Id: Id979ea9ff5e9f1d74d07a26fb68e0c197f91c95f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-22 18:38:16 +00:00
Atneya Nair
b2ad5b058b Merge "Allow STHAL to read model params from system" 2023-02-22 18:11:28 +00:00
Frederick Mayle
b01c7addc2 Merge "Allow crash_dump on crosvm" 2023-02-22 18:01:56 +00:00
Nikita Ioffe
475bf54d5e Merge "Add sepolicy rules for hyp ftrace instance" am: 959cbb54e8
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2441425

Change-Id: I63561b94179dda830b96afd67a744cc29c1b38e6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-22 11:47:11 +00:00
Treehugger Robot
c82b062d97 Merge "Allow dumpstate to read /data/system/shutdown-checkpoints/" am: 863cedfae6
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2422419

Change-Id: I8c47edbc31e2bf7bf0142ed0cb63af32385c6160
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-22 11:44:51 +00:00
Nikita Ioffe
959cbb54e8 Merge "Add sepolicy rules for hyp ftrace instance" 2023-02-22 11:25:54 +00:00
Treehugger Robot
863cedfae6 Merge "Allow dumpstate to read /data/system/shutdown-checkpoints/" 2023-02-22 10:21:25 +00:00
Ryan Savitski
a13f14e640 Merge "Correct hal_configstore label used in profiler rules" am: 47cb9d8a5d
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2447064

Change-Id: Ica6e2a3217a7ed669533173d0c96af335fd66ca1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-22 04:06:41 +00:00
Atneya Nair
f3096dc93d Allow STHAL to read model params from system
Test: Compiles
Bug: 269544793
Change-Id: I3ea576c6ef092b27f602b047497e5c01fe36e057
2023-02-22 03:27:29 +00:00
Ryan Savitski
47cb9d8a5d Merge "Correct hal_configstore label used in profiler rules" 2023-02-22 03:15:59 +00:00