tequilaOS/platform_system_sepolicy

Author	SHA1	Message	Date
Alex Hong	41d99a9951	Merge changes from topic "fix_missing_set_denials" am: `e79c506fe4` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2410790 Change-Id: I24358b23b958974800af032577f7b6758e0f05c8 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-02-02 14:23:14 +00:00
Alex Hong	255a5ae441	Allow vendor_init to set properties for recovery/fastbootd USB IDs am: `1abf80e5c1` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2388472 Change-Id: I01ea3a4ebb6d5111941e61f8a7e41bbff2d83a3c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-02-02 14:23:10 +00:00
Alex Hong	e79c506fe4	Merge changes from topic "fix_missing_set_denials" * changes: Add build properties for attestation feature Allow vendor_init to set properties for recovery/fastbootd USB IDs	2023-02-02 14:04:36 +00:00
Alan Stokes	8b40e907f4	Allow dex2oat access to relevant properties I noticed a bunch of denials in the logs like this: avc: denied { read } for pid=187 comm="dex2oat64" name="u:object_r:device_config_runtime_native_boot_prop:s0" dev="tmpfs" ino=76 scontext=u:r:dex2oat:s0 tcontext=u:object_r:device_config_runtime_native_boot_prop:s0 tclass=file permissive=0 But we actually want to be able to access these properties. Bug: 264496291 Test: atest android.compos.test.ComposTestCase#testOdrefreshSpeed Change-Id: I6ce8ee74a1024a9ddd6ef91e73111d68da878899	2023-02-02 11:46:12 +00:00
Alex Hong	4c23abb282	Add build properties for attestation feature The properties for attestation are congifured in build.prop files and used by frameworks Build.java. Allow vendor_init to set these properties and allow Zygote to access them. Bug: 211547922 Test: SELinuxUncheckedDenialBootTest Change-Id: I5666524a9708c6fefe113ad4109b8a344405ad57	2023-02-02 18:52:35 +08:00
Karthik Mahesh	4fc055b5cd	Merge "Add sepolicy for ODP system server service." am: `4fd76147c4` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2402876 Change-Id: I0aea8a5cc639ad2bd70b59148dfc2c463827497a Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-02-02 10:39:26 +00:00
Charles Chen	42564316e9	Merge "Creates mapping from isolated apps to isolated_compute_app" am: `3d629cdb5d` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2406772 Change-Id: I81a41abc9d44515edda23215935338d0d3d49599 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-02-02 10:39:13 +00:00
Girish	82eb62f34d	Allow communication between mediaserver & statsd am: `f9ef01a285` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2411339 Change-Id: I412e1f68e38c7b4b5f2133ce5164128d72944bb5 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-02-02 10:38:38 +00:00
Karthik Mahesh	4fd76147c4	Merge "Add sepolicy for ODP system server service."	2023-02-02 08:21:46 +00:00
Karthik Mahesh	52e5914ca4	Add sepolicy for ODP system server service. Bug: 236174677 Test: build Change-Id: Ief208b795dd05ddaa406f50a5fa91f46fe52fd71	2023-02-01 22:27:36 -08:00
Charles Chen	3d629cdb5d	Merge "Creates mapping from isolated apps to isolated_compute_app"	2023-02-02 05:41:22 +00:00
Girish	f9ef01a285	Allow communication between mediaserver & statsd Bug: 265488359 Test: atest cts/tests/media/misc/src/android/media/misc/cts/ResourceManagerTest.java Change-Id: I34bcdc3c403093af90a0e09b18842d7b872c0392	2023-02-01 22:33:28 +00:00
Florian Mayer	e17c5905a6	Merge "[MTE] Add memory_safety_native_boot namespace" am: `cbeec8f821` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2411338 Change-Id: I68c6e7830b622bcbd6d9f10527378183a53044ae Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-02-01 22:21:23 +00:00
