Skip to content
Snippets Groups Projects
Select Git revision
  • android-7.1.2_r28_klist
  • master default protected
  • pie-cts-release
  • pie-vts-release
  • pie-cts-dev
  • oreo-mr1-iot-release
  • sdk-release
  • oreo-m6-s4-release
  • oreo-m4-s12-release
  • pie-release
  • pie-r2-release
  • pie-r2-s1-release
  • oreo-vts-release
  • oreo-cts-release
  • oreo-dev
  • oreo-mr1-dev
  • pie-gsi
  • pie-platform-release
  • pie-dev
  • oreo-cts-dev
  • android-o-mr1-iot-release-1.0.4
  • android-9.0.0_r8
  • android-9.0.0_r7
  • android-9.0.0_r6
  • android-9.0.0_r5
  • android-8.1.0_r46
  • android-8.1.0_r45
  • android-n-iot-release-smart-display-r2
  • android-vts-8.1_r5
  • android-cts-8.1_r8
  • android-cts-8.0_r12
  • android-cts-7.1_r20
  • android-cts-7.0_r24
  • android-o-mr1-iot-release-1.0.3
  • android-cts-9.0_r1
  • android-8.1.0_r43
  • android-8.1.0_r42
  • android-n-iot-release-smart-display
  • android-p-preview-5
  • android-9.0.0_r3
40 results

uncrypt.te

Blame
    • Nick Kralevich's avatar
      eb4e2ab1
      uncrypt: fix OTAs · eb4e2ab1
      Nick Kralevich authored 
      uncrypt needs to be able to read OTA files in GMS core's home
directory, which is protected with MLS. Mark uncrypt as an
mlstrustedsubject so that it can read the files.

Addresses the following denial (and probably others):

  uncrypt : type=1400 audit(0.0:27): avc: denied { getattr } for path="/data/data/com.google.android.gms" dev="mmcblk0p30" ino=81970 scontext=u:r:uncrypt:s0 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir

Remove the auditallow line for uncrypt. Per dd053a9b,
the auditallow line was added to confirm that uncrypt was actually
accessing the userdata block device. The access to the userdata block
device is definitely occurring, and auditing it doesn't add any value.
Remove the auditing.

Eliminates the following unnecessary audit lines:

  avc: granted { write } for pid=2449 comm="uncrypt" name="mmcblk0p31" dev="tmpfs" ino=10404 scontext=u:r:uncrypt:s0 tcontext=u:object_r:userdata_block_device:s0 tclass=blk_file
  avc: granted { write open } for pid=2449 comm="uncrypt" path="/dev/block/mmcblk0p31" dev="tmpfs" ino=10404 scontext=u:r:uncrypt:s0 tcontext=u:object_r:userdata_block_device:s0 tclass=blk_file

Tighten up userdata block access to write-only. uncrypt never reads
directly from the block device.

Testing:

  1) Create the file /cache/recovery/command with a line like:
  --update_package=/data/data/com.google.android.gms/foo.zip
  2) Create the file /data/data/com.google.android.gms/foo.zip
  (contents not important)
  3) Run "setprop ctl.start pre-recovery"

Expected: No SELinux denials.
Actual: SELinux denials

Bug: 18875451
Change-Id: I62c7f06313afb2535b0de8be3c16d9d33879dd5d
      eb4e2ab1
      History
      uncrypt: fix OTAs
      Nick Kralevich authored 
      uncrypt needs to be able to read OTA files in GMS core's home
directory, which is protected with MLS. Mark uncrypt as an
mlstrustedsubject so that it can read the files.

Addresses the following denial (and probably others):

  uncrypt : type=1400 audit(0.0:27): avc: denied { getattr } for path="/data/data/com.google.android.gms" dev="mmcblk0p30" ino=81970 scontext=u:r:uncrypt:s0 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir

Remove the auditallow line for uncrypt. Per dd053a9b,
the auditallow line was added to confirm that uncrypt was actually
accessing the userdata block device. The access to the userdata block
device is definitely occurring, and auditing it doesn't add any value.
Remove the auditing.

Eliminates the following unnecessary audit lines:

  avc: granted { write } for pid=2449 comm="uncrypt" name="mmcblk0p31" dev="tmpfs" ino=10404 scontext=u:r:uncrypt:s0 tcontext=u:object_r:userdata_block_device:s0 tclass=blk_file
  avc: granted { write open } for pid=2449 comm="uncrypt" path="/dev/block/mmcblk0p31" dev="tmpfs" ino=10404 scontext=u:r:uncrypt:s0 tcontext=u:object_r:userdata_block_device:s0 tclass=blk_file

Tighten up userdata block access to write-only. uncrypt never reads
directly from the block device.

Testing:

  1) Create the file /cache/recovery/command with a line like:
  --update_package=/data/data/com.google.android.gms/foo.zip
  2) Create the file /data/data/com.google.android.gms/foo.zip
  (contents not important)
  3) Run "setprop ctl.start pre-recovery"

Expected: No SELinux denials.
Actual: SELinux denials

Bug: 18875451
Change-Id: I62c7f06313afb2535b0de8be3c16d9d33879dd5d