Commit graph

32886 commits

Author SHA1 Message Date
Geremy Condra
6d6c617f6d Merge "Whitespace and doxygen fix" 2013-03-19 22:35:44 +00:00
Stephen Smalley
ee80bfb9cf Add policy assertions (neverallow rules).
Change-Id: I384ea9516a5ed2369f7fa703499e284e29a2c0eb
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-03-19 22:30:03 +00:00
Geremy Condra
c0890c899f Merge "Allow domain to random_device" 2013-03-19 22:29:32 +00:00
Robert Craig
d98d26ef3c property_contexts checks added to checkfc.
Change-Id: If361ea93fabd343728196eed2663fd572ecaa70b
Signed-off-by: Robert Craig <rpcraig@tycho.ncsc.mil>
2013-03-19 22:28:46 +00:00
William Roberts
6a64897a4b Do not allow access to device:chr_file for system
Also labels /dev/mpu and /dev/mpuirq as gps device.
mpu is motion processing unit and is resposible for
gyroscope functionality.

Change-Id: If7f1a5752c550b72fac681566e1052f09e139ff0
2013-03-19 22:27:03 +00:00
rpcraig
1c8464e136 App data backup security policy.
Policy covers:

 * backup_data_file type for labeling all
   files/dirs under /data dealing with
   backup mechanism.

 * cache_backup_file type for labeling all
   files/dirs under /cache dealing with
   backup mechanism. This also covers the
   the use of LocalTransport for local archive
   and restore testing.

 * the use of 'adb shell bmgr' to initiate
   backup mechanism from shell.

 * the use of 'adb backup/restore' to archive
   and restore the device's data.

Change-Id: I700a92d8addb9bb91474bc07ca4bb71eb4fc840e
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
2013-03-19 22:22:10 +00:00
Geremy Condra
c57dbccb50 Merge "Change security policy so all apps can read /dev/xt_qtaguid." 2013-03-19 22:21:49 +00:00
Geremy Condra
5988bbf8a2 Merge "Dynamic insertion of pubkey to mac_permissions.xml" 2013-03-19 22:17:29 +00:00
Geremy Condra
04598de872 Merge "Replaceable mac_permission.xml support" 2013-03-19 22:17:10 +00:00
Geremy Condra
669f679243 Merge "mediaserver.te refactor" 2013-03-19 22:16:49 +00:00
Geremy Condra
eeafabde61 Merge "Label persist audio properties" 2013-03-19 22:16:31 +00:00
Stephen Smalley
17e91e8915 am e468016b: zygote requires setpcap in order to drop from its bounding set.
* commit 'e468016b1bd79b505e62fd410f59a03bad8bbe06':
  zygote requires setpcap in order to drop from its bounding set.
2013-02-19 12:28:38 -08:00
Stephen Smalley
e468016b1b zygote requires setpcap in order to drop from its bounding set.
I8560fa5ad125bf31f0d13be513431697bc7d22bb changed the zygote
to limit the bounding capability set to CAP_NET_RAW.  This triggers
a CAP_SETPCAP check by the kernel, which requires SELinux setpcap permission.

Change-Id: Ib910d97dcf708273e2806e2824f4abe9fc239d6d
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-02-19 13:20:55 -05:00
William Roberts
40356b993a Allow domain to random_device
Change-Id: I1a728cbc78e30c0b43309acc125169528d352f11
2013-01-30 10:40:58 -08:00
Stephen Smalley
78ec44500b am 58b0fb6d: Fix invalid specification for adb_keys.
* commit '58b0fb6ddee7257a6a27f31ba97d47fa23efac15':
  Fix invalid specification for adb_keys.
2013-01-11 15:34:38 -08:00
Stephen Smalley
58b0fb6dde Fix invalid specification for adb_keys.
A prior change added an entry for adb_keys without any security context,
yielding warnings like the following during build:
out/target/product/manta/root/file_contexts:  line 7 is missing fields, skipping

This adds the missing security context field.

Change-Id: If48731c8aa7d22a3f547d0854f288ff68f9006da
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-01-11 15:05:03 -05:00
Colin Cross
19740e1806 am 92b9aa0e: add file_contexts entries for root filesystem
* commit '92b9aa0eeff49e5bc3dc6297f3d35ec41d6ab73d':
  add file_contexts entries for root filesystem
2012-12-28 09:47:47 -08:00
Colin Cross
92b9aa0eef add file_contexts entries for root filesystem
It may be useful to generate an ext4 image of the root filesystem
instead of using a ramdisk.  Whitelist entries in file_contexts to
support selinux labeling a root filesystem image.

