- Jan 18, 2017
-
-
Sandeep Patil authoredBug: 33746484 Test: Successfully boot with original service and property contexts. Successfully boot with split serivce and property contexts. Change-Id: I7881af8922834dc69b37dae3b06d921e05206564 Signed-off-by:
Sandeep Patil <sspatil@google.com> -
Alex Klyubin authored
-
Alex Klyubin authored
This improves readability and consistency for HAL implementation domains which have only one implementation. Test: No change to policy according to sesearch Test: No change to which types are associated with haldomain according to "sepolicy-analyze <sepolicy file> attribute haldomain" Bug: 34180936 Change-Id: Ice599ea4971cdfbd8b835b1fd02ad1e14c7a0386
-
Sandeep Patil authored
Bug: 33746484 Test: Successfully boot with original service and property contexts. Successfully boot with split serivce and property contexts. Change-Id: Ide67d37d85273c60b9e387e72fbeb87be6da306a Signed-off-by:Sandeep Patil <sspatil@google.com>
-
- Jan 17, 2017
-
-
Alex Klyubin authored
This marks all HAL domain implementations with the haldomain attribute so that rules can be written which apply to all HAL implementations. This follows the pattern used for appdomain, netdomain and bluetoothdomain. Test: No change to policy according to sesearch. Bug: 34180936 Change-Id: I0cfe599b0d49feed36538503c226dfce41eb65f6
-
Mikhail Naganov authored
This is to ensure that hal_audio can access memory shared by audioserver. Bug: 34261005 Change-Id: I84103b0d4692fd10afc56846fb116fec6a7b3dc7
-
- Jan 14, 2017
-
-
Treehugger Robot authored
-
Treehugger Robot authored
-
- Jan 13, 2017
-
-
Jim Miller authored
Move from fingerprintd to new fingerprint_hal and update SeLinux policy. Test: Boot with no errors related to fingerprint sepolicy Bug: 33199080 Change-Id: Idfde0cb0530e75e705033042f64f3040f6df22d6
-
Hridya Valsaraju authored
The following are the avc denials that are addressed: avc: denied { call } for pid=889 comm="system_server" scontext=u:r:system_server:s0 tcontext=u:r:hal_gnss_default:s0 tclass=binder permissive=0 avc: denied { call } for scontext=u:r:hal_gnss_default:s0 tcontext=u:r:system_server:s0 tclass=binder permissive=0 avc: denied { read } for name="hw" dev="mmcblk0p43" ino=1837 scontext=u:r:hal_gnss_default:s0 tcontext=u:object_r:system_file:s0 tclass=dir permissive=0 avc: denied { open } for path="/system/lib64/hw" dev="mmcblk0p43" ino=1837 scontext=u:r:hal_gnss_default:s0 tcontext=u:object_r:system_file:s0 tclass=dir permissive=0 Bug:31974439 Test: Checked that there no more related avc denial messages related to the GNSS HAL in dmesg. Change-Id: I5b43dc088017a5568dd8e442726d2bf52e95b1d5 -
Max Bires authored
It seems likely that there is no reason to keep around a number of devices that are configured to be included into the pixel kernels. Init and ueventd should be the only processes with r/w access to these devices, so auditallow rules have been added to ensure that they aren't actually used. /dev/keychord was given its own type since it's one of the few character devices that's actually legitimately used and would cause log spam in the auditallow otherwise. Bug: 33347297 Test: The phone boots without any apparent log spam. Change-Id: I3dd9557df8a9218b8c802e33ff549d15849216fb
-
- Jan 12, 2017
-
-
Myles Watson authored
Test: run a gtest in /data/nativetest/ with no permission denial Change-Id: Id644ed7dbea59becaf84b6073c9144711ad07c10
-
-
Treehugger Robot authored
-
Sandeep Patil authored
Bug: 34231014 Test: Boot angler to ensure no additional denials are reported. Change-Id: Ic2372d55f7072c65e7ea17036a8eb40dc531d60e Signed-off-by:Sandeep Patil <sspatil@google.com>
-
- Jan 11, 2017
-
-
Josh Gao authored
Bug: http://b/34228376 Test: m Change-Id: I1321ada1521bb3e3fd08105f1a41d519ee486683
-
Jeff Sharkey authored
Test: builds Bug: 32206268 Change-Id: I236105b029178f96da519c2295c66c686dcae7cb
-
Treehugger Robot authored
-
- Jan 10, 2017
-
-
Andre Eisenbach authored
Bug: 31972505 Test: VTS test passes, Bluetooth starts/stops Change-Id: Ic068c9fca7c50e63c5b6e3d86a2ee6cc53207e08
