- May 09, 2017
-
-
Dan Cashman authoredAdd new build variables for partner customization (additions) to platform sepolicy. This allows partners to add their own policy without having to touch the AOSP sepolicy directories and potentially disrupting compatibility with an AOSP system image. Bug: 36467375 Test: Add public and private files to sailfish policy and verify that they are added to the appropriate policy files, but that the policy is otherwise identical. Also add private/mapping/*.cil files in both locations and change the BOARD_SEPOLICY_VERS to trigger use of prebuilt mapping files and verify that they are appropriately combined and built in policy. Change-Id: I38efe2248520804a123603bb050bba75563fe45c
-
- May 08, 2017
-
-
Mark Salyzyn authored
Merge "init: add "+passcred" for socket to set SO_PASSCRED" am: ca0a352a am: c8fd16c7 am: 198c5c79 am: 4de008fb Change-Id: I38f8c83d8b8971b0c614374297c2f73cf06c4dc6
-
Mark Salyzyn authored
am: 198c5c79 Change-Id: Ifc4b22ec15a64f6990512666206c3ee8834defba
-
Mark Salyzyn authored
am: c8fd16c7 Change-Id: I49e7c18e18a400147e1662304d39e25eeae51c55
-
Mark Salyzyn authored
am: ca0a352a Change-Id: If463e73dce4db829206a4907a5fa12bfbe347fb9
-
Mark Salyzyn authored
-
Nick Kralevich authored
am: c4df0d71 Change-Id: Id7db26226955d9ce15481db62988d872d8114299
-
Nick Kralevich authored
am: 1ffa6f80 Change-Id: I4e1669df2067738858c2d7a1e79e0a153cfeef5b
-
Nick Kralevich authored
am: b49bc821 Change-Id: I4e13baad4cc463142b5899855e0613c5ea829c8d
-
Nick Kralevich authored
am: 07667733 Change-Id: I0263926bbc950f0186bdd9a7fa3eb8b8f9072ee0
-
Treehugger Robot authored
-
Mikhail Naganov authored
hal_audio: Allow writing dump info into pipes when capturing BR am: 9686cbcd am: 4aac6fdb am: b00a85c3 am: da694ced Change-Id: I49f744a649467f812b441081ea83fcbbae948f23
-
Mikhail Naganov authored
am: b00a85c3 Change-Id: I82f7934d824a35644263eb298d6c2c5eb018c8b5
-
Mikhail Naganov authored
am: 4aac6fdb Change-Id: I1614f394e0f0c071705e3696d3dd8124e72c24c2
-
Mikhail Naganov authored
am: 9686cbcd Change-Id: Id0bacbd2022c24615b9e99108af1a8510be248fb
-
Nick Kralevich authored
Remove SELinux access from domain_deprecated. Access to SELinux APIs can be granted on a per-domain basis. Remove appdomain access to SELinux APIs. SELinux APIs are not public and are not intended for application use. In particular, some exploits poll on /sys/fs/selinux/enforce to determine if the attack was successful, and we want to ensure that the behavior isn't allowed. This access was only granted in the past for CTS purposes, but all the relevant CTS tests have been moved to the shell domain. Bug: 27756382 Bug: 28760354 Test: Device boots and no obvious problems. No collected denials. Change-Id: Ide68311bd0542671c8ebf9df0326e512a1cf325b
-
Mark Salyzyn authored
In the init scripts for socket, the type can have a suffix of "+cred" to request that the socket be bound to report SO_PASSCRED credentials on socket transactions. Here we add socket setopt to selinux rules. Test: gTest logd-unit-tests --gtest_filter=logd.statistics right after boot (fails without logd.rc change) Bug: 37985222 Change-Id: I37cdf7eea93c3e8fa52964e765eaf3007e431b1f
-
- May 06, 2017
-
-
Jeff Sharkey authored
am: c780facd Change-Id: Ibb1e956361766c292c106da1d84c08469bf8b963
-
Jeff Sharkey authored
am: c659e37c Change-Id: I4d1285c41c77b9e828753b628cfdc76d3e2a3dd9
-
Jeff Sharkey authored
-
- May 05, 2017
-
-
Jeff Sharkey authored