Change-Id: I91a38d0aee4408c46cbfe5dc5e6eda198572e90f
2012-12-21 13:55:25 -08:00
William Roberts
22fc04103b Dynamic insertion of pubkey to mac_permissions.xml
Support the inseretion of the public key from pem
files into the mac_permissions.xml file at build
time.

Change-Id: Ia42b6cba39bf93723ed3fb85236eb8f80a08962a
2012-12-08 09:26:37 +09:00
William Roberts
2c8a55dcf4 Replaceable mac_permission.xml support
Support overriding ma_permissions.xml
in BOARD_SEPOLICY_REPLACE

Change-Id: If0bca8bf29bc431a291b6d7b20de132e68cd6a79
2012-12-06 05:57:49 +09:00
rpcraig
4c266ba1bc Change security policy so all apps can read /dev/xt_qtaguid.
Generic init.rc allows any process to use
socket tagging. Adjust app policy to ensure
that any app can read from the misc device.

Change-Id: I4076f0fbc1795f57a4227492f6bfc39a4398ffa5
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
2012-12-05 10:08:19 -05:00
William Roberts
4e030c2a0f mediaserver.te refactor
Change-Id: Ieaff9f3362c71e25e5c8e7204397a85ff14fff97
2012-11-28 12:18:30 -08:00
William Roberts
e2ad318e45 Label persist audio properties
label all persist.audio.* properties
and allow mediaserver access to them.

Change-Id: If5755d9783dce298e66a25bcb7f17ff17bd83ea7
2012-11-28 12:15:02 -08:00
William Roberts
fff2980a1a Whitespace and doxygen fix
Change-Id: I7b6ad050051854120dc8031b17da6aec0e644be3
2012-11-27 14:20:34 -08:00
Stephen Smalley
7e7003ca16 am e8848726: Add policy for run-as program.
* commit 'e8848726553e3abee6033200c98a657c9ca7cdb8':
  Add policy for run-as program.
2012-11-27 11:25:43 -08:00
Kenny Root
ab1a61f28c am fdaa7869: Merge "README for configuration of selinux policy"
* commit 'fdaa7869a5541b55413f59845dc5f7c56bab0614':
  README for configuration of selinux policy
2012-11-27 11:25:43 -08:00
William Roberts
8afb51c117 am c34a2527: Allow shell to connect to property service
* commit 'c34a2527837daeeef51cde0fe77582d51a3bc744':
  Allow shell to connect to property service
2012-11-27 11:25:42 -08:00
Stephen Smalley
e884872655 Add policy for run-as program.
Add policy for run-as program and label it in file_contexts.
Drop MLS constraints on local socket checks other than create/relabel
as this interferes with connections with services, in particular for
adb forward.

Change-Id: Ib0c4abeb7cbef559e150a620c45a7c31e0531114
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2012-11-27 10:05:42 -08:00
Kenny Root
fdaa7869a5 Merge "README for configuration of selinux policy" 2012-11-27 09:56:59 -08:00
William Roberts
c34a252783 Allow shell to connect to property service
Change-Id: I06ea2b400cc826c684b6ad25e12b021c2667b48a
2012-11-27 08:18:52 -08:00
William Roberts
3f1ed6ec62 README for configuration of selinux policy
This README intends to document the various configuration options
that exist for specifiying device specific additions to the policy.

Change-Id: I7db708429a67deeb89b0c155a116606dcbbbc975
2012-11-26 17:16:05 -08:00
Stephen Smalley
ba95362533 am 61c80d5e: Update policy for Android 4.2 / latest master.
* commit '61c80d5ec8632cadcf754eed0986b23284217c06':
  Update policy for Android 4.2 / latest master.
2012-11-19 11:25:54 -08:00
Stephen Smalley
61c80d5ec8 Update policy for Android 4.2 / latest master.
Update policy for Android 4.2 / latest master.
Primarily this consists of changes around the bluetooth subsystem.
The zygote also needs further permissions to set up /storage/emulated.
adbd service now gets a socket under /dev/socket.
keystore uses the binder.

