Commits · e7e54fac10cce1472fa8667566a7f95754a74ecc · Werner Sembach / AndroidSystemSEPolicy

Apr 25, 2013

Revert "Revert "Split some device nodes out from device."" · e7e54fac

Geremy Condra authored 11 years ago

This reverts commit 1c101164

Restoring now that the conflict with tuna has passed.

Change-Id: I587dab8d7102c913fc03825a006e96d76680858d

e7e54fac

Apr 24, 2013

Revert "Split some device nodes out from device." · 1c101164

Geremy Condra authored 11 years ago

This reverts commit f51e9007

Looks like this caused a build breakage in master, may have a duplicate rule from AOSP.

Change-Id: I4ea83a47baec4ffa2840b5fe50b6f55e1eeda53c

1c101164

Split some device nodes out from device. · f51e9007

repo sync authored 11 years ago

Some of these will get factored out into device-specific
configs later.

Change-Id: I7ea9c22a666b13bca2d867e5bcc7084ed7129de3

f51e9007

Apr 05, 2013

Add the sysrq_file special file and give ADB write access. · bb2591e5
Geremy Condra authored 12 years ago
```
Change-Id: Ief2d412dddf4cefdf43a26538c4be060df4cc787
```
bb2591e5
Add downloaded file policy. · bfb26e7b
Geremy Condra authored 12 years ago
```
Change-Id: I6f68323cddcf9e13b2a730b8d6b8730587fb4366
```
bfb26e7b
Give the drmserver the ability to connect to the tee. · d381b97e
Geremy Condra authored 12 years ago
```
Bug: 8539042
Change-Id: I6a9c3247688f49bed4a1637c728e77c2e865afd2
```
d381b97e
Allow drmserver to interact with apk_data_file sock_files. · 207c709e
Geremy Condra authored 12 years ago
```
Bug: 8539042
Change-Id: I255930759ce0612f6ec9b931bfe545342ef808fc
```
207c709e
Give drmserver the ability to interact with apk_data_file dirs. · 03d436a4
Geremy Condra authored 12 years ago
```
Bug: 8539042
Change-Id: I87165fd83b1abef9eb7bf4c403714150aaefed6e
```
03d436a4
Allow drmserver to read the wv keys. · 8ee49795
Geremy Condra authored 12 years ago
```
Bug: 8539042
Change-Id: I31e7a3ae6ba783b78c3b38756966950a20f2f2aa
```
8ee49795
Allow dhcpd to interact with ttys. · 47020462
Geremy Condra authored 12 years ago
```
Bug: 8539042
Change-Id: I27bcc4a485b031d54e17b03164642821d546e62f
```
47020462

Give domains read access to security_file domain. · 7bb2a55c

William Roberts authored 12 years ago

/data/security is another location that policy
files can reside. In fact, these policy files
take precedence over their rootfs counterparts
under certain circumstances. Give the appropriate
players the rights to read these policy files.

Change-Id: I9951c808ca97c2e35a9adb717ce5cb98cda24c41

7bb2a55c

run-as policy fixes. · 74ba8c86

Stephen Smalley authored 11 years ago

- Remove dac_read_search as it is no longer required by run-as.
- Introduce a separate type for /dev/tty so that we can allow use of own tty for
for a run-as shell without allowing access to other /dev/tty[0-9]* nodes.
- Allow sigchld notifications for death of run-as and its descendants by adbd.
- Drop redundant rules for executing shell or system commands from untrusted_app;
now covered by rules in app.te.

Change-Id: Ic3bf7bee9eeabf9ad4a20f61fbb142a64bb37c6c

74ba8c86

Add new domains for private apps. · ffd8c441

Robert Craig authored 12 years ago


/data/app-private is used when making an
app purchase or forward locking. Provide a
new label for the directory as well as the
tmp files that appear under it.

Change-Id: I910cd1aa63538253e10a8d80268212ad9fc9fca5
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>

ffd8c441

Drop SELinux management rules from AOSP. · 142480a8

Stephen Smalley authored 12 years ago


As AOSP does not support the device admin API or the older
SEManager system app, just drop the allow rules associated with
permitting SELinux management via device admin or a system app.

Change-Id: Icdf40c9e6d343b19c156e4c7aea4cfb8c5f234ad
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

142480a8

Document the relevant tests associated with specific rules. · 10a2ac24
Stephen Smalley authored 12 years ago
```
Change-Id: I09b4e33b1c9ea201a96d2f07cb74bdb804b5aad2
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
```
10a2ac24

Do not allow reading all directories for the CTS. · a019e4f1

Stephen Smalley authored 12 years ago


The test gracefully handles unreadable directories, so
we do not need to allow this for all file types.

Change-Id: Ib5f5be7cacc3f0270b72c046200cc3d21f3fc374
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

a019e4f1

Allow all domains to read /dev symlinks. · 0e856a02

Stephen Smalley authored 12 years ago


Change-Id: I448a5553937a98775178b94f289ccb45ae862876
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

0e856a02

Allow apps to execute the shell or system commands unconditionally. · 62508bf4
Stephen Smalley authored 12 years ago
```
Change-Id: I54af993bd478d6b8d0462d43950bb1a991131c82
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
```
62508bf4

Remove unnecessary rules. · 0141ccd0

Stephen Smalley authored 12 years ago


Redundant with other rules or not required for untrusted app.