Florian Mayer	cbeec8f821	Merge "[MTE] Add memory_safety_native_boot namespace"	2023-02-01 21:41:45 +00:00
Charles Chen	bc965c900a	Creates mapping from isolated apps to isolated_compute_app Provides mapping using the isIsolatedComputeApp to enable certain isolated process running in such domain with more hardware acceleratation. Bug: 267494028 Test: m && atest --host libselinux_test with change on android_unittest.cpp Change-Id: I9ff341de69e0ad15cb7764276e0c726d54261b84	2023-02-01 18:41:09 +00:00
Charles Chen	cbd5aa73ff	Merge "Update seapp_contexts with isIsolatedComputeApp selector" am: `eb1290f511` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2390135 Change-Id: I1145c5ed3b4fd9736c7636ad921a6235045a4f93 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-02-01 18:29:29 +00:00
Charles Chen	5317542847	Merge changes from topic "iso_compute" am: `b36ecf6caa` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2390967 Change-Id: Ib84377f876f96dfcbac94bcee9a4a9c7cf408eed Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-02-01 18:29:18 +00:00
Charles Chen	eb1290f511	Merge "Update seapp_contexts with isIsolatedComputeApp selector"	2023-02-01 17:34:48 +00:00
Charles Chen	b36ecf6caa	Merge changes from topic "iso_compute" * changes: Add isolated_compute_app domain Share isolated properties across islolated apps	2023-02-01 17:33:59 +00:00
Shikha Panwar	db1018c3ff	Merge "Allow MM to open/syncfs/close encryptedstore dir" am: `2d91b6fc97` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2376232 Change-Id: I8f9efbe0770db9346c131159c465b8e6ab88e4c5 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-02-01 11:17:22 +00:00
Shikha Panwar	2d91b6fc97	Merge "Allow MM to open/syncfs/close encryptedstore dir"	2023-02-01 11:13:01 +00:00
Alex Hong	1abf80e5c1	Allow vendor_init to set properties for recovery/fastbootd USB IDs Bug: 211547922 Test: SELinuxUncheckedDenialBootTest Test: Enter recovery/fastbootd mode $ lsusb -d 18d1: Change-Id: Ibee1210c1a70a3165e70f9b3b57e11949e412c97	2023-02-01 17:49:32 +08:00
Treehugger Robot	a2cb810593	Merge "Add selinux permissions for ro.usb.uvc.enabled" am: `11eb002e83` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2410787 Change-Id: Ie38aa8c6a5be43b53cd72214cd6f4fe16f872407 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-02-01 07:43:58 +00:00
Treehugger Robot	11eb002e83	Merge "Add selinux permissions for ro.usb.uvc.enabled"	2023-02-01 07:17:11 +00:00
Treehugger Robot	1c9645177c	Merge "Modify canhalconfigurator file context" am: `35820e6910` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2399853 Change-Id: I88dba0b0233a554e1ed2ea336df753fd335fc64c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-02-01 02:10:31 +00:00
Treehugger Robot	35820e6910	Merge "Modify canhalconfigurator file context"	2023-02-01 00:34:33 +00:00
Florian Mayer	94926f51df	[MTE] Add memory_safety_native_boot namespace Bug: 267234468 Change-Id: I248fdf58a744f0c70a26d6a8f7d4caa0a6ce8edb	2023-01-31 15:48:40 -08:00
Hongwei Wang	7476ab79ff	Merge "Allow platform_app:systemui to write protolog file" am: `f4979adab7` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2397593 Change-Id: Id077867308be1b610fd4b12ed50e87908bd5e8d2 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-01-31 20:58:01 +00:00
Hongwei Wang	f4979adab7	Merge "Allow platform_app:systemui to write protolog file"	2023-01-31 19:38:16 +00:00
Avichal Rakesh	a12d3103be	Add selinux permissions for ro.usb.uvc.enabled This CL the selinux rules for the property ro.usb.uvc.enabled which will be used to toggle UVC Gadget functionality on the Android Device. Bug: 242344221 Bug: 242344229 Test: Manually tested that the property can only be read at runtime, not written to. Change-Id: I0fd6051666d9554037acc68fa81226503f514a45	2023-01-31 11:17:50 -08:00
