aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Remove some priv_app logspam.HEADmasterJoel Galenson2018-04-201-0/+1
| | | | | | | | avc: denied { search } for name="/" scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:fs_bpf:s0 tclass=dir permissive=0 Bug: 72749888 Test: Boot without seeing the denial. Change-Id: Iaf3559928473c68066e6a42ba71655a683861901
* Merge "Allow dumpstate to read the update_engine logs"Tianjie Xu2018-04-201-0/+4
|\
| * Allow dumpstate to read the update_engine logsTianjie Xu2018-04-181-0/+4
| | | | | | | | | | | | | | | | | | | | | | Denial message: avc: denied { read } for pid=2775 comm="dumpstate" name="update_engine_log" dev="sda35" ino=3850274 scontext=u:r:dumpstate:s0 tcontext=u:object_r:update_engine_log_data_file:s0 tclass=dir permissive=0 Bug: 78201703 Test: take a bugreport Change-Id: I2c788c1211812aa0fcf58cee37a6e8f955424849
* | Merge "Remove fixed bug from bug_map."Alan Stokes2018-04-201-1/+0
|\ \
| * | Remove fixed bug from bug_map.Alan Stokes2018-04-181-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | Bug: 77816522 Bug: 73947096 Test: Flashed device, no denial seen Change-Id: Ib2f1fc670c9a76abbb9ff6747fec00fa5bcde5af
* | | A2DP offload: switch to new propertiesPetri Gynther2018-04-191-2/+2
| | | | | | | | | | | | | | | | | | | | | Bug: 63932139 Bug: 76201991 Test: Manual A2DP testing (A2DP offload enabled and disabled) Change-Id: Icebb4a84cf241b3b6bc52e4826fdedd5a73d796a
* | | Neverallow unexpected domains to access bluetooth_prop and wifi_propJaekyun Seok2018-04-181-4/+65
| | | | | | | | | | | | | | | | | | | | | | | | | | | And this CL will remove unnecessary vendor-init exceptions for nfc_prop and radio_prop as well. Bug: 77633703 Test: succeeded building and tested with Pixels Change-Id: I468b8fd907c6408f51419cfb58eb2b8da29118ae
* | | Merge "Allow vendor_init to access unencrypted_data_file"Tom Cherry2018-04-182-7/+37
|\ \ \
| * | | Allow vendor_init to access unencrypted_data_fileTom Cherry2018-04-182-7/+37
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FBE needs to access these files to set up or verify encryption for directories during mkdir. Bug: 77850279 Test: walleye + more restrictions continues to have FBE work Change-Id: I84e201436ce4531d36d1257d932c3e2e772ea05e (cherry picked from commit 18a284405f519ae49898031a4bea70e5e2d2fdac)
* | | | Protect dropbox service data with selinuxJeff Vander Stoep2018-04-1811-1/+29
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Create a new label for /data/system/dropbox, and neverallow direct access to anything other than init and system_server. While all apps may write to the dropbox service, only apps with android.permission.READ_LOGS, a signature|privileged|development permission, may read them. Grant access to priv_app, system_app, and platform_app, and neverallow access to all untrusted_apps. Bug: 31681871 Test: atest CtsStatsdHostTestCases Test: atest DropBoxTest Test: atest ErrorsTests Change-Id: Ice302b74b13c4d66e07b069c1cdac55954d9f5df
* | | Merge "Sepolicy for rw mount point for vendors."Tri Vo2018-04-185-0/+15
|\ \ \ | |/ / |/| |
| * | Sepolicy for rw mount point for vendors.Tri Vo2018-04-175-0/+15
| |/ | | | | | | | | | | | | | | | | Bug: 64905218 Test: device boots with /mnt/vendor present and selinux label mnt_vendor_file applied correctly. Change-Id: Ib34e2859948019d237cf2fe8f71845ef2533ae27 Merged-In: Ib34e2859948019d237cf2fe8f71845ef2533ae27 (cherry picked from commit 210a805b46782a2a49bf5338732cf8c6abaf95de)
* | Merge "Revert "Revert "Add /sys/kernel/memory_state_time to sysfs_power."""Alan Stokes2018-04-181-0/+1
|\ \ | |/ |/|
| * Revert "Revert "Add /sys/kernel/memory_state_time to sysfs_power.""Alan Stokes2018-04-171-0/+1
| | | | | | | | | | | | | | | | This reverts commit 12e73685b75905fa5afa62cd1fb3631f9f2af818. Reason for revert: Rolling original change forward again, more carefully. Change-Id: I266b181915c829d743c6d8d0b8c0d70b6bf3d620
