Commits · d7b8338e71a1868de06634ca4b2663047c2480ec · Werner Sembach / AndroidSystemSEPolicy

Mar 23, 2017

Merge "Initial sepolicy for vndservicemanager." am: 4dd14f69 · d7b8338e
Martijn Coenen authored 8 years ago
```
am: 392c86e9

Change-Id: Id520704ad8a2be81648c33d2d1ef4a865badacd0
```
d7b8338e
Merge "Initial sepolicy for vndservicemanager." · 392c86e9
Martijn Coenen authored 8 years ago
```
am: 4dd14f69

Change-Id: I60c3e0f1441aa4f548b1875e68f49c2047bf74e4
```
392c86e9
Merge "Initial sepolicy for vndservicemanager." · 4dd14f69
Martijn Coenen authored 8 years ago

4dd14f69
Allow hals to read hwservicemanager prop. am: d3ce5dc3 · 4c013db7
Steven Moreland authored 8 years ago
```
am: d437f0e0

Change-Id: Ib72b4435a8173a213f1ddb3331afc0bebf991029
```
4c013db7
Allow hals to read hwservicemanager prop. · d437f0e0
Steven Moreland authored 8 years ago
```
am: d3ce5dc3

Change-Id: Ifd66a82a429b18f6e0077b042dccef38ddcd636d
```
d437f0e0

Allow hals to read hwservicemanager prop. · d3ce5dc3

Steven Moreland authored 8 years ago

Test: no relevant denials on marlin while booting
Test: no relevant denials on angler while booting
Bug: 36278706
Change-Id: Ieba79e1c8fca4f74c63bc63e6dd0bdcf59204ca2

d3ce5dc3

Initial sepolicy for vndservicemanager. · e7d8f4c3

Martijn Coenen authored 8 years ago

vndservicemanager is the context manager for binder services
that are solely registered and accessed from vendor processes.

Bug: 36052864
Test: vendorservicemanager runs
Merged-In: Ifbf536932678d0ff13d019635fe6347e185ef387
Change-Id: I430f1762eb83825f6cd4be939a69d46a8ddc80ff

e7d8f4c3

Mar 22, 2017

Merge "Grant additional permissions for ASAN builds" am: 63211f8d · 8f0abfec
Jeff Vander Stoep authored 8 years ago
```
am: 1c05f800

Change-Id: Icb9150c5828272df8ccfce8a4145df2f3c987c45
```
8f0abfec
Merge "Grant additional permissions for ASAN builds" · 1c05f800
Jeff Vander Stoep authored 8 years ago
```
am: 63211f8d

Change-Id: If8aa9152a643522fc896b7a412d3fafb19043649
```
1c05f800
Merge "Grant additional permissions for ASAN builds" · 63211f8d
Treehugger Robot authored 8 years ago

63211f8d
Merge "dumpstate: allow HALs to read /proc/interrupts" am: 871e44c4 · e43f5c97
Sandeep Patil authored 8 years ago
```
am: e2f8626e

Change-Id: If401e4107787e6620ed31115c45b7d594812dbe5
```
e43f5c97
Merge "dumpstate: allow HALs to read /proc/interrupts" · e2f8626e
Sandeep Patil authored 8 years ago
```
am: 871e44c4

Change-Id: I1c261dc247b93306c6d1a70dd0014532c84843c5
```
e2f8626e
Merge "dumpstate: allow HALs to read /proc/interrupts" · 871e44c4
Treehugger Robot authored 8 years ago

871e44c4
Merge "hwservicemanager: halserverdomain" am: 6456542f · 23bf2d44
Steven Moreland authored 8 years ago
```
am: 3d49330b

Change-Id: I1ceaf1d95f07b8c4635a6055384cf6dcff932d51
```
23bf2d44
Merge "hwservicemanager: halserverdomain" · 3d49330b
Steven Moreland authored 8 years ago
```
am: 6456542f

Change-Id: I353c8d695a5c995f72fe865f27682a05011f8f55
```
3d49330b
Merge "hwservicemanager: halserverdomain" · 6456542f
Treehugger Robot authored 8 years ago

6456542f

Grant additional permissions for ASAN builds · 74434848

Jeff Vander Stoep authored 8 years ago

ASAN builds may require additional permissions to launch processes
with ASAN wrappers. In this case, system_server needs permission to
execute /system/bin/sh.

Create with_asan() macro which can be used exclusively on debug
builds. Note this means that ASAN builds with these additional
permission will not pass the security portion of CTS - like any
other debug build.

Addresses:
avc: denied { execute } for name="sh" dev="dm-0" ino=571
scontext=u:r:system_server:s0 tcontext=u:object_r:shell_exec:s0
tclass=file

Test: lunch aosp_marlin-userdebug;
      cd system/sepolicy; mm SANITIZE_TARGET=address;
      Verify permissions granted using with_asan() are granted.
Test: lunch aosp_marlin-userdebug;
      cd system/sepolicy; mm;
      Verify permissions granted using with_asan() are not granted.
Test: lunch aosp_marlin-user;
      cd system/sepolicy; mm SANITIZE_TARGET=address;
      Verify permissions granted using with_asan() are not granted.
Bug: 36138508
Change-Id: I6e39ada4bacd71687a593023f16b45bc16cd7ef8

74434848

dumpstate: allow HALs to read /proc/interrupts · a866a416

Sandeep Patil authored 8 years ago


/proc/interrupts may be dumped by dumpstate HAL if required.

