Commits · 1ffa6f80da2691017c51a9aa8dff41fa7dacc54c · Werner Sembach / AndroidSystemSEPolicy

"public/adbd.te" did not exist on "a5d07925080f59073b03d24d3997aecd6d4bbf2c"

May 08, 2017

Merge "Further restrict SELinux API access" am: 07667733 · 1ffa6f80
Nick Kralevich authored 7 years ago
```
am: b49bc821

Change-Id: I4e13baad4cc463142b5899855e0613c5ea829c8d
```
1ffa6f80
Merge "Further restrict SELinux API access" · b49bc821
Nick Kralevich authored 7 years ago
```
am: 07667733

Change-Id: I0263926bbc950f0186bdd9a7fa3eb8b8f9072ee0
```
b49bc821
Merge "Further restrict SELinux API access" · 07667733
Treehugger Robot authored 7 years ago

07667733
hal_audio: Allow writing dump info into pipes when capturing BR am: 9686cbcd · b00a85c3
Mikhail Naganov authored 7 years ago
```
am: 4aac6fdb

Change-Id: I1614f394e0f0c071705e3696d3dd8124e72c24c2
```
b00a85c3
hal_audio: Allow writing dump info into pipes when capturing BR · 4aac6fdb
Mikhail Naganov authored 7 years ago
```
am: 9686cbcd

Change-Id: Id0bacbd2022c24615b9e99108af1a8510be248fb
```
4aac6fdb

Further restrict SELinux API access · 14e2e926

Nick Kralevich authored 7 years ago

Remove SELinux access from domain_deprecated. Access to SELinux APIs can
be granted on a per-domain basis.

Remove appdomain access to SELinux APIs. SELinux APIs are not public and
are not intended for application use. In particular, some exploits poll
on /sys/fs/selinux/enforce to determine if the attack was successful,
and we want to ensure that the behavior isn't allowed. This access was
only granted in the past for CTS purposes, but all the relevant CTS
tests have been moved to the shell domain.

Bug: 27756382
Bug: 28760354
Test: Device boots and no obvious problems. No collected denials.
Change-Id: Ide68311bd0542671c8ebf9df0326e512a1cf325b

14e2e926

May 04, 2017

hal_audio: Allow writing dump info into pipes when capturing BR · 9686cbcd

Mikhail Naganov authored 7 years ago

The following HAL methods use file descriptors to write dump
info comprising audioflinger debug dump:

IDevice.debugDump
IEffectsFactory.debugDump
IStream.debugDump

Bug: 37993476
Test: check contents of media.audio_flinger section in
      a bugreport captured on Pixel device

Change-Id: I77d347c019ac93c3ba0d54ce50f0fdc243b04685

9686cbcd

Allow getattr on tempfs files am: bf030965 · 1696a6e8
Dimitry Ivanov authored 7 years ago
```
am: eb80c0db

Change-Id: I1b5cbd08d80ba43979da2ab46b40d28ff14a93e8
```
1696a6e8
Allow getattr on tempfs files · eb80c0db
Dimitry Ivanov authored 7 years ago
```
am: bf030965

Change-Id: I3a10c619ce6e65ce531276ef4f97489605897062
```
eb80c0db

Allow getattr on tempfs files · bf030965

Dimitry Ivanov authored 7 years ago

This is needed by linker to be able to load libraries from memfd
which currently generated following denial:
avc: denied { getattr } for path=2F6D656D66643A666F6F626172202864656C6574656429 dev="tmpfs" ino=902079 scontext=u:r:shell:s0 tcontext=u:object_r:shell_tmpfs:s0 tclass=file permissive=0

Bug: http://b/37245203
Bug: http://b/37916741
Test: builds
Change-Id: I5b57b6cada50a62657c8daaaaaa56f1ee9cdb376
(cherry picked from commit a0d3ff8e)

bf030965

May 01, 2017
- Merge "fc_sort: Fix leaks" am: 7f4b2ad5 · 274c4e33
  Andreas Gampe authored 7 years ago
  
  am: acbf2ad3 Change-Id: Ic59386f9a2a02438299ee11f3b36fdd7b9b34c99
  274c4e33
- Merge "fc_sort: Fix leaks" · acbf2ad3
  Andreas Gampe authored 7 years ago
  
  am: 7f4b2ad5 Change-Id: I3c10871ddc11f43f685ef4a7064d416a1ca450f1
  acbf2ad3
- Merge "fc_sort: Fix leaks" · 7f4b2ad5
  Treehugger Robot authored 7 years ago
  