Change-Id: Idb5d50326cc14696423cf133508c0d013c5928a6
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

0141ccd0

Allow fstat of platform app /data/data files. · 0677cb2e

Stephen Smalley authored 12 years ago


Change-Id: I8d46a809c08cd21b0d6c3173998035ab3cc79ada
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

0677cb2e

Coalesce rules for allowing execution of shared objects by app domains. · b5f6977a
Stephen Smalley authored 12 years ago
```
Change-Id: I809738e7de038ad69905a77ea71fda4f25035d09
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
```
b5f6977a

Strip unnecessary trailing semicolon on macro calls. · 9de4c692

Stephen Smalley authored 12 years ago


Change-Id: I013e08bcd82a9e2311a958e1c98931f53f6720c9
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

9de4c692

Allow all domains to read the log devices. · 81fe5f7c

Stephen Smalley authored 12 years ago


Read access to /dev/log/* is no longer restricted.
Filtering on reads is performed per-uid by the kernel logger driver.

Change-Id: Ia986cbe66b84f3898e858c60f12c7f3d63ac47cf
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

81fe5f7c

Allow ueventd to relabel sysfs nodes. · 4e0e74ed

Stephen Smalley authored 12 years ago


Required for If8b8d66120453123c1371ce063b6f20e8b96b6ef .

Change-Id: I98871b957db8b291cbbb827b5eb39b4279ce4194
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

4e0e74ed

Remove unneeded device type. · 507304c2

Robert Craig authored 12 years ago


timerirq_device has been removed in favor
of using the existing sensors_device domain.

Change-Id: I503e4a511c2901890356559c0afb971392b4ec6f
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>

507304c2

Increase policy version to 26. · b86d472f

Stephen Smalley authored 12 years ago


Increase the SELinux policy version to 26.  This is needed
for name-based transitions used by the manta sepolicy.
Requires kernel 3.0 or higher.

Change-Id: I046fa9f7122f77506c70b2c735345bc0194935df
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

b86d472f

Apr 03, 2013
- Merge "Add the sys_resource capability to sdcardd." into jb-mr2-dev · 404fc4fa
  Geremy Condra authored 12 years ago
  
  404fc4fa
- Fix various SELinux denials. · 2c831009
  Geremy Condra authored 12 years ago
  
  Change-Id: I73a2b841ab3399b7528b8084a5c4736e6ecea48a
  2c831009
Mar 29, 2013

Add the sys_resource capability to sdcardd. · 1ac712f7
Geremy Condra authored 12 years ago
```
Change-Id: I0b2ecdbddbed3d5ea1617c9ae9af7f8b1c9ace93
```
1ac712f7

Add the ability to stat files under /cache for media_app. · 4387956f

Geremy Condra authored 12 years ago

This feels like a hidden bug- it shouldn't be trying to
stat everything under /cache anyways- but allowing for now.

Change-Id: Ib5ddfbb408c9f0b6c6218c78a678fcdb09360ccd

4387956f

Add remount capability to Zygote. · 06575ee4

Geremy Condra authored 12 years ago

This is a consequence of https://googleplex-android-review.googlesource.com/#/c/278069/

Change-Id: I9b310860534a80e7145950f6c632cf5ba0ad56a7

06575ee4

Add a key directory argument to insertkeys.py · 020b5ff6

Geremy Condra authored 12 years ago

This allows us to better integrate key selection with our existing
build process.

Change-Id: I6e3eb5fbbfffb8e31c5edcf16f74df7c38abe537

020b5ff6

Drop MLS separation for compatibility. · 8abf01ac
Geremy Condra authored 12 years ago
```
Change-Id: I555361d732b8f1bdc90c231a3183a85526a5a558
```
8abf01ac
Add policy for __properties__ device. · c529c66f
Geremy Condra authored 12 years ago
```
Change-Id: Ie9b391283362fb6930f1ae858f0a879835c91e32
```
c529c66f

Mar 28, 2013
- am f4d5f3e1 : Merge "Add missing seinfo tag from mac_permissions.xml policy." · 7c8e6d4a
  Geremy Condra authored 12 years ago
  
  * commit 'f4d5f3e1': Add missing seinfo tag from mac_permissions.xml policy.
  7c8e6d4a
- Merge "Add missing seinfo tag from mac_permissions.xml policy." · f4d5f3e1
  Geremy Condra authored 12 years ago
  
  f4d5f3e1
- am 2ae799e4 : Drop separate domain for browser. · 7a80915f
  Stephen Smalley authored 12 years ago
  
  * commit '2ae799e4': Drop separate domain for browser.
  7a80915f
- am 0ecb0f88 : Eliminate most of the app policy booleans. · 882f7ee2
  Stephen Smalley authored 12 years ago
  
  * commit '0ecb0f88': Eliminate most of the app policy booleans.
  882f7ee2
- Drop separate domain for browser. · 2ae799e4
  Stephen Smalley authored 12 years ago
  
  Change-Id: Ib37b392cb6f6d3fb80852b9a2a6547ab86cd9bff Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
  2ae799e4
- Eliminate most of the app policy booleans. · 0ecb0f88
  Stephen Smalley authored 12 years ago
  
  Just allow them unconditionally for compatibility. Change-Id: I85b56532c6389bdfa25731042b98d8f254bd80ee Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
  0ecb0f88