Commits · ffd57494c1010c843cd1e239fc75e8c6a5270afa · Werner Sembach / AndroidSystemSEPolicy

Jun 04, 2017

Consolidate ctypes boilerplate code, and other cleanup.

Change-Id: I06c1d6acc9511f2f6d491c8ca2d4b630fd4120fd
Test: build policy

ffd57494

Jun 03, 2017
- Merge "Add OWNERS in system/sepolicy" am: e77d9eea am: 05121724 am: 7a31444a · 0c3f6490
  Chih-Hung Hsieh authored 7 years ago
  
  am: 1b70d896 Change-Id: I9aaf78ffb28b8319e2011400f45f34ef93322cb3
  0c3f6490
- Merge changes from topic 'coredomain_compile_test' · abb8793b
  TreeHugger Robot authored 7 years ago
  
  * changes: Run Treble sepolicy tests at build time Fix coredomain violation for modprobe
  abb8793b
- Merge "Add OWNERS in system/sepolicy" am: e77d9eea am: 05121724 · 1b70d896
  Chih-Hung Hsieh authored 7 years ago
  
  am: 7a31444a Change-Id: I71e33a0923e9f17c35b91172c81612d420a10c0b
  1b70d896
- Merge "Add OWNERS in system/sepolicy" am: e77d9eea · 7a31444a
  Chih-Hung Hsieh authored 7 years ago
  
  am: 05121724 Change-Id: I6c8f336aed4833d6c9f9765a8768bba4b496a40e
  7a31444a
- Merge "Add OWNERS in system/sepolicy" · 05121724
  Chih-Hung Hsieh authored 7 years ago
  
  am: e77d9eea Change-Id: I3e4c83d962b1a4c9fbfba83ffd0df5fc8d59c8fc
  05121724
- Merge "Add OWNERS in system/sepolicy" · e77d9eea
  Treehugger Robot authored 7 years ago
  
  e77d9eea
- Add OWNERS in system/sepolicy · bd83bdf8
  Chih-Hung Hsieh authored 7 years ago
  
  Owners are selected from top CL approvals or owners. They will be suggested to review/approve future CLs. Test: build/make/tools/checkowners.py -c -v OWNERS Change-Id: I3d7f4c06209c22dea0d824429d68997f7179985f
  bd83bdf8
- crash_dump_fallback: allow dumpstate:fd use. am: 17885f14 am: a3a8a3a0 am: 8714f9e0 · 08a04202
  Josh Gao authored 7 years ago
  
  am: bef02a9e Change-Id: Ibf9d8b3ec662bebc625cefe9380ef33c345b95fb
  08a04202
- crash_dump_fallback: allow dumpstate:fd use. am: 17885f14 am: a3a8a3a0 · bef02a9e
  Josh Gao authored 7 years ago
  
  am: 8714f9e0 Change-Id: I669acdf32d54f9456268d3bfe43e1a114f3b96fd
  bef02a9e
- Merge "crash_dump_fallback: allow dumpstate:fd use." into oc-dev am: f378708c · a1cb00cc
  Josh Gao authored 7 years ago
  
  am: dbf8d028 Change-Id: Ic7504601de554becfefe1639b5f891079d24ff65
  a1cb00cc
- Merge "crash_dump_fallback: allow dumpstate:fd use." into oc-dev · dbf8d028
  Josh Gao authored 7 years ago
  
  am: f378708c Change-Id: Ia51ea7ccf0974ed1bacfea950571c6e10ed2b1bf
  dbf8d028
- crash_dump_fallback: allow dumpstate:fd use. am: 17885f14 · 8714f9e0
  Josh Gao authored 7 years ago
  
  am: a3a8a3a0 Change-Id: I63084a04ffe9d88aa6aadf5fbb9b7baa98ff3e35
  8714f9e0
- Merge "crash_dump_fallback: allow dumpstate:fd use." into oc-dev · f378708c
  Josh Gao authored 7 years ago
  
  f378708c
Jun 02, 2017

crash_dump_fallback: allow dumpstate:fd use. · a3a8a3a0
Josh Gao authored 7 years ago
```
am: 17885f14

Change-Id: I46546950720c4d3fa907f32a2af9ab42caa448ba
```
a3a8a3a0

