Commits · 84d816903cc68b46d3598128b76c074ca2195ff3 · Werner Sembach / AndroidSystemSEPolicy

May 18, 2017

Removing UDP access for hal_gnss · 799c2349

Wyatt Riley authored 7 years ago

Underlying data services setup no longer needs this

Bug: 35757613
Bug: 36085168
Test: GPS, XTRA & avc denial checks
Change-Id: I679ee70f65f34d5a7d1fc1f1fe92af6a92ec92c5

799c2349

Mar 21, 2017

Enforce one HAL per domain. · 84b96a6b

Jeff Vander Stoep authored 8 years ago

HALs are intended to be limited responsibility and thus limited
permission. In order to enforce this, place limitations on:
1. What processes may transition into a HAL - currently only init
2. What methods may be used to transition into a HAL - no using
   seclabel
3. When HALs exec - only allow exec with a domain transition.

Bug: 36376258
Test: Build aosp_marlin, aosp_bullhead, aosp_dragon. Neverallow rules
      are compile time assertions, so building is a sufficient test.

Change-Id: If4df19ced730324cf1079f7a86ceba7c71374131

84b96a6b

Mar 14, 2017

Restrict HAL network access to HALS that manage network hardware · f9be765d

Jeff Vander Stoep authored 8 years ago

Only HALs that manage networks need network capabilities and network
sockets.

Test: aosp_marlin and aosp_bullhead policy builds. Note: neverallow
      rules are compile time assertions and do not change the
      on-device policy.
Bug: 36185625

Change-Id: Id64846eac24cf72ed91ce775cecb2c75f11b78df

f9be765d