tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
42720 commits 1 branch 0 tags 50 MiB
Commit graph

42720 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jeff Vander Stoep
f9a774f1ae Disallow watch and watch_reads on apk_data_file for apps 
This can be used as a side channel to observe when an application
is launched.

Gate this restriction on the application's targetSdkVersion to
avoid breaking existing apps. Only apps targeting 34 and above will
see the new restriction.

Remove duplicate permissions from public/shell.te. Shell is
already appdomain, so these permissions are already granted to it.

Ignore-AOSP-First: Security fix
Bug: 231587164
Test: boot device, install/uninstall apps. Observe no new denials.
Test: Run researcher provided PoC. Observe audit messages.
Change-Id: Ic7577884e9d994618a38286a42a8047516548782
 2023-04-25 15:20:45 +02:00
Alex Buynytskyy
9c6c988bad UpsideDownCake/34 is now REL 
Ignore-AOSP-First: UpsideDownCake Finalization
Bug: 275409981
Test: build
Change-Id: I15bf3817a8a6867d52f7963a04a69e543a9801e9
Merged-In: I15bf3817a8a6867d52f7963a04a69e543a9801e9
 2023-04-21 19:36:02 +00:00
Charles Chen
5eb2d8b0df Fix attribute plurals for isolated_compute_allowed am: 27a8f43fde am: 82c81a216a am: badbeec6ac 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2552770

Change-Id: Ie5d474cceaac9833f53194b17636147cdc6eb75e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 18:49:53 +00:00
Charles Chen
5eba5e62a3 Merge "Move isolated_compute_app to be public" am: 290d1876ff am: 48a0bcd865 am: d57f6bc6ae 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2544610

Change-Id: I997bf77614cf78e61f89925857a60bb8a9a907fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 18:48:55 +00:00
Charles Chen
badbeec6ac Fix attribute plurals for isolated_compute_allowed am: 27a8f43fde am: 82c81a216a 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2552770

Change-Id: I4352aa3bec7b6e48b61caa751a15d7ead1a98210
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 18:06:15 +00:00
Charles Chen
d57f6bc6ae Merge "Move isolated_compute_app to be public" am: 290d1876ff am: 48a0bcd865 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2544610

Change-Id: I3db506238449d86892b769fb137364aa76c52ca8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 18:05:24 +00:00
Charles Chen
82c81a216a Fix attribute plurals for isolated_compute_allowed am: 27a8f43fde 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2552770

Change-Id: Ibdcc12fe4cf92d4ba9f7ed25b7142eaab88ad8c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 17:47:35 +00:00
Charles Chen
48a0bcd865 Merge "Move isolated_compute_app to be public" am: 290d1876ff 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2544610

Change-Id: I9093ea1878a6dbb6af85fb69a3547303dfd08784
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 17:25:33 +00:00
Eric Rahm
3c9b657e1d Merge changes from topic "cherrypicker-L58100000960054695:N31200001359782734" am: 66ef8f01ee am: 7e4c7b47a2 am: 051fd4658e 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2549731

Change-Id: I3bc5e7644efdaf99291b2efa61de9740b3f8a7e3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 17:23:14 +00:00
Eric Rahm
be8a31739a Fix denial for ioctl FS Verity am: af6035c64f am: 4606eaa950 am: 1f2c6ef5e7 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2549730

Change-Id: Id4297a235f5803ab4d8efafa2b2a632d29a2494c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 17:23:10 +00:00
Charles Chen
27a8f43fde Fix attribute plurals for isolated_compute_allowed 
Following the naming convention.

Bug: N/A
Test: m
Change-Id: Ie26d67423f9ee484ea91038143ba763ed8f97e2f
 2023-04-20 16:39:39 +00:00
Charles Chen
290d1876ff Merge "Move isolated_compute_app to be public" 2023-04-20 16:31:52 +00:00
Eric Rahm
051fd4658e Merge changes from topic "cherrypicker-L58100000960054695:N31200001359782734" am: 66ef8f01ee am: 7e4c7b47a2 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2549731

Change-Id: Ib7a6476be234490f7d4053f6d2d423b5578744e0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 16:28:52 +00:00
Eric Rahm
1f2c6ef5e7 Fix denial for ioctl FS Verity am: af6035c64f am: 4606eaa950 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2549730

Change-Id: I8a8ae8b48342843cd643abbb499b03b399c03cbd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 16:28:45 +00:00
Eric Rahm
7e4c7b47a2 Merge changes from topic "cherrypicker-L58100000960054695:N31200001359782734" am: 66ef8f01ee 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2549731

Change-Id: I1e806c6f293c964bf949b0cd4d14ee70eea0201b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 15:50:42 +00:00
Eric Rahm
4606eaa950 Fix denial for ioctl FS Verity am: af6035c64f 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2549730

Change-Id: I59e5261f9a2fea9d855756e7bb255b683868b3a9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 15:50:40 +00:00
Alexander Roederer
5c9320232a Merge "Add persist.sysui.notification.builder_extras_ovrd" am: e46266d2ce am: 06ad0c13cc am: f5324ae425 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2538550