* | Merge "init: lock down access to keychord_device"Treehugger Robot2018-04-171-0/+8
|\ \
| * | init: lock down access to keychord_deviceMark Salyzyn2018-04-171-0/+8
| |/ | | | | | | | | | | | | | | | | The out-of-tree keychord driver is only intended for use by init. Test: build Bug: 64114943 Bug: 78174219 Change-Id: I96a7fbcd9a54a38625063606f5c4ab6d40d701f6
* | Merge "Make traced_probes mlstrustedsubject."Treehugger Robot2018-04-171-1/+1
|\ \ | |/ |/|
| * Make traced_probes mlstrustedsubject.Florian Mayer2018-04-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Denials: 04-12 12:42:47.795 903 903 W traced_probes: type=1400 audit(0.0:5684): avc: denied { search } for name="1376" dev="proc" ino=204553 scontext=u:r:traced_probes:s0 tcontext=u:r:untrusted_app_27:s0:c512,c768 tclass=dir permissive=0 04-12 12:42:47.795 903 903 W traced_probes: type=1400 audit(0.0:5685): avc: denied { search } for name="1402" dev="proc" ino=204554 scontext=u:r:traced_probes:s0 tcontext=u:r:platform_app:s0:c512,c768 tclass=dir permissive=0 04-12 12:42:47.801 903 903 W traced_probes: type=1400 audit(0.0:5686): avc: denied { search } for name="1496" dev="proc" ino=204557 scontext=u:r:traced_probes:s0 tcontext=u:r:untrusted_app:s0:c85,c256,c512,c768 tclass=dir permissive=0 04-12 12:42:47.805 903 903 W traced_probes: type=1400 audit(0.0:5687): avc: denied { search } for name="1758" dev="proc" ino=204563 scontext=u:r:traced_probes:s0 tcontext=u:r:priv_app:s0:c512,c768 tclass=dir permissive=0 Bug: 77955286 Change-Id: If0985d3ddd7d14c2b139be1c842c9c8df99b90db Merged-In: If0985d3ddd7d14c2b139be1c842c9c8df99b90db
* | Merge "Statsd sepolicy hal_health"Treehugger Robot2018-04-161-0/+1
|\ \
| * | Statsd sepolicy hal_healthBookatz2018-04-121-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Statsd monitors battery capacity, which requires calls to the health hal. Fixes: 77923174 Bug: 77916472 Test: run cts-dev -m CtsStatsdHostTestCases -t android.cts.statsd.atom.HostAtomTests#testFullBatteryCapacity Change-Id: I2d6685d4b91d8fbc7422dfdd0b6ed96bbddc0886
* | | Let vold_prepare_subdirs completely clean deleted user data.Joel Galenson2018-04-162-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After adding a new user, deleting it, and rebooting, some of the user's data still remained. This adds the SELinux permissions necessary to remove all of the data. It fixes the followign denials: avc: denied { rmdir } for scontext=u:r:vold_prepare_subdirs:s0 tcontext=u:object_r:system_data_file:s0 tclass=dir avc: denied { unlink } for scontext=u:r:vold_prepare_subdirs:s0 tcontext=u:object_r:system_data_file:s0 tclass=file Bug: 74866238 Test: Create user, delete user, reboot user, see no denials or leftover data. Change-Id: Ibc43bd2552b388a9708bf781b5ad206f21df62dc
* | | Merge "Add sepolicy for radio sap 1.2"Treehugger Robot2018-04-162-0/+8
|\ \ \
| * | | Add sepolicy for radio sap 1.2sqian2018-04-162-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bug: 74114758 Test: Checked radio-service and sap-service is on the lshal after running the service Change-Id: I1b18711286e000a7d17664e7d3a2045aeeb8c285 Merged-In: I1b18711286e000a7d17664e7d3a2045aeeb8c285 (cherry picked from commit 64839e874b1ab4c94f2287827b9ac6bb351c27e2)
* | | | Merge "Add bug_map entries for bugs we've seen."Treehugger Robot2018-04-161-0/+35
|\ \ \ \
| * | | | Add bug_map entries for bugs we've seen.Joel Galenson2018-04-161-0/+35
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds numerous bug_map entries to try to annotate all denials we've seen. Bug: 78117980 Test: Build Change-Id: I1da0690e0b4b0a44d673a54123a0b49a0d115a49
* / / / Allow dumpstate to read property_typeJaekyun Seok2018-04-163-12/+4
|/ / / | | | | | | | | | | | | | | | | | | | | | dumpstate needs to read all the system properties for debugging. Bug: 77277669 Test: succeeded building and tested with taimen Change-Id: I3603854b3be67d4fc55d74f7925a21bfa59c81ee