Charles Chen	3d4a6b7474	Add isolated_compute_app domain Provides a new domain to enable secure sensitive data processing. This allows processing of sensitive data, while enforcing necessary privacy restrictions to prevent the egress of data via network, IPC or file system. Bug: 255597123 Test: m && manual - sample app with IsolatedProcess=True can use camera service Change-Id: I401667dbcf492a1cf8c020a79f8820d61990e72d	2023-01-31 15:24:55 +00:00
Charles Chen	ccf8014492	Share isolated properties across islolated apps Introduce isolated_app_all typeattribute to share policies between isolated_app and future similar apps that wish to be enforced with isolation properties. Bug: 255597123 Test: m && presubmit Change-Id: I0d53816f71e7d7a91cc379bcba796ba65a197c89	2023-01-31 12:59:57 +00:00
Inseob Kim	1dba2f058a	Merge "Add comments on compat files" am: `beee8849a6` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2405373 Change-Id: I09be668bc0fe182d1a87c046c1002a865f7b9342 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-01-31 07:32:10 +00:00
Inseob Kim	beee8849a6	Merge "Add comments on compat files"	2023-01-31 06:34:19 +00:00
Jiakai Zhang	57d7bd317d	Merge "dontaudit dexoptanalyzer's DM file check on secondary dex files." am: `07cec2bd5e` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2407092 Change-Id: I61c2ef978c55536fcb60432f20d82b311f8e1608 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-01-31 02:41:13 +00:00
Jiakai Zhang	07cec2bd5e	Merge "dontaudit dexoptanalyzer's DM file check on secondary dex files."	2023-01-31 02:01:15 +00:00
Inseob Kim	338f81baac	Add comments on compat files To prevent further confusion. Bug: 258029505 Test: manual Change-Id: Iaa145e4480833a224b1a07fc68adb7d3e8a36e4b	2023-01-31 09:57:26 +09:00
Abhishek Pandit-Subedi	4aa7129dae	Merge "Add sysprop for LeGetVendorCapabilities" am: `107af48013` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2405121 Change-Id: Ib0dab2f71e84c42cd34fb3147ff065704a8ab5e8 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-01-30 18:41:15 +00:00
Abhishek Pandit-Subedi	107af48013	Merge "Add sysprop for LeGetVendorCapabilities"	2023-01-30 17:41:16 +00:00
Gil Cukierman	bc0f54877a	Merge "Add SELinux Policy For io_uring" am: `fab49d0a64` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2302679 Change-Id: I65aad86e82542723e96a7e24e16a597e91d7aa6c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-01-30 15:14:42 +00:00
Gil Cukierman	fab49d0a64	Merge "Add SELinux Policy For io_uring"	2023-01-30 14:38:43 +00:00
Jiakai Zhang	13909cdb3f	Allow installd to kill profman. am: `a7774c2cba` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2406753 Change-Id: I836e0c01d4356af7d125ba2ac754689239e57838 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-01-30 13:04:58 +00:00
Jiakai Zhang	a7774c2cba	Allow installd to kill profman. installd needs to kill profman if profman times out. Bug: 242352919 Test: - 1. Add an infinate loop to profman. 2. Run `adb shell pm compile -m speed-profile com.android.chrome` 3. See profman being killed after 1 minute. Change-Id: I71761eaab027698de0339d855b9a436b56580ed8	2023-01-30 11:09:08 +00:00
Jiakai Zhang	dbfa7d58b7	dontaudit dexoptanalyzer's DM file check on secondary dex files. Bug: 259758044 Change-Id: I5cf88e2f2217c03cff071f17aadd71153f170c61 Test: Presubmit	2023-01-30 07:56:10 +00:00