Change-Id: I7f3e24a17423eb7a29e4a8bb17e14e06ca27ec4e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 15:27:08 +00:00
Eric Rahm
66ef8f01ee Merge changes from topic "cherrypicker-L58100000960054695:N31200001359782734" 
* changes:
  Allow system_server to verify installed apps
  Fix denial for ioctl FS Verity
 2023-04-20 15:06:22 +00:00
Alexander Roederer
f5324ae425 Merge "Add persist.sysui.notification.builder_extras_ovrd" am: e46266d2ce am: 06ad0c13cc 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2538550

Change-Id: I2c53a5567cf76028273a970ede2068ef46224a30
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 14:45:21 +00:00
Alexander Roederer
06ad0c13cc Merge "Add persist.sysui.notification.builder_extras_ovrd" am: e46266d2ce 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2538550

Change-Id: I71d79af77e6a3f98713b6d31b89839e9b6b25a13
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 14:04:23 +00:00
Alexander Roederer
e46266d2ce Merge "Add persist.sysui.notification.builder_extras_ovrd" 2023-04-20 13:22:24 +00:00
Charles Chen
c8ab3593d0 Move isolated_compute_app to be public 
This will allow vendor customization of isolated_compute_app. New permissions added should be associated with isolated_compute_allowed.

Bug: 274535894
Test: m
Change-Id: I4239228b80544e6f5ca1dd68ae1f44c0176d1bce
 2023-04-20 05:39:29 +00:00
Eric Rahm
588d537f0b Allow system_server to verify installed apps 
This commit allows system_server to call FS_IOC_SETFLAGS ioctl

Bug: 259756715
Fixes: 272527416
Test: Flash and pair watch, verify denial logs after apps are updated.
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8d15734fb52ce08461fd4259ddfd22e889cf9061)
Merged-In: I7a99d3bb7deb3683b342795cb1bbef7abbbcbe38

Change-Id: I7a99d3bb7deb3683b342795cb1bbef7abbbcbe38
 2023-04-20 03:05:01 +00:00
Treehugger Robot
258cb0d2f9 Merge "Allow remote_provisioning to query IRPC" am: 81d607c686 am: 2cc28f0d55 am: 91595e7470 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2538191

Change-Id: Iee1c820b11cf7a6a75d40d9def31c5faed1c197a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 00:11:16 +00:00
Eric Rahm
af6035c64f Fix denial for ioctl FS Verity 
For unknown reason, denial still happens with system app after applying
ag/20712480. This commit adds a work around to fix this.

Bug: 258093107
Fixes: 272530397

Test: flash build, pair watch with phone, check SE denials log
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0ade3b2183d850fd508569782e35a59ef2bd4dce)
Merged-In: I16932c793c5ca144746d0903ed1826c1847d2add

Change-Id: I16932c793c5ca144746d0903ed1826c1847d2add
 2023-04-20 00:02:07 +00:00
Treehugger Robot
91595e7470 Merge "Allow remote_provisioning to query IRPC" am: 81d607c686 am: 2cc28f0d55 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2538191

Change-Id: Id89b6fc39bf6a9c05f8ef35215d7bd40319f04c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-19 23:26:31 +00:00
Treehugger Robot
2cc28f0d55 Merge "Allow remote_provisioning to query IRPC" am: 81d607c686 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2538191

Change-Id: I1e72c9af0f4410f6760eec5a84b8f3ffdefe62a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-19 22:47:02 +00:00
Treehugger Robot
81d607c686 Merge "Allow remote_provisioning to query IRPC" 2023-04-19 22:17:55 +00:00
Andrew Scull
0977919ac4 Allow remote_provisioning to query IRPC 
Enable remote_provisioning diagnostic reporting from dumpsys and adb
shell by allowing the service, which is hosted in system_server, to call
KeyMint's IRPC HAL implementation.

Test: adb shell dumpsys remote_provisioning
Test: adb shell cmd remote_provisioning
Bug: 265747549
Change-Id: Ica9eadd6019b577990ec3493a2b08e25f851f465
 2023-04-19 20:55:37 +00:00
Alexander Roederer
2b05965492 Add persist.sysui.notification.builder_extras_ovrd 
Adds persist.sysui.notification.builder_extras_override property
associated permissions, which will be used to flag guard
a change in core/...Notification.java.