Run Treble sepolicy tests at build time · e1ddc6df

Jeff Vander Stoep authored 7 years ago

Bug: 37008075
Test: build policy on Marlin
Change-Id: I53748f94c5df66fa17a53e7d0bed1be6b8603544

e1ddc6df

Fix coredomain violation for modprobe · 9e366a0e

Sandeep Patil authored 7 years ago


modprobe domain was allowed to launch vendor toolbox even if its a
coredomain. That violates the treble separation. Fix that by creating a
separate 'vendor_modprobe' domain that init is allowed to transition to
through vendor_toolbox.

Bug: 37008075
Test: Build and boot sailfish

Change-Id: Ic3331797691bb5d1fdc05a674aa4aa313e1f86b2
Signed-off-by: Sandeep Patil <sspatil@google.com>

9e366a0e

crash_dump_fallback: allow dumpstate:fd use. · 2a00056a

Josh Gao authored 7 years ago

Bug: http://b/62297059
Test: mma
Merged-In: Ibcd93e5554a9c2dd75fbfb42294fbc9b96ebc8cc
Change-Id: Ibcd93e5554a9c2dd75fbfb42294fbc9b96ebc8cc
(cherry picked from commit 17885f14)

2a00056a

crash_dump_fallback: allow dumpstate:fd use. · 17885f14
Josh Gao authored 7 years ago
```
Bug: http://b/62297059
Test: mma
Change-Id: Ibcd93e5554a9c2dd75fbfb42294fbc9b96ebc8cc
```
17885f14

Jun 01, 2017
- Merge "Add missing sepolicies for OemLock HAL." into oc-dev am: 60e4fd9d · f387ecf3
  Andrew Scull authored 7 years ago
  
  am: 39a81fd5 Change-Id: I0e7a02ff77ef0e6490a481229e042145c9dfb89a
  f387ecf3
- Merge "Add missing sepolicies for the Weaver HAL." into oc-dev am: cd267450 · 69367b37
  Andrew Scull authored 7 years ago
  
  am: e8d4bec7 Change-Id: I14ea238856a8401427b02747ebb2c5750cc5e85f
  69367b37
- Merge "Add missing sepolicies for OemLock HAL." into oc-dev · 39a81fd5
  Andrew Scull authored 7 years ago
  
  am: 60e4fd9d Change-Id: I1628907aeb743c3cb0938e7993237206523fdeb5
  39a81fd5
- Merge "Add missing sepolicies for the Weaver HAL." into oc-dev · e8d4bec7
  Andrew Scull authored 7 years ago
  
  am: cd267450 Change-Id: I20479829d542df345275c0c2b4512788a30fba4c
  e8d4bec7
- Merge "Add missing sepolicies for OemLock HAL." into oc-dev · 60e4fd9d
  TreeHugger Robot authored 7 years ago
  
  60e4fd9d
- Merge "Add missing sepolicies for the Weaver HAL." into oc-dev · cd267450
  TreeHugger Robot authored 7 years ago
  
  cd267450
- resolve merge conflicts of e664e80a to oc-dev-plus-aosp · 8cb67753
  Neil Fuller authored 7 years ago
  
  am: 911e236a -s ours Change-Id: I0a1cf351e40f81c1ee26bc5b722f99ae4e242b7e
  8cb67753
- resolve merge conflicts of e664e80a to oc-dev-plus-aosp · 911e236a
  Neil Fuller authored 7 years ago
  