When installd clears cached files on external storage, the sdcardfs kernel filesystem needs to be kept in the loop to release any cached dentries that it's holding onto. (Otherwise the underlying disk space isn't actually released.) installd can already delete the underlying files directly (via the media_rw_data_file rules), so this technically isn't expanding its capabilities. avc: granted { search } for name="/" dev="tmpfs" ino=6897 scontext=u:r:installd:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir avc: denied { open } for path="/mnt/runtime/default/emulated/0/Android/data" dev="sdcardfs" ino=589830 scontext=u:r:installd:s0 tcontext=u:object_r:sdcardfs:s0 tclass=dir permissive=1 avc: denied { write } for name="com.google.android.inputmethod.japanese" dev="sdcardfs" ino=590040 scontext=u:r:installd:s0 tcontext=u:object_r:sdcardfs:s0 tclass=dir permissive=0 avc: denied { remove_name } for name="cache_r.m" dev="sdcardfs" ino=589868 scontext=u:r:installd:s0 tcontext=u:object_r:sdcardfs:s0 tclass=dir permissive=0 avc: denied { getattr } for path="/mnt/runtime/default/emulated/0/Android/data/.nomedia" dev="sdcardfs" ino=589831 scontext=u:r:installd:s0 tcontext=u:object_r:sdcardfs:s0 tclass=file permissive=1 Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.StorageHostTest Bug: 37486230 Change-Id: Icfd00a9ba379b1f50c48fe85849304cf9859bcb2 -
TreeHugger Robot authored
-
Daniel Nicoara authored
am: 3ab87927 Change-Id: Ief090c68370515300a1a38ba9abc4d2a3ed391cb
-
Daniel Nicoara authored
am: 0181f5f1 Change-Id: Iba73223f49b67e48d893256428f4ef1ff97f62c5
-
Daniel Nicoara authored
-
- May 04, 2017
-
-
Mikhail Naganov authored
The following HAL methods use file descriptors to write dump info comprising audioflinger debug dump: IDevice.debugDump IEffectsFactory.debugDump IStream.debugDump Bug: 37993476 Test: check contents of media.audio_flinger section in a bugreport captured on Pixel device Change-Id: I77d347c019ac93c3ba0d54ce50f0fdc243b04685 -
TreeHugger Robot authored
-
TreeHugger Robot authored
-
Nick Kralevich authored
With build/core eaa9d88cf, system_server should not be loading code from /data. https://bugs.chromium.org/p/project-zero/issues/detail?id=955 Bug: 37214733 Bug: 31780877 Test: Device boots and no obvious problems. Test: No collected SELinux denials for build-server generated builds. Change-Id: I37b1e9e6c4555c937730ab491b6c38801b38ad38
-
Andreas Gampe authored
Under ASAN, allow system-server to execute app_process. This is required for wrap-property execution. Bug: 36138508 Test: m && SANITIZE_TARGET m Change-Id: Ic637e5205ea86e0edcd66ab387e89b27afef6b99
-
Dimitry Ivanov authored
am: da2e9165 Change-Id: Iad6538b4836542a6d03f830f95e073c099d6eae8
-
Dimitry Ivanov authored
am: 1696a6e8 Change-Id: I1e5bdf92b84a56f5bdd7731afae6d324128f241a
-
Dimitry Ivanov authored
am: eb80c0db Change-Id: I1b5cbd08d80ba43979da2ab46b40d28ff14a93e8
-
Dimitry Ivanov authored
am: bf030965 Change-Id: I3a10c619ce6e65ce531276ef4f97489605897062
-
Dimitry Ivanov authored
This is needed by linker to be able to load libraries from memfd which currently generated following denial: avc: denied { getattr } for path=2F6D656D66643A666F6F626172202864656C6574656429 dev="tmpfs" ino=902079 scontext=u:r:shell:s0 tcontext=u:object_r:shell_tmpfs:s0 tclass=file permissive=0 Bug: http://b/37245203 Bug: http://b/37916741 Test: builds Change-Id: I5b57b6cada50a62657c8daaaaaa56f1ee9cdb376 (cherry picked from commit a0d3ff8e) -
Dimitry Ivanov authored
am: d8c14e8a Change-Id: Ieb2f49ac368b9a3178d788900b813bc11c5231ed
-
Dimitry Ivanov authored
am: a0d3ff8e Change-Id: I8965be0fe9d6ae9bb3a283731d3df226a5b4173b
-
Dimitry Ivanov authored
This is needed by linker to be able to load libraries from memfd which currently generated following denial: avc: denied { getattr } for path=2F6D656D66643A666F6F626172202864656C6574656429 dev="tmpfs" ino=902079 scontext=u:r:shell:s0 tcontext=u:object_r:shell_tmpfs:s0 tclass=file permissive=0 Bug: http://b/37245203 Bug: http://b/37916741 Test: builds Change-Id: I5b57b6cada50a62657c8daaaaaa56f1ee9cdb376 -
Peng Xu authored
Allow sensor hal to sue gralloc handle and access ion device so that sensor direct report feature can function correctly when HardwareBuffer shared memory is used. Test: SensorDirectReportTest passes without setenforce 0 Change-Id: I2068f6f4a8ac15da40126892e1326e0b90a6576f
-
Ian Pedowitz authored
am: 998c2ff9 Change-Id: Iaee20b097f4cb7b36eb39deef3b2ce8ceb70fc67
-