Commits · 4234d95f02c926a16d98c1900946132987765e25 · Werner Sembach / AndroidSystemSEPolicy

Apr 04, 2017
- Merge "Move TEE rules to vendor image" into oc-dev · 4234d95f
  Alex Klyubin authored 7 years ago
  
  am: fbccda34 Change-Id: I1dd3889756bcc6324f80d20aeecba95587e68f20
  4234d95f
- Merge "Move TEE rules to vendor image" into oc-dev · fbccda34
  TreeHugger Robot authored 7 years ago
  
  fbccda34
- Merge "sepolicy: Add new wifi keystore HAL" into oc-dev · a21b8b0e
  Roshan Pius authored 7 years ago
  
  am: 29f273ce Change-Id: I0dc5693bddd9574eb36ee4a711652b4130afdd8e
  a21b8b0e
- Merge "sepolicy: Add new wifi keystore HAL" into oc-dev · 29f273ce
  TreeHugger Robot authored 7 years ago
  
  29f273ce
- Merge "Add target for vndservice_contexts." into oc-dev · f89f35ec
  Martijn Coenen authored 7 years ago
  
  am: c3a9e7df Change-Id: Ifcb4f63b7111252ee3a0deb58e6471b06df58587
  f89f35ec
- Merge "Add target for vndservice_contexts." into oc-dev · c3a9e7df
  Martijn Coenen authored 7 years ago
  
  c3a9e7df
- Merge "adbd/shell: grant access to sepolicy for cts" into oc-dev · 2afd3383
  Jeff Vander Stoep authored 7 years ago
  
  am: bab5872c Change-Id: I0341e66bd3a8fcbddf9daf7da84187430b5747d6
  2afd3383
- Merge "adbd/shell: grant access to sepolicy for cts" into oc-dev · bab5872c
  TreeHugger Robot authored 7 years ago
  
  bab5872c
Apr 03, 2017

Merge "Remove unused wificond sepolicy for dropping privileges" into oc-dev · 2ec492f1
Ningyuan Wang authored 7 years ago
```
am: 9337a4dd

Change-Id: Ib3273650207e0b64cdca1d6e0e3bbdf48d292a6b
```
2ec492f1
Merge "Remove unused wificond sepolicy for dropping privileges" into oc-dev · 9337a4dd
Ningyuan Wang authored 7 years ago

9337a4dd

adbd/shell: grant access to sepolicy for cts · 892d1e40

Test: Test: make cts && \
      cts-tradefed run singleCommand cts --skip-device-info \
      --skip-preconditions --skip-connectivity-check --abi arm64-v8a \
      --module CtsSecurityHostTestCases \
      -t android.security.cts.SELinuxHostTest#testNoExemptionsForBinderInVendorBan
      Fails as expected.
Bug: 36002573

Change-Id: I298c526789b25734d5f18666c64497e5d1e181d0

892d1e40

Add target for vndservice_contexts. · 6676c234

Martijn Coenen authored 7 years ago

So we can limit vndservicemanager access to
just vndservice_contexts.

Bug: 36052864
Test: servicemanager,vndservicemanager work
Change-Id: I7b132d4f616ba1edd0daf7be750d4b7174c4e188

6676c234

Merge "Grant vdc access to kmsg" into oc-dev · 81e1c12f
Tom Cherry authored 7 years ago
```
am: 0c31c85a

Change-Id: I2e6c151eb6b3413054f52d0dea5ab93c91065319
```
81e1c12f
Merge "Grant vdc access to kmsg" into oc-dev · 0c31c85a
Tom Cherry authored 7 years ago

0c31c85a
Merge "Add sepolicy for tv.input" into oc-dev · 7e9f5352
Shubang Lu authored 7 years ago
```
am: a1c06508

Change-Id: I7e586b6bf9c22ab0380f9982889f0c8c86115df1
```
7e9f5352
Merge "Add sepolicy for tv.input" into oc-dev · a1c06508
Shubang Lu authored 7 years ago

a1c06508

Move TEE rules to vendor image · 304d6536

Alex Klyubin authored 7 years ago

"tee" domain is a vendor domain. Hence its rules should live on the
vendor image.

