Commits · 0181f5f1f9a4d5afe83fb035827e808ef1fe9d9b · CodeLinaro / public-release-test / platform / system / sepolicy

May 05, 2017
- Merge "Remove vr_wm service selinux policy" into oc-dev · 0181f5f1
  Daniel Nicoara authored 7 years ago
  
  0181f5f1
May 04, 2017

Allow getattr on tempfs files · a0d3ff8e

Dimitry Ivanov authored 7 years ago

This is needed by linker to be able to load libraries from memfd
which currently generated following denial:
avc: denied { getattr } for path=2F6D656D66643A666F6F626172202864656C6574656429 dev="tmpfs" ino=902079 scontext=u:r:shell:s0 tcontext=u:object_r:shell_tmpfs:s0 tclass=file permissive=0

Bug: http://b/37245203
Bug: http://b/37916741
Test: builds
Change-Id: I5b57b6cada50a62657c8daaaaaa56f1ee9cdb376

a0d3ff8e

Merge "Revert "O is API 26"" into oc-dev · 47859a93
Ian Pedowitz authored 7 years ago

47859a93

May 03, 2017

Revert "O is API 26" · 6b04a961

Ian Pedowitz authored 7 years ago

This reverts commit 8713882b.

Reason for revert:  b/37355569

Bug: 37480230
Bug: 37896931
Bug: 37355569
Change-Id: Ic07d948fd0b4a0a8434e1f4f0c8e559c4258cf5e

6b04a961

May 02, 2017
- Merge "sepolicy: allow AAudio apps to use FDs from the audio HAL" into oc-dev · b9d5d207
  TreeHugger Robot authored 7 years ago
  
  b9d5d207
- Merge "O is API 26" into oc-dev · 7cc3f0a9
  TreeHugger Robot authored 7 years ago
  
  7cc3f0a9
- O is API 26 · 8713882b
  Michael Wright authored 7 years ago
```
Bug: 37480230
Bug: 37896931
Test: build, boot
Change-Id: Ib8d4309d37b8818163a17e7d8b25155c4645edcf
```
  8713882b
- Allow omx hal access to vndbinder on all devices. · d64561f7
  Steven Moreland authored 7 years ago
```
Whether a device is full Treble or not, omx should be able to
access vndbinder

Test: (sanity) oc-dev marlin boots + YouTube + lshal
Fixes: 37528973
Change-Id: Idd734b42c7dfe3e09e544680a6893b03910ecd3e
```
  d64561f7
May 01, 2017
- Merge "Give system_server access to last reboot reason" into oc-dev · 66109bdb
  Salvador Martinez authored 7 years ago
  
  66109bdb
Apr 29, 2017
- Merge "Allow audioserver to talk to bluetooth server" into oc-dev · c28be992
  TreeHugger Robot authored 7 years ago
  
  c28be992
- Merge "Remove audio from socket_between.._violators" into oc-dev · bd087968
  TreeHugger Robot authored 7 years ago
  
  bd087968
- Merge "Allow mediaserver to access fd allocated by hal_graphics_composer" into oc-dev · 5fe8881b
  Hassan Shojania authored 7 years ago
  
  5fe8881b
- Merge "allow surfaceflinger to use socket from adbd" into oc-dev · 8027f979
  Chris Forbes authored 7 years ago
  
  8027f979
- Merge "Add default label and mapping for vendor services" into oc-dev · 74a96734
  TreeHugger Robot authored 7 years ago
  
  74a96734
- Merge "untrusted_apps: allow untrusted_apps to execute from /vendor/app" into oc-dev · 11772818
  TreeHugger Robot authored 7 years ago
  
  11772818
- Merge "Enable the use of IOmxStore service" into oc-dev · d8112255
  TreeHugger Robot authored 7 years ago
  
  d8112255
- Allow mediaserver to access fd allocated by hal_graphics_composer · a91e3e82
  Hassan Shojania authored 7 years ago
```
Bug:  37713584
Test: With GtsMediaTestCases.apk installed, try:
      adb shell am instrument -w
      -e class 'com.google.android.media.gts.MediaPlayerTest#testLLAMA_H264_BASELINE_240P_800_DOWNLOADED_V0_SYNC'
      'com.google.android.media.gts/android.support.test.runner.AndroidJUnitRunner'

Change-Id: Icc2066e9d9bbc5c020b6d694e9627487771ef35e
```
  a91e3e82
- Sepolicy: Fix new access from the linker for postinstall · bddd1893
  Andreas Gampe authored 7 years ago
```
The linker now requires getattr rights for the filesystem. Otherwise
linking otapreopt and patchoat/dex2oat will fail.

Bug: 37776530
Test: m
Test: manual OTA
Change-Id: I1351fbfa101beca4ba80f84b0dd9dbcabe2c9d39
```
  bddd1893
Apr 28, 2017

Enable the use of IOmxStore service · 98b7f66d

Pawin Vongmasa authored 7 years ago

Test: Manual use of Camera app
Test: lshal shows IOmxStore

Bug: 37657124
Bug: 37726880
Change-Id: I5459d992c2feb14bd26765673864e583d48e3ba4

98b7f66d

allow surfaceflinger to use socket from adbd · 676003cf

Chris Forbes authored 7 years ago

Fixes `adb shell cmd gpu vkjson`, which was previously failing due to
surfaceflinger not being able to use the socket passed to it by adbd.

Bug: b/37157136
Test: run above command, verified on marlin + bullhead
Change-Id: I57fa7e99d5c3dc7bc7d033b83f8ce6032162d7d3

676003cf

untrusted_apps: allow untrusted_apps to execute from /vendor/app