* | | Merge "Add exFAT support; unify behind "sdcard_type"."Jeff Sharkey2018-04-139-18/+19
|\ \ \
| * | | Add exFAT support; unify behind "sdcard_type".Jeff Sharkey2018-04-139-18/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We're adding support for OEMs to ship exFAT, which behaves identical to vfat. Some rules have been manually enumerating labels related to these "public" volumes, so unify them all behind "sdcard_type". Test: atest Bug: 67822822 Change-Id: I09157fd1fc666ec5d98082c6e2cefce7c8d3ae56
* | | | Merge "tombstoned: allow unlinking anr files"Treehugger Robot2018-04-131-1/+1
|\ \ \ \
| * | | | tombstoned: allow unlinking anr filesJeff Vander Stoep2018-04-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Tombstoned unlinks "trace_XX" files if there are too many of them. avc: denied { unlink } for comm="tombstoned" name="trace_12" scontext=u:r:tombstoned:s0 tcontext=u:object_r:anr_data_file:s0 tclass=file Bug: 77970585 Test: Build/boot taimen. adb root; sigquit an app. Change-Id: I2c7cf81a837d82c4960c4c666b38cd910885d78d
* | | | | Merge "whitelist test failure that bypassed presubmit"Treehugger Robot2018-04-131-0/+1
|\ \ \ \ \
| * | | | | whitelist test failure that bypassed presubmitJeff Vander Stoep2018-04-131-0/+1
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | avc: denied { read } for comm="batterystats-wo" name="show_stat" dev="sysfs" scontext=u:r:system_server:s0 tcontext=u:object_r:sysfs:s0 tclass=file Bug: 77816522 Test: build Change-Id: I50a9bfe1a9e4df9c84cf4b2b4aedbb8f82ac94cd (cherry picked from commit 2ccd99a53a2efd0a62c0b2f2e2f8944cfd98891f)
* | | | | Selinux: Give lmkd read access to /proc/meminfoSuren Baghdasaryan2018-04-131-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow lmkd read access to /proc/meminfo for retrieving information on memory state. Change-Id: I7cf685813a5a49893c8f9a6ac4b5f6619f3c18aa Signed-off-by: Suren Baghdasaryan <surenb@google.com>
* | | | | Merge "Allow some vold_prepare_subdirs denials."Treehugger Robot2018-04-131-4/+6
|\ \ \ \ \
| * | | | | Allow some vold_prepare_subdirs denials.Joel Galenson2018-04-131-4/+6
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This addresses the following denials: avc: denied { fowner } for comm="rm" scontext=u:r:vold_prepare_subdirs:s0 tcontext=u:r:vold_prepare_subdirs:s0 tclass=capability avc: denied { getattr } for comm="rm" scontext=u:r:vold_prepare_subdirs:s0 tcontext=u:object_r:storaged_data_file:s0 tclass=file avc: denied { relabelfrom } for comm="vold_prepare_su" name="storaged" scontext=u:r:vold_prepare_subdirs:s0 tcontext=u:object_r:system_data_file:s0 tclass=dir avc: denied { getattr } for comm="rm" scontext=u:r:vold_prepare_subdirs:s0 tcontext=u:object_r:system_data_file:s0 tclass=file Bug: 77875245 Test: Boot device. Test: Mislabel directories used by vold_prepare_subdirs, reboot, and ensure it can relabel them without denials. Test: Add user, reboot, delete user, reboot, observe no denials. (cherry picked from commit 855dd5a8562494f78f99e5bd5096f617ac70438f) Merged-In: Id67bc99f151a6ccb9619bbfb7080452956405121 Change-Id: I2f6b5abfaf81570d03a30f2edf7296b5afd10c9b
* | | | | Make persist.sys.sf.native_mode an integerChia-I Wu2018-04-131-1/+1
| |/ / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | This allows for more native modes. Bug: 73824924 Test: adb shell setprop persist.sys.sf.native_mode 2 Change-Id: Iffdeadc8dc260de4b0c7f2b46aab08d64d25e3b1
* | | | Allow vendor_init to write to misc_block_deviceTom Cherry2018-04-132-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Vendors may use this to write custom messages to their bootloader, and as the bootloader is under vendor control, this makes sense to allow. Bug: 77881566 Test: build Change-Id: I78f80400e5f386cad1327a9209ee1afc8e334e56