Original change I3f7e2220798d22c90f4326570732a52b0deeb54d didn't
cover zygote, which are needed for preloaded classes

Test: manual flash+adb setprop/getprop
Bug: 169435530
Change-Id: Ifad9e7c010554aa6a1e1822d5885016058c801c9
 2023-04-19 18:29:04 +00:00
Treehugger Robot
68e237aa8c Merge changes from topic "b268128589" am: d073bd4209 am: cf5963c6a8 am: cfe9c14ada 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2529324

Change-Id: I149c1a56de8f4bd11738832cc18d19aca41c4b6f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 23:43:59 +00:00
Treehugger Robot
cfe9c14ada Merge changes from topic "b268128589" am: d073bd4209 am: cf5963c6a8 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2529324

Change-Id: I34f3ffebf02c4fd626ba868bcb619c68acaef347
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 23:06:17 +00:00
Treehugger Robot
cf5963c6a8 Merge changes from topic "b268128589" am: d073bd4209 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2529324

Change-Id: Ibbaa922397d38ea8aea1b8bf77bf6a6a7f3774b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 22:18:50 +00:00
Treehugger Robot
d073bd4209 Merge changes from topic "b268128589" 
* changes:
  Revert "Modify the automotive display service file context"
  Revert "Move cardisplayproxyd to system_ext"
 2023-04-18 21:44:44 +00:00
Yuxin Hu
c8fa8026a5 Merge "Allow gpuservice to query permission" am: aff0f53398 am: ea1a7a71a0 am: 4b4448f2cd 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2539770

Change-Id: I9e4237ce3795e1897a60b7ef98657ed53d0d6fb6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 18:30:25 +00:00
Yuxin Hu
4b4448f2cd Merge "Allow gpuservice to query permission" am: aff0f53398 am: ea1a7a71a0 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2539770

Change-Id: I784b9045e7d315c9656ffc662c64f98e6d001ad6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 17:58:22 +00:00
Yuxin Hu
ea1a7a71a0 Merge "Allow gpuservice to query permission" am: aff0f53398 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2539770

Change-Id: I1ae98b136f0840822d45d33088ff56a705c756ea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 17:28:35 +00:00
Yuxin Hu
aff0f53398 Merge "Allow gpuservice to query permission" 2023-04-17 16:56:53 +00:00
Treehugger Robot
6be0665e82 Merge "Allow virtualizationmanager to open test artifacts in shell_data_file" am: 6e5f8d5150 am: d94b48bcef am: 87a23ae361 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2519757

Change-Id: Ia910ef23f94402407862160fe33bd747078a2e35
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 05:28:27 +00:00
Treehugger Robot
87a23ae361 Merge "Allow virtualizationmanager to open test artifacts in shell_data_file" am: 6e5f8d5150 am: d94b48bcef 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2519757

Change-Id: I7707436369a47470bffe0d353b15d935bbc4b78b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 04:58:08 +00:00
Treehugger Robot
d94b48bcef Merge "Allow virtualizationmanager to open test artifacts in shell_data_file" am: 6e5f8d5150 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2519757

Change-Id: I9582976d582bfefc32a34208082d75a656c873b4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 04:28:40 +00:00
Yuxin Hu
fce99d90c7 Allow gpuservice to query permission 
Bug: b/270994705
Test: Flash, verify Pixel 7 can boot.
Change-Id: I11e61034a8b4404aa998af2b9a04e08af9095fec
 2023-04-17 04:12:43 +00:00
Treehugger Robot
6e5f8d5150 Merge "Allow virtualizationmanager to open test artifacts in shell_data_file" 2023-04-17 04:00:16 +00:00
Yuxin Hu
81deebacc3 Merge "Add a new system property persist.graphics.egl" am: b011ba5ffb am: 2ec8d6d9f6 am: e20f4369dc 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2529329

Change-Id: I34e98b75cb34610474303349e8a9eff337440044
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 21:16:14 +00:00
Yuxin Hu
e20f4369dc Merge "Add a new system property persist.graphics.egl" am: b011ba5ffb am: 2ec8d6d9f6 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2529329

Change-Id: Ibdfe943e45f12e2f790f4f0a5b97331a00607521
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 20:43:24 +00:00
Yuxin Hu
2ec8d6d9f6 Merge "Add a new system property persist.graphics.egl" am: b011ba5ffb 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2529329

Change-Id: Idde1377bf03759d3a47dc32a9ba3a646e956c2bd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 20:13:39 +00:00
Yuxin Hu
b011ba5ffb Merge "Add a new system property persist.graphics.egl" 2023-04-13 18:49:26 +00:00
Yuxin Hu
889dd078e9 Add a new system property persist.graphics.egl 
This new system property will be read and written
by a new developer option switch, through gpuservice.

Based on the value stored in persis.graphics.egl,
we will load different GLES driver.

e.g.
persist.graphics.egl == $ro.hardware.egl: load native GLES driver
persist.graphics.egl == angle: load angle as GLES driver

Bug: b/270994705
Test: m; flash and check Pixel 7 boots fine
Change-Id: Idec4b947d0c69c52cd798df4f834053bd306cf5f
 2023-04-13 04:38:46 +00:00
Treehugger Robot
4ec7f16534 Merge "Skip TQ2A.230405.003" am: a5d4554522 am: 40c8242b36 am: 9f56c1d212 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2530585

Change-Id: Ib524083f198c69ac83a7a0530c4331e6e40b1e6a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 20:57:12 +00:00
Treehugger Robot
9f56c1d212 Merge "Skip TQ2A.230405.003" am: a5d4554522 am: 40c8242b36 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2530585

Change-Id: I89951a9211c6e66d188a2b1fa9576185fbcdc822
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 20:23:04 +00:00