  7f4b2ad5
- Merge "Sepolicy: Disable leak sanitizer for checkpolicy" am: 9e0d6aeb · e34a9569
  Andreas Gampe authored 7 years ago
  
  am: 2d7ec8d4 Change-Id: I4fc205afca8f64a710d0ceaab356a8dd76a7923a
  e34a9569
- Merge "Sepolicy: Disable leak sanitizer for checkpolicy" · 2d7ec8d4
  Andreas Gampe authored 7 years ago
  
  am: 9e0d6aeb Change-Id: I6e08846e7f580851f9cd0d7050097dcba0f5dbb8
  2d7ec8d4
- Merge "Sepolicy: Disable leak sanitizer for checkpolicy" · 9e0d6aeb
  Treehugger Robot authored 7 years ago
  
  9e0d6aeb
- Sepolicy: Disable leak sanitizer for checkpolicy · ac4cf8e3
  Andreas Gampe authored 7 years ago
  
  Temporary workaround. Bug: 37755687 Test: ASAN_OPTIONS= SANITIZE_HOST=address m Merged-In: I001a42ea6463a1e137e1f5328755596f986323de Change-Id: I001a42ea6463a1e137e1f5328755596f986323de
  ac4cf8e3
- Merge "Allow dumpstate to acquire xtables.lock" am: edd41261 · 638ae7fe
  Joel Scherpelz authored 7 years ago
  
  am: 97e2c65c Change-Id: Iab07ec973bddeb2e431fadd4c839f6b882c433cf
  638ae7fe
- Merge "Allow dumpstate to acquire xtables.lock" · 97e2c65c
  Joel Scherpelz authored 7 years ago
  
  am: edd41261 Change-Id: I86efaccb28dc12db792370a4499540676c71a71c
  97e2c65c
- Merge "Allow dumpstate to acquire xtables.lock" · edd41261
  Joel Scherpelz authored 7 years ago
  
  edd41261
Apr 28, 2017

Sepolicy-Analyze: Plug leak am: ee8b67df · 4c1385a6
Andreas Gampe authored 7 years ago
```
am: 4a318ad6

Change-Id: Iffd30a9cfee48626dc01635877b90ef7a1e8f9b0
```
4c1385a6
Sepolicy-Analyze: Plug leak · 4a318ad6
Andreas Gampe authored 7 years ago
```
am: ee8b67df

Change-Id: Ic2fe390f95f0be43ad39a50366e0300a398aa0ad
```
4a318ad6

fc_sort: Fix leaks · c32d7bae

Andreas Gampe authored 7 years ago

Use the getline API correctly: keep a single buffer as long as
possible, and let the callee handle re-allocation. Move the final
free out of the loop.

Release the head of the linked list.

Bug: 37757586
Test: ASAN_OPTIONS= SANITIZE_HOST=address mmma system/sepolicy
Change-Id: I42424acba7cd68c1b9a7a43e916a421ac3e253f7

c32d7bae

Sepolicy-Analyze: Plug leak · ee8b67df

Andreas Gampe authored 7 years ago

Destroy the policy before exiting (for successful = expected runs).

Bug: 37757759
Test: ASAN_OPTIONS= SANITIZE_HOST=address m
Change-Id: I67e35fbede696ec020a53b69a6cef9f374fae167

ee8b67df

Apr 27, 2017
- Merge "Remove access to sock_file for hal_nfc" am: 608969b3 · 3259f98c
  Ruchi Kandoi authored 7 years ago
  
  am: 8ad09d93 Change-Id: I745c85dd761cc68e0301a7a3fa32b29269c624d2
  3259f98c
- Merge "Remove access to sock_file for hal_nfc" · 8ad09d93
  Ruchi Kandoi authored 7 years ago
  
  am: 608969b3 Change-Id: I99225c48524600248d3d76a56368dc96da67caa0
  8ad09d93
- Merge "Remove access to sock_file for hal_nfc" · 608969b3
  Treehugger Robot authored 7 years ago
  