What's left as public API is that:
1. tee domain exists and that it is permitted to sys_rawio capability,
2. tee_device type exists and apps are not permitted to access
   character devices labeled tee_device.

If you were relying on system/sepolicy automatically labeling
/dev/tf_driver as tee_device or labeling /system/bin/tf_daemon as
tee_exec, then you need to add these rules to your device-specific
file_contexts.

Test: mmm system/sepolicy
Test: bullhead, angler, and sailfish boot up without new denials
Bug: 36714625
Bug: 36714625
Bug: 36720355
Change-Id: Ie21619ff3c44ef58675c369061b4afdd7e8501c6

304d6536

Remove unused wificond sepolicy for dropping privileges · 9576785d

Ningyuan Wang authored 7 years ago

Bug: 36855921
Test: compile, wifi works with toggling
Change-Id: Ib0819a2d552472e482e192a69530441cfc2c0fd7

9576785d

Merge "VR: Add sepolicy for VR HWC service" into oc-dev · 888bc0bb
Daniel Nicoara authored 7 years ago
```
am: ed82acb9

Change-Id: I2c7dc59f0ea468fba1e34d38a55cc2e8e6cc3289
```
888bc0bb
Merge "VR: Add sepolicy for VR HWC service" into oc-dev · ed82acb9
TreeHugger Robot authored 7 years ago

ed82acb9

Apr 02, 2017
- Merge "Remove unused wificond sepolicy privilges" into oc-dev · 3c0561b1
  Ningyuan Wang authored 7 years ago
  
  am: a299bc80 Change-Id: I94b99a1ace48fafeb47280d1d6764cac70fb9464
  3c0561b1
- Merge "Remove unused wificond sepolicy privilges" into oc-dev · a299bc80
  Ningyuan Wang authored 7 years ago
  
  a299bc80
Apr 01, 2017

Merge "Ban core components from accessing vendor data types" into oc-dev · f9b6368a
Jeffrey Vander Stoep authored 7 years ago
```
am: 814edf8c

Change-Id: I9a8cd19a081ab7731f8caf098e406d0af9ce9c48
```
f9b6368a
Merge "Ban core components from accessing vendor data types" into oc-dev · 814edf8c
Jeffrey Vander Stoep authored 7 years ago

814edf8c

Ban core components from accessing vendor data types · 50563c03

Jeff Vander Stoep authored 7 years ago

Vendor and system components are only allowed to share files by
passing open FDs over HIDL. Ban all directory access and all file
accesses other than what can be applied to an open FD such as
ioctl/stat/read/write/append.

This commit asserts that core components marked with attribute
coredomain may only access core data types marked with attribute
core_data_file_type.

A temporary exemption is granted to domains that currently rely on
access.

(cherry picked from commit cd97e710)

Bug: 34980020
Test: build Marlin policy
Change-Id: I2f0442f2628fbac1f2f7aa5ddf2a13e16b2546cc

50563c03

Merge "Refactor sanitized library on-disk layout - SELinux." into oc-dev · 99575587
Vishwath Mohan authored 7 years ago
```
am: 45f699c7

Change-Id: Ib868a803f480a3c756102e59d49275b6eb4e6372
```
99575587
Merge "Refactor sanitized library on-disk layout - SELinux." into oc-dev · 45f699c7
TreeHugger Robot authored 7 years ago

45f699c7
Merge "domain: grant all domains access to zoneinfo" into oc-dev · 035a0424
Jeff Vander Stoep authored 7 years ago
```
am: 386f9460

Change-Id: Ieba3686f331cfa1c3a0907bf15db188a19d3f140
```
035a0424
Merge "domain: grant all domains access to zoneinfo" into oc-dev · 386f9460
TreeHugger Robot authored 7 years ago

