Credit to Himanshu Agrawal <quic_hagraw@quicinc.com> for this fix.
Like we do with cgroup_v2, we set attribute permission to cgroup
as well.
Test: On a Go device, which uses cgroup instead of cgroup_v2
Bug: 209933729
Change-Id: I5d58c9f549d205f1a8bdce6c5fba1cc833f2b492
If FD use is not allowed, execve(2) returns EACCESS and the process is
killed by SIGSEGV.
Minijail closes any FDs by default and open /dev/null for FD 0-2. For
now, odrefresh doesn't use any FD. But until we could tell minijail to
not create FD 0-2 (which could be arguable), allow the permission.
Bug: 210909688
Test: composd_cmd async-odrefresh # exit 80 in enforced mode
Change-Id: I8643d8bfc8da03439a04491fba5ba6de663760eb
dex2oat currently uses some properties as flags (see
art/libartbase/base/flags.cc). For CompOS, we don't really need such
properties, and actually should avoid global state. So dontaudit
explicitly.
Bug: 210030607
Test: no more default_prop denials for dex2oat
Change-Id: I10852f2a7df4dac7a9389eab3f53f91328104f96
The two properties are not just prefixes. See __android_log_level in
system/logging/liblog/properties.cpp.
Bug: 210030607
Test: no longer seeing denials with default_prop in odrefresh
Change-Id: If2c9cba7aa65802e81c79c7d3d9735cbf14a6efa
The `__builtin_available` macro is used in used in several libraries in
microdroid, including liblog. The macro internally uses
ro.build.version.{codename,sdk}[1]. This change defines the context for
these properties.
[1] https://reviews.llvm.org/rG516a01b5f36d4188778a34202cd11856d70ac808
Bug: 210030607
Test: No longer seeing denied access of default_prop from odrefresh
Change-Id: I51bc52f679a174daccc05a1e2d6c9fda9e6b12cb
Added Bluetooth sysprop to be able to remove calls to
SystemProperty.set in Bluetooth module.
Tag: #feature
Bug: 197210455
Test: set/get sysprop with SystemProperties
Merged-In: I8070a493fa082ddaa16cd793ed25ad99971950c0
Change-Id: Ia390bd8b3bb064fcae252edb6307e26f07bd53e7
Bug: 209713977
Bug: 193467627
Test: local build and manual check.
Signed-off-by: Super Liu <supercjliu@google.com>
Change-Id: Ib1d2d6dcc7d6ddc6243c806a883d9252d7c081af
Previously this was always done by odrefresh. But now we are running
odrefresh in the VM we need to allow FD server to do it as its proxy.
Bug: 209572241
Bug: 209572296
Test: composd_cmd forced-oderefresh
Change-Id: I4bc10d6a3ec73789721a0541f04dd7e3865fe826
Needed because the raw and packet socket setup are moved from
clatd to netd. Netd pass the configured raw and packet sockets
to clatd. clatd needs the permission to access inherited
objects.
Test: manual test
1. Connect to ipv6-only wifi.
2. Try IPv4 traffic.
$ ping 8.8.8.8
Test:
Change-Id: If6479f815a37f56715d7650c714202fcc1ec466b
1. Move BOARD_SEPOLICY_VERS to build/make/core/config.mk where
PLATFORM_SEPOLICY_VERSION is set.
2. Remove hard-coded versions for the treble tests.
Test: build
Change-Id: I57178c9f213b089a276e35b8de1144665788e7ab
This reverts commit a0e49cea04.
Reason for revert: I don't think this was the culprit after all
Bug: 204853211
Change-Id: Iadc1c8df5ec2affcdbbf9e7bdc3eac54c47f4ebf
Update policy for new system service, used for Apps to present the
toolbar UI.
Bug: 190030331
Bug: 205822301
Test: manual. Can boot to home and get manager successfully.
Change-Id: Iee88681a93ae272a90896ccd2a6b64c26c809e82
When we compile sepolicy files into a cil file, we first gather all
sepolicy files to create a conf file, and then convert the conf file to
a cil file with checkpolicy. The problem is that checkpolicy is
sensitive to the input order; the conf file should contain statements in
a specific order: classes, initial_sid, access vectors, macros, mls,
etc.
This restriction has made Android.bp migration difficult, and we had to
create a magical module called "se_build_files" to correctly include
source files in the designated order. It works, but significant
readability problem has happened. For example, when we write
":se_build_files{.system_ext_public}", how can we easily figure out that
the tag actually includes plat public + system_ext public + reqd mask,
without taking a look at the build system code?
This change refactors the se_build_files module and se_policy_conf
module, so we can easily see the desginated files for each module, just
like we did in the Android.mk. se_policy_conf module now stably sorts
source files in an order which will make checkpolicy happy.
se_build_files module is also refactored, so one tag can represent
exactly one set of policy files, rather than doing magical works behind
the scene. For example, system_ext public policy module is changed from:
se_policy_conf {
name: "system_ext_pub_policy.conf",
// se_build_files automatically adds plat public and reqd mask
srcs: [":se_build_files{.system_ext_public}"],
}
to:
se_policy_conf {
name: "system_ext_pub_policy.conf",
// se_policy_conf automatically sorts the input files
srcs: [
":se_build_files{.plat_public}",
":se_build_files{.system_ext_public}",
":se_build_files{.reqd_mask}",
],
}
Bug: 209933272
Test: build and diff before/after
Change-Id: I97a76ed910645c1607d913fd646c27e87af0afd3
This reverts commit 72c0134384.
Reason for revert: Looks like this may have broken ComposHostTestCases
Bug: 204853211
Change-Id: I83816a49d3be056e4c9a718ea02911ca022cb984
BOARD_PLAT_VENDOR_POLICY should be used for all vendor stuff, when in
mixed sepolicy build (BOARD_SEPOLICY_VERS != PLATFORM_SEPOLICY_VERSION).
This fixes an issue that system/sepolicy/vendor has been incorrectly
used in mixed sepolicy build.
Bug: 205924657
Test: Try AOSP + rvc-dev mixed sepolicy build
1) copy cuttlefish sepolicy prebuilts from rvc-dev branch.
2) set prebuilt variables:
- BOARD_PLAT_VENDOR_POLICY
- BOARD_REQD_MASK_POLICY
- BOARD_(SYSTEM_EXT|PRODUCT)_PRIVATE_PREBUILT_DIRS
- BOARD_SEPOLICY_VERS
3) lunch aosp_cf_x86_64_phone-userdebug; m selinux_policy
4) compare $OUT/vendor/etc/selinux with rvc-dev's artifacts.
Change-Id: I2ed1e25255c825c24dab99ae4903328b0400c414