Alessandra Loro	3111caa958	[automerger skipped] Hide ro.debuggable and ro.secure from ephemeral and isolated applications am: `09effc0d78` -s ours am: `44785c2623` -s ours am skip reason: Merged-In I916c9795d96e4a4a453f9aed5e380f11981804e9 with SHA-1 `24d90e792e` is already in history Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2402006 Change-Id: I387d1a606d2f104e6cd85345966e3e88631c3be9 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-01-27 19:43:33 +00:00
Alessandra Loro	44785c2623	[automerger skipped] Hide ro.debuggable and ro.secure from ephemeral and isolated applications am: `09effc0d78` -s ours am skip reason: Merged-In I916c9795d96e4a4a453f9aed5e380f11981804e9 with SHA-1 `24d90e792e` is already in history Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2402006 Change-Id: I270b951dd87754c9477b3d52f00b6dc21c9bc501 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-01-27 19:03:34 +00:00
Gil Cukierman	214294ce75	Add SELinux Policy For io_uring Brings in the io_uring class and associated restrictions and adds a new macro, `io_uring_use`, to sepolicy. In more detail, this change: * Adds a new macro expands to ensure the domain it is passed can undergo a type transition to a new type, `<domain>_iouring`, when the anon_inode being accessed is labeled `[io_uring]`. It also allows the domain to create, read, write, and map the io_uring anon_inode. * Adds the ability for a domain to use the `IORING_SETUP_SQPOLL` flag during `io_uring_setup` so that a syscall to `io_uring_enter` is not required by the caller each time it wishes to submit IO. This can be enabled securely as long as we don't enable sharing of io_uring file descriptors across domains. The kernel polling thread created by `SQPOLL` will inherit the credentials of the thread that created the io_uring [1]. * Removes the selinux policy that restricted all domains that make use of the `userfault_fd` macro from any `anon_inode` created by another domain. This is overly restrictive, as it prohibits the use of two different `anon_inode` use cases in a single domain e.g. userfaultfd and io_uring. This change also replaces existing sepolicy in fastbootd and snapuserd that enabled the use of io_uring. [1] https://patchwork.kernel.org/project/linux-security-module/patch/163159041500.470089.11310853524829799938.stgit@olly/ Bug: 253385258 Test: m selinux_policy Test: cd external/liburing; mm; atest liburing_test; # requires WIP CL ag/20291423 Test: Manually deliver OTAs (built with m dist) to a recent Pixel device and ensure snapuserd functions correctly (no io_uring failures) Change-Id: I96f38760b3df64a1d33dcd6e5905445ccb125d3f	2023-01-27 11:44:59 -05:00
Charles Chen	307049222a	Update seapp_contexts with isIsolatedComputeApp selector Provide isIsolatedComputeApp selector for apps reusing _isolated user to run in domains other than isolated_app. Processes match the selector will have a default domain isolated_compute_app assigned. Also updated _isolated neverallow statements. Bug: 265540209 Bug: 265746493 Test: m && atest --host libselinux_test with change on android_unittest.cpp Change-Id: Ia05954aa6a9a9a07d6a8d1e3235a89e7b37dead9	2023-01-27 14:36:40 +00:00
Jakub Rotkiewicz	1784feae44	Bluetooth: Added sepolicy for Snoop Logger filtering Bug: 247859568 Tag: #feature Test: atest BluetoothInstrumentationTests Test: atest bluetooth_test_gd_unit Change-Id: Ic5036cc03e638e38ff87e44d61ed241f6168f335	2023-01-27 14:13:52 +00:00
Alan Stokes	1a56803c4f	Remove references to asan_extract am: `7e754a1c56` Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2402007 Change-Id: I3c2a454078585032d4af19537590705805beea8c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-01-27 12:55:02 +00:00

... 3 4 5 6 7 ...

41130 commits