386f9460

Refactor sanitized library on-disk layout - SELinux. · 063de1e0

Vishwath Mohan authored 7 years ago

This CL changes the policy for ASAN files on-disk to support the
changes made by the following CLs -
https://android-review.googlesource.com/#/c/359087/
https://android-review.googlesource.com/#/c/359389/

which refactor the on-disk layout of sanitized libraries in the following
manner -
/data/lib* --> /data/asan/system/lib*
/data/vendor/* --> /data/asan/vendor/*

There are a couple of advantages to this, including better isolation
from other components, and more transparent linker renaming and
SELinux policies.

(cherry picked from commit 33ebdda8)

Bug: 36574794
Bug: 36674745
Test: m -j40 && SANITIZE_TARGET="address" m -j40 and the device
boots. All sanitized libraries are correctly located in /data/asan/*,
and have the right SELinux permissions.

Change-Id: Ib08e360cecc8d77754a768a9af0f7db35d6921a9

063de1e0

Merge "Tighten restrictions on core <-> vendor socket comms" into oc-dev · 6fa700c9
Alex Klyubin authored 7 years ago
```
am: ad80182a

Change-Id: I8ecf3458b0974043e4ded8ed343e8191b01b1942
```
6fa700c9

Remove unused wificond sepolicy privilges · f3443ee7

Ningyuan Wang authored 7 years ago

Bug: 33239267
Test: compile, run wifi, no selinux complaint for wificond
Change-Id: I9b3e874381ac6cd7c6ff1058cc4f313bd85481b8

f3443ee7

Merge "Tighten restrictions on core <-> vendor socket comms" into oc-dev · ad80182a
Alex Klyubin authored 7 years ago

ad80182a

Mar 31, 2017

storaged: allow shell to call dumpsys storaged · 12dc7f20
Jin Qian authored 7 years ago
```
am: a239f30f

Change-Id: Iee8134c83616720639c9ecb55f34c7b8bad9872a
```
12dc7f20

Grant vdc access to kmsg · e9614833

Tom Cherry authored 7 years ago

Init is no longer calling vdc with logwrapper, so it must take care of
logging to kmsg directly.

avc: denied { write } for pid=367 comm="vdc" name="kmsg" dev="tmpfs" ino=11056 scontext=u:r:vdc:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0

Bug: 36278706
Test: observe vdc logging in kmsg on boot and stderr on normal usage

(cherry picked from commit bc4d3630)

Change-Id: Id7bc2fa87518aa0678c09495267c9e198ca8c968

e9614833

Add sepolicy for tv.input · c76e158c

Shubang authored 7 years ago

Test: build, flash; adb shell lshal
Bug: 36562029
Change-Id: If8f6d8dbd99d31e6627fa4b7c1fd4faea3b75cf2

c76e158c

Merge "Add reverse-attribute mapping to sepolicy-analyze." am: cb6f8f02 am: 22b00be7 · bb898002
Daniel Cashman authored 7 years ago
```
am: 537e9e98

Change-Id: Ia100e124b6d1bb4c0f37959acbbca63a26867c9b
```
bb898002
Merge "Add reverse-attribute mapping to sepolicy-analyze." am: cb6f8f02 · 537e9e98
Daniel Cashman authored 7 years ago
```
am: 22b00be7

Change-Id: Id8e7c42e8e92fed47611c083d40c2d574d3d6918
```
537e9e98
Merge "Add reverse-attribute mapping to sepolicy-analyze." · 22b00be7
Daniel Cashman authored 7 years ago
```
am: cb6f8f02

Change-Id: I47b6a0362f268ba1a599ab2354f72357fc7b79cc
```
22b00be7
Merge "Add reverse-attribute mapping to sepolicy-analyze." · cb6f8f02
Daniel Cashman authored 7 years ago

cb6f8f02