* | | | Whitelist vendor-init-settable bluetooth_prop and wifi_propJaekyun Seok2018-04-1216-3/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Values of the following properties are set by SoC vendors on some devices including Pixels. - persist.bluetooth.a2dp_offload.cap - persist.bluetooth.a2dp_offload.enable - persist.vendor.bluetooth.a2dp_offload.enable - ro.bt.bdaddr_path - wlan.driver.status So they should be whitelisted for compatibility. Bug: 77633703 Test: succeeded building and tested with Pixels Change-Id: Ib2b81bcc1fd70ddd571dc7fb2b923b576d62b7d5
* | | | Merge "Allow vendor-init-readable for sys.boot_completed and dev.bootcomplete"Treehugger Robot2018-04-121-0/+2
|\ \ \ \ | |/ / / |/| | |
| * | | Allow vendor-init-readable for sys.boot_completed and dev.bootcompleteJaekyun Seok2018-04-121-0/+2
| | |/ | |/| | | | | | | | | | | | | | | | | | | Bug: 75987246 Test: succeeded builing and tested with taimen Change-Id: I2d8bc91c305e665ed9c69459e51204117afb3eee Merged-In: I2d8bc91c305e665ed9c69459e51204117afb3eee (cherry picked from commit ac2e4cce71fd9b379bced6c4aae5308c55c66367)
* | | Merge "priv_app: remove more logspam"Treehugger Robot2018-04-122-3/+3
|\ \ \ | |/ / |/| |
| * | priv_app: remove more logspamJeff Vander Stoep2018-04-102-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | avc: denied { read } for name="ext4" dev="sysfs" ino=32709 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=0 b/72749888 avc: denied { read } for name="state" dev="sysfs" ino=51318 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:sysfs_android_usb:s0 tclass=file permissive=0 b/72749888 Bug: 72749888 Test: build/boot taimen-userdebug. No more logspam Change-Id: Ic43d1c8b71e1e5e0e6f9af1e03816c4084120e7e Merged-In: Ic43d1c8b71e1e5e0e6f9af1e03816c4084120e7e (cherry picked from commit 558cdf1e9925ca7b1420569abab677090d3d9528)
* | | Merge "hal_tetheroffload: move hwservice mapping to core policy"Treehugger Robot2018-04-111-0/+2
|\ \ \
| * | | hal_tetheroffload: move hwservice mapping to core policyJeff Vander Stoep2018-04-111-0/+2
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Addresses: avc: denied { find } for interface=android.hardware.tetheroffload.config::IOffloadConfig scontext=u:r:system_server:s0 tcontext=u:object_r:default_android_hwservice:s0 tclass=hwservice_manager Bug: 77855688 Test: build/boot Sailfish, turn on tethering, no selinux denial Change-Id: I97cae0928b5311a4da41d19cbd5c863c3137a49f (cherry picked from commit 3a346ea73208dcb38adc9b33fac5527926166e3b)
* | | Merge changes If2413c30,Ic5d7c961Treehugger Robot2018-04-112-0/+9
|\ \ \ | | | | | | | | | | | | | | | | | | | | * changes: Suppress spurious denial Suppress spurious denial
| * | | Suppress spurious denialJeff Vander Stoep2018-04-111-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Addresses: avc: denied { sys_resource } scontext=u:r:zygote:s0 tcontext=u:r:zygote:s0 tclass=capability Bug: 77905989 Test: build and flash taimen-userdebug Change-Id: If2413c3005df02a70661464d695211acbcda4094 (cherry picked from commit 816e744d998cb327fbd20f3124b22398bea2b8e4)
| * | | Suppress spurious denialJeff Vander Stoep2018-04-111-0/+6
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Addresses: avc: denied { sys_resource } for comm="ip6tables" capability=24 scontext=u:r:netutils_wrapper:s0 tcontext=u:r:netutils_wrapper:s0 tclass=capability Bug: 77905989 Test: build and flash taimen-userdebug Change-Id: Ic5d7c96152b96b55255eeec00b19948f38c1923c (cherry picked from commit 443a43c98121363929f268b1f77bd229a3247d3a)
* | | Merge "Add internal types to 27.0[.ignore].cil."Treehugger Robot2018-04-102-0/+3
|\ \ \
| * | | Add internal types to 27.0[.ignore].cil.Tri Vo2018-04-102-0/+3
| | |/ | |/| | | | | | | | | | | | | | | | | | | Bug: 69390067 Test: manual run of treble_sepolicy_tests Change-Id: I1b772a3f7c96875765c75bfc1031f249411c3338 Merged-In: I1b772a3f7c96875765c75bfc1031f249411c3338 (cherry picked from commit 9fbd65200d5da704e8eff1fdd5a4e7ab46eb3a45)
* | | Merge "Hide sys_rawio SELinux denials."Treehugger Robot2018-04-102-0/+3
|\ \ \
generated by cgit v1.2.3 (git 2.39.2)