  608969b3
- Add untrusted_v2_app to all_untrusted_apps am: db5962ce · 16eb632a
  Nick Kralevich authored 7 years ago
  
  am: eb710332 Change-Id: I15f27cd755e5a8556e189af50b8bca52f050ad8f
  16eb632a
- Add untrusted_v2_app to all_untrusted_apps · eb710332
  Nick Kralevich authored 7 years ago
  
  am: db5962ce Change-Id: I4ce4248dd0f780c1d466a7798a159d854d30a09a
  eb710332
Apr 26, 2017

Add untrusted_v2_app to all_untrusted_apps · db5962ce

Nick Kralevich authored 7 years ago

This was accidentally omitted from all_untrusted_app

While I'm here, split across mutiple lines and alphabetize.

Test: policy compiles.
Change-Id: I7fe1d1d0a4ef2ed3ab010931ee2ba15637c2be51

db5962ce

Merge "Add drm and kernel permissions to mediaprovider" am: 224b4eac · b0e13e81
Jerry Zhang authored 7 years ago
```
am: 34b76844

Change-Id: Ibe76d1cecd92f46306faf2587d229dbfc4def199
```
b0e13e81
Merge "Add drm and kernel permissions to mediaprovider" · 34b76844
Jerry Zhang authored 7 years ago
```
am: 224b4eac

Change-Id: I2b9ef653a1d4b21661fb07a1634b2e8af75c826b
```
34b76844
Merge "Add drm and kernel permissions to mediaprovider" · 224b4eac
Jerry Zhang authored 7 years ago

224b4eac

Add drm and kernel permissions to mediaprovider · 6f9ac6e4

Jerry Zhang authored 7 years ago

These were missing when the sepolicy was migrated.

Addresses denials:

E SELinux : avc:  denied  { find } for service=drm.drmManager pid=11769
uid=10018 scontext=u:r:mediaprovider:s0:c512,c768
tcontext=u:object_r:drmserver_service:s0 tclass=service_manager

W kworker/u16:2: type=1400 audit(0.0:1667): avc: denied { use } for
path="/storage/emulated/0/DCIM/Camera/IMG_20170425_124723.jpg"
dev="sdcardfs" ino=1032250 scontext=u:r:kernel:s0
tcontext=u:r:mediaprovider:s0:c512,c768 tclass=fd permissive=0

Bug: 37685394
Bug: 37686255
Test: Sync files
Test: Open downloaded file

Change-Id: Ibb02d233720b8510c3eec0463b8909fcc5bbb73d

6f9ac6e4

Merge "Allow Bluetooth sys_nice and system_server setsched for Bluetooth HAL" am: 2e8b0004 · 1d4bb3ac
Philip Cuadra authored 7 years ago
```
am: 1cc029ea

Change-Id: I4dc969584352c3181c3a0e49c90dff8a89940ea8
```
1d4bb3ac
Merge "Allow Bluetooth sys_nice and system_server setsched for Bluetooth HAL" · 1cc029ea
Philip Cuadra authored 7 years ago
```
am: 2e8b0004

Change-Id: I2e8648728c5e63037686981c154d16c3010ac095
```
1cc029ea
Merge "Allow Bluetooth sys_nice and system_server setsched for Bluetooth HAL" · 2e8b0004
Philip Cuadra authored 7 years ago

2e8b0004

Apr 25, 2017

Remove access to sock_file for hal_nfc · ad41fa8d

Ruchi Kandoi authored 7 years ago


Test: manual
Bug: 37640900
Change-Id: I6987d60c1eb1578134b51f4e7417700fd462ba4d
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>

ad41fa8d

Allow dumpstate to acquire xtables.lock · 5e901bbe

Joel Scherpelz authored 7 years ago

iptables recently changed its behavior to strictly require xtables.lock.
dumpstate selinux policy must be updated to allow access.

Bug: 37648320
Test: dumpstate succeeds with no avc: denied ... xtables.lock messages
Change-Id: Ic7e243739f375a60fa14fe67fac910d31d978ffd
(cherry picked from commit ca097979)

5e901bbe

Merge "Allow UDP Sockets to be returned from IpSecService" am: 327d7cb9 · cda872a8
nharold authored 7 years ago
```
am: a9be5320

Change-Id: Iee7069f192593f4b7588f8b6d272b1bef5fbd36c
```
cda872a8