-
Mikhail Naganov authored
Bug: 30222631 Change-Id: I30ad019872881e21f61a53e4397112ea0e99688b
-
- Jan 09, 2017
-
-
Alex Klyubin authored
This leaves only the existence of ephemeral_app domain as public API. All other rules are implementation details of this domain's policy and are thus now private. There are a few rules, defined by other domains' files remaining in the public policy until the rules from these domains also move to the private policy: allow ephemeral_app_current appdomain:binder transfer; allow ephemeral_app_current audioserver_current:binder transfer; allow ephemeral_app_current drmserver_current:binder transfer; allow ephemeral_app_current dumpstate_current:binder transfer; allow ephemeral_app_current mediaserver_current:binder transfer; allow ephemeral_app_current surfaceflinger_current:binder transfer; allow ephemeral_app_current system_server_current:binder transfer; Test: No change to policy according to sesearch, except for disappearance of all allow rules from platform_app_current attribute (as expected). Bug: 31364497 Change-Id: I98687181434a98a141469ef676c461fcd1db2d4e -
Alex Klyubin authored
This leaves only the existence of platform_app domain as public API. All other rules are implementation details of this domain's policy and are thus now private. Test: No change to policy according to sesearch, except for disappearance of all allow rules from platform_app_current attribute (as expected). Bug: 31364497 Change-Id: I47bb59fdfc07878c91fd5e207735cd0c07a128da -
Treehugger Robot authored
-
Treehugger Robot authored
-
Dan Cashman authored
Bug: 33746381 Test: Device boots with no extra denials. Change-Id: I2f0da92367851142e0d7df4afec8861ceaed9d3e
-
Nick Kralevich authored
No relevant collected denials. Test: device boots and no obvious problems. Test: no collected denials. Bug: 28760354 Change-Id: Idcf939b3cbdb1dec835d59150181047d062e6c48
-
- Jan 08, 2017
-
-
Daniel Micay authored
This is already provided in app.te via create_file_perms for notdevfile_class_set. Change-Id: I89ed3537fd1e167571fe259bd4804f8fcc937b95
-
- Jan 07, 2017
-
-
Treehugger Robot authored
-
Treehugger Robot authored
-
Nick Kralevich authored
All SELinux domains are already granted the ability to read the filenames in /proc, so it's unnecessary to add it to storaged.te. $ grep "proc:dir r_dir_perms" public/domain.te allow domain proc:dir r_dir_perms; Remove redundant rule. Test: policy compiles. Change-Id: I8779cda19176f7eb914778f131bb5b14e5b14448
-
Treehugger Robot authored
* changes: Storaged permissions for task I/O Storaged permission setting
-
ynwang authored
Allow storaged to read /proc/[pid]/io Grant binder access to storaged Add storaged service Grant storaged_exec access to dumpstate Grant storaged binder_call to dumpstate Bug: 32221677 Change-Id: Iecc9dba266c5566817a99ac6251eb943a0bac630
-
ynwang authored
Allowing storaged for reading from pseudo filesystems and debugfs. Bug: 32221677 Change-Id: I837cead9a68f0b399703b64d724cb9c4b205c335
-
Nick Kralevich authored
No denials collected. Bug: 28760354 Test: no denials collected. Test: device boots and no obvious problems Change-Id: I7fc053ecae2db3bb2ca7c298634453e930713bec
-
- Jan 06, 2017
-
-
Nick Kralevich authored
No audits have been recorded for these rules. Remove them. Originally added for backwards compatibility in 549ccf77 as part of the split between cache_file and cache_recovery_file. Bug: 25351711 Test: No audit records recorded Change-Id: I5133028b5fcc99a731aabea90305171dee0edf47
-
Nick Kralevich authored
Don't allow processes to list out the contents of the directory /dev/__properties__. This is an implementation specific detail that shouldn't be visible to processes. Test: Device boots and no problems reading individual properties. Test: ls -la /dev/__properties__ fails Change-Id: I4df6a829b0d22e30fb2c38030c690fc4a356f6a3
-
Treehugger Robot authored
-
Treehugger Robot authored
-
Alex Klyubin authored
-
Treehugger Robot authored
-