Change-Id: I8c5aeb8d100313c75169734a0fa614aa974b3bfc
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2012-11-19 09:55:10 -05:00
Jean-Baptiste Queru
82616b4f14 am eab23895: Merge "Revert "Include su.te only for userdebug/eng builds."" into jb-mr1-dev-plus-aosp
* commit 'eab23895cd13ccb2a552dd9713bd1e88cf41e522':
  Revert "Include su.te only for userdebug/eng builds."
2012-11-01 14:24:33 -07:00
Jean-Baptiste Queru
eab23895cd Merge "Revert "Include su.te only for userdebug/eng builds."" into jb-mr1-dev-plus-aosp 2012-11-01 14:21:26 -07:00
Kenny Root
6b3c9e1d3d am 8c87a18d: am df822f41: Merge "Add SELinux policy for asec containers."
* commit '8c87a18d39db0104d97d72ed51e4654c9d29fd4b':
  Add SELinux policy for asec containers.
2012-11-01 14:18:41 -07:00
Alice Chu
dccd2395c1 am eefaa83d: am cdfb06f5: Moved Android policy tools to tools directory
* commit 'eefaa83d4c8437b216718115f6d4d407b2e9d0d8':
  Moved Android policy tools to tools directory
2012-11-01 14:18:41 -07:00
Kenny Root
8c87a18d39 am df822f41: Merge "Add SELinux policy for asec containers."
* commit 'df822f4168b71629e336e3f484028b510ed21ee4':
  Add SELinux policy for asec containers.
2012-11-01 14:15:23 -07:00
Alice Chu
eefaa83d4c am cdfb06f5: Moved Android policy tools to tools directory
* commit 'cdfb06f55394d68a7df1110d83070961a2cc52aa':
  Moved Android policy tools to tools directory
2012-11-01 14:15:23 -07:00
Kenny Root
df822f4168 Merge "Add SELinux policy for asec containers." 2012-11-01 13:54:37 -07:00
Kenny Root
9ceb47b0c0 Revert "Include su.te only for userdebug/eng builds."
This reverts commit af56ac1954.

Change-Id: Id658a90b58ea31365051c0878c58393fd055fc69
2012-11-01 13:17:29 -07:00
Alice Chu
cdfb06f553 Moved Android policy tools to tools directory
Change-Id: I57b0dd9f8071eae492020f410c87f465ba820711
2012-11-01 11:33:04 -07:00
Alice Chu
9eeb758f55 am 83dde220: am f6647eb9: Change 0 to NULL Byte
* commit '83dde22099e69b7751d112b061ca22e24cac639c':
  Change 0 to NULL Byte
2012-10-31 10:46:23 -07:00
Alice Chu
83dde22099 am f6647eb9: Change 0 to NULL Byte
* commit 'f6647eb9f40a6a3d6dc3c1374d583e176a735498':
  Change 0 to NULL Byte
2012-10-31 10:44:02 -07:00
Alice Chu
f6647eb9f4 Change 0 to NULL Byte
Change-Id: I16b47f8dbf64e8dffb550b5a89321f920604ef7a
2012-10-30 16:27:00 -07:00
Kenny Root
2d086adc06 am a2517b20: resolved conflicts for merge of 47cd396b to jb-mr1-dev-plus-aosp
* commit 'a2517b20cb340a6dd19c846b21f34ed0244b65d6':
  Add better per-device sepolicy support.
2012-10-30 10:11:28 -07:00
Kenny Root
a2517b20cb resolved conflicts for merge of 47cd396b to jb-mr1-dev-plus-aosp
Change-Id: I3112f4cf0fafb6e7e3c9c60084a097f5e6190c22
2012-10-29 16:49:22 -07:00
rpcraig
47cd396b11 Add better per-device sepolicy support.
This is a rewrite of the existing implementation.
Three new variables are now needed to add/modify
the exisitng base policy. They are, BOARD_SEPOLICY_REPLACE
and BOARD_SEPOLICY_UNION which govern what files
are replaced and concatenated, and BOARD_SEPOLICY_DIRS
which lists the various directories that will contain
the BOARD_SEPOLICY_REPLACE and BOARD_SEPOLICY_UNION
policy files.

Change-Id: Id33381268cef03245c56bc5242fec7da9b6c6493
Signed-off-by: rpcraig <robertpcraig@gmail.com>
2012-10-26 11:17:24 -07:00
Ying Wang
467f85bb8a am 6b964fa1: am d8b122c7: Use file target as dependency.
* commit '6b964fa1f265c1c0d6f236efbf3c471b76fdf05c':
  Use file target as dependency.
2012-10-26 09:54:19 -07:00
Ying Wang
6b964fa1f2 am d8b122c7: Use file target as dependency.
* commit 'd8b122c7bbe3a57620bee0a5c6bfcb8f7c574081':
  Use file target as dependency.
2012-10-26 09:51:39 -07:00