Commits · 88ce951d89c4c4ad4d870ca34cc5bdcc8b60f54d · Werner Sembach / AndroidSystemSEPolicy

Jan 09, 2014

Create new conditional userdebug_or_eng · 88ce951d

Nick Kralevich authored 11 years ago

Create a new m4 macro called userdebug_or_eng. Arguments
passed to this macro are only emitted if we're performing
a userdebug or eng build.

Merge shell.te and shell_user.te and eliminate duplicate
lines. Same for su.te and su_user.te

Change-Id: I8fbabca65ec392aeafd5b90cef57b5066033fad0

88ce951d

Dec 16, 2013

initial dumpstate domain · 09e6abd9

Nick Kralevich authored 11 years ago

Add the necessary rules to support dumpstate.
Start off initially in permissive until it has more testing.

Dumpstate is triggered by running "adb bugreport"

Change-Id: Ic17a60cca1f6f40daa4f2c51e9ad6009ef36cfbd

09e6abd9

Dec 02, 2013

Restrict the ability to set SELinux enforcing mode to init. · d99e6d5f

Stephen Smalley authored 11 years ago


Also make su and shell permissive in non-user builds to allow
use of setenforce without violating the neverallow rule.

Change-Id: Ie76ee04e90d5a76dfaa5f56e9e3eb7e283328a3f
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

d99e6d5f

Oct 21, 2013

Move unconfined domains out of permissive mode. · 353c72e3

Nick Kralevich authored 11 years ago

This change removes the permissive line from unconfined
domains. Unconfined domains can do (mostly) anything, so moving
these domains into enforcing should be a no-op.

The following domains were deliberately NOT changed:
1) kernel
2) init

In the future, this gives us the ability to tighten up the
rules in unconfined, and have those tightened rules actually
work.

When we're ready to tighten up the rules for these domains,
we can:

1) Remove unconfined_domain and re-add the permissive line.
2) Submit the domain in permissive but NOT unconfined.
3) Remove the permissive line
4) Wait a few days and submit the no-permissive change.

For instance, if we were ready to do this for adb, we'd identify
a list of possible rules which allow adbd to work, re-add
the permissive line, and then upload those changes to AOSP.
After sufficient testing, we'd then move adb to enforcing.
We'd repeat this for each domain until everything is enforcing
and out of unconfined.

Change-Id: If674190de3262969322fb2e93d9a0e734f8b9245

353c72e3

Sep 27, 2013

Make sure exec_type is assigned to all entrypoint types. · 01301549

Stephen Smalley authored 11 years ago


Some file types used as domain entrypoints were missing the
exec_type attribute.  Add it and add a neverallow rule to
keep it that way.

Change-Id: I7563f3e03940a27ae40ed4d6bb74181c26148849
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

01301549

May 15, 2013
- Move domains into per-domain permissive mode. · 50e37b93
  repo sync authored 11 years ago
  
  Bug: 4070557 Change-Id: I027f76cff6df90e9909711cb81fbd17db95233c1
  50e37b93
Nov 01, 2012
- Revert "Include su.te only for userdebug/eng builds." · 9ceb47b0
  Kenny Root authored 12 years ago
  
  This reverts commit af56ac19. Change-Id: Id658a90b58ea31365051c0878c58393fd055fc69
  9ceb47b0
Jul 18, 2012
- Include su.te only for userdebug/eng builds. · af56ac19
  Matt Finifter authored 12 years ago
  
  Change-Id: Ia544f13910abbe5e9f6a6cafae397415a41a7a94
  af56ac19
Jan 04, 2012
- SE Android policy. · 2dd4e51d
  Stephen Smalley authored 13 years ago
  
  2dd4e51d