  Test: I solemnly swear I tested this conflict resolution. Change-Id: Icadf7c72ad173c134d3e95bb5b93c2b54b1b703e
  911e236a
- Merge "allow modprobe to load signed kernel modules" into oc-dev am: fc1d8d99 · f64e4df3
  Steve Muckle authored 7 years ago
  
  am: 06a4b61b Change-Id: I50d8c90eaba6161e839ceb9fc87a41540e15eead
  f64e4df3
- Merge "allow modprobe to load signed kernel modules" into oc-dev · 06a4b61b
  Steve Muckle authored 7 years ago
  
  am: fc1d8d99 Change-Id: Id41f7097fd0a48739293d4f8f06f296d0f189684
  06a4b61b
- Merge "allow modprobe to load signed kernel modules" into oc-dev · fc1d8d99
  TreeHugger Robot authored 7 years ago
  
  fc1d8d99
- Allow bootctl HAL to access misc block device. am: b0d59450 · b17b7637
  Andrew Scull authored 7 years ago
  
  am: 7c4f46b5 Change-Id: I88aa64b8847456f66310d632ee86929a76dfaf7b
  b17b7637
- Allow bootctl HAL to access misc block device. · 7c4f46b5
  Andrew Scull authored 7 years ago
  
  am: b0d59450 Change-Id: If85613b84aecf43b0519bb933d925eb1829e3d5e
  7c4f46b5
- Merge "Enable the TimeZoneManagerService" am: 34b4b737 · e664e80a
  Neil Fuller authored 7 years ago
  
  am: 2ff75628 Change-Id: I66cf4111e4d17e698cea7c8dc44d3294ce20a4ac
  e664e80a
- Merge "Enable the TimeZoneManagerService" · 2ff75628
  Neil Fuller authored 7 years ago
  
  am: 34b4b737 Change-Id: If25147ce3439abd0ab4a3abc1e330b373e43d9cb
  2ff75628
- allow modprobe to load signed kernel modules · 53add31a
  Steve Muckle authored 7 years ago
  
  Modprobe requires this permission or the following denial will prevent loading of signed kernel modules: audit: type=1400 audit(27331649.656:4): avc: denied { search } for pid=448 comm="modprobe" scontext=u:r:modprobe:s0 tcontext=u:r:kernel:s0 tclass=key permissive=0 Bug: 62256697 Test: Verified signed module loading on sailfish. Change-Id: Idde41d1ab58e760398190d6686665a252f1823bb
  53add31a
- Merge "Enable the TimeZoneManagerService" · 34b4b737
  Treehugger Robot authored 7 years ago
  
  View commits for tag android-o-preview-3 android-o-preview-3
  
  34b4b737
- Enable the TimeZoneManagerService · ca595e11
  Neil Fuller authored 8 years ago
  
  Add policy changes to enable a new service. The service is currently switched off in config, but this change is needed before it could be enabled. Bug: 31008728 Test: make droid Merged-In: I29c4509304978afb2187fe2e7f401144c6c3b4c6 Change-Id: I29c4509304978afb2187fe2e7f401144c6c3b4c6
  ca595e11
- Merge "Enable the TimeZoneManagerService" · 0a0b6a60
  TreeHugger Robot authored 7 years ago
  
  0a0b6a60
May 31, 2017

Merge "Verify correct application of labels and attributes" · f137fab5
TreeHugger Robot authored 7 years ago

f137fab5

Verify correct application of labels and attributes · 0366afdf

Jeff Vander Stoep authored 7 years ago

With project Treble, we're relying heavily on attributes for
permission inheritance and enforcement of separation between
platform and vendor components.

We neead tests that verify those attributes are correctly applied.
This change adds the framework for those tests including a wrapper
around libsepol for loading and querying policy, and a python module
for running tests on policy and file_contexts.

Included with the testing framework is a test asserting that the
coredomain attribute is only applied to core processes. This
verification is done using the following rules:
1. Domain's entrypoint is on /system - coredomain
2. Domain's entrypoint is on /vendor - not coredomain
3. Domain belongs to a whitelist of known coredomains - coredomain

In a subsequent commit these tests will be applied at build time.
However, I first need to fix existing Treble violations exposed by
this test. These tests will also be applied during CTS.

Test: LD_PRELOAD=$ANDROID_HOST_OUT/lib64/libsepolwrap.so python \
    treble.py -p $OUT/vendor/etc/selinux/precompiled_sepolicy \
    -f $OUT/vendor/etc/selinux/nonplat_file_contexts \
    -f $OUT/system/etc/selinux/plat_file_contexts
Bug: 37008075
Change-Id: I7825f5c2909a5801deaccf2bef2bfd227adb0ae9

0366afdf