Bug: 36486169
Test: 'adb shell bugreport' on sailfish

Change-Id: Ifc41a516aeea846bc56b86b064bda555b43c58ed
Signed-off-by: Sandeep Patil <sspatil@google.com>

a866a416

Merge "wpa_supplicant: Remove unnecessary permissions from system_server" am: e1a350a0 · 180a6882
Roshan Pius authored 8 years ago
```
am: 79005214

Change-Id: Icf0aefc596f8c3df64be9bc68b4c1f4243059747
```
180a6882
Merge "wpa_supplicant: Remove unnecessary permissions from system_server" · 79005214
Roshan Pius authored 8 years ago
```
am: e1a350a0

Change-Id: Ib2f28bdd5aa8dc1a6641f3f114965ac3ddec17e2
```
79005214
Merge "wpa_supplicant: Remove unnecessary permissions from system_server" · e1a350a0
Treehugger Robot authored 8 years ago

e1a350a0
Merge "app.te: prevent locks of files on /system" am: cc45b87c · acc1701f
Nick Kralevich authored 8 years ago
```
am: 6fcbd0f5

Change-Id: Ibc6947686cc6edf439e25cda9aaf5b1444da6c8c
```
acc1701f
Merge "app.te: prevent locks of files on /system" · 6fcbd0f5
Nick Kralevich authored 8 years ago
```
am: cc45b87c

Change-Id: I17fe3e79b7f673a0703be5be7bb93838cd2f7ed6
```
6fcbd0f5
Merge "app.te: prevent locks of files on /system" · cc45b87c
Treehugger Robot authored 8 years ago

cc45b87c
Merge "Remove unnecessary binder_call from cameraserver" am: bbe7213f · 52cc23c9
Alex Klyubin authored 8 years ago
```
am: a6445395

Change-Id: I7c47721f7fd0c30ce20c4948e412c1bb0d5b34f1
```
52cc23c9
Merge "Remove unnecessary binder_call from cameraserver" · a6445395
Alex Klyubin authored 8 years ago
```
am: bbe7213f

Change-Id: I0c82b4e73e54cf7ac1f434c97558bd3cef3c36e7
```
a6445395
Merge "Remove unnecessary binder_call from cameraserver" · bbe7213f
Treehugger Robot authored 8 years ago

bbe7213f

wpa_supplicant: Remove unnecessary permissions from system_server · f27e8f09

Roshan Pius authored 8 years ago

Now that the android wifi framework has fully switched over to HIDL,
remove the sepolicy permissions for accessing wpa_supplicant using
socket control interface.

While there, also removed the redundant |hwbinder_use|.

Bug: 35707797
Test: Device boots up and able to connect to wifi networks.
Test: Wifi integration tests passed.
Change-Id: I55e24b852558d1a905b189116879179d62bdc76c

f27e8f09

app.te: prevent locks of files on /system · 92c44a57

Nick Kralevich authored 8 years ago

Prevent app domains (processes spawned by zygote) from acquiring
locks on files in /system. In particular, /system/etc/xtables.lock
must never be lockable by applications, as it will block future
iptables commands from running.

Test: device boots and no obvious problems.
Change-Id: Ifd8dc7b117cf4a622b30fd4fffbcab1b76c4421b

92c44a57

hwservicemanager: halserverdomain · e91cbcba

Steven Moreland authored 8 years ago

Test: no neverallows triggered
Bug: 36494354
Change-Id: I52e21a9be5400027d4e96a8befdd4faaffb06a93

e91cbcba

Merge "Fix sepolicy for Gatekeeper HAL" am: 9d5f97b3 · 5939dc8d
Janis Danisevskis authored 8 years ago
```
am: dfded77d

Change-Id: I3a6e966ad54f4ea505dacb5c60269cc733e9212c
```
5939dc8d
Merge "Remove unused hal_impl_domain macro" am: 6de0d9a7 · 52c5bde4
Alex Klyubin authored 8 years ago
```
am: fbd22279

Change-Id: I3c1c3d20bd28b656087643891b3a7d37aed6e01c
```
52c5bde4
Merge "Fix sepolicy for Gatekeeper HAL" · dfded77d
Janis Danisevskis authored 8 years ago
```
am: 9d5f97b3

Change-Id: Ic75010f7e11129e879a7eea1605969f2511f6fc9
```
dfded77d
Merge "Remove unused hal_impl_domain macro" · fbd22279
Alex Klyubin authored 8 years ago
```
am: 6de0d9a7

Change-Id: I7f971d6f1a9fe4247490070f2f00bede2b828494
```
fbd22279
Merge "Fix sepolicy for Gatekeeper HAL" · 9d5f97b3
Treehugger Robot authored 8 years ago

9d5f97b3

Mar 21, 2017
- Merge "Remove unused hal_impl_domain macro" · 6de0d9a7
  Alex Klyubin authored 8 years ago
  
  6de0d9a7
- Merge "Disallow access to proc_net for ephemeral_app" am: 2e7fa9d8 · 1c4472a9
  Chad Brubaker authored 8 years ago
  
  am: 98c4f82e Change-Id: Ib55c8c4accd5a25aa0908ca9e496e0b1bce3d97a
  1c4472a9
- Merge "Disallow access to proc_net for ephemeral_app" · 98c4f82e
  Chad Brubaker authored 8 years ago
  
  am: 2e7fa9d8 Change-Id: I85d2895bb6f44bf3461214e4c679954a79b30cee
  98c4f82e
- Merge "Disallow access to proc_net for ephemeral_app" · 2e7fa9d8
  Chad Brubaker authored 8 years ago
  
  2e7fa9d8
- Merge "Enforce one HAL per domain." am: d3266558 · 5499a78f
  Jeff Vander Stoep authored 8 years ago
  
  am: 35823ad0 Change-Id: I53b1c43e6ca7c4978c082092a9015313e2c53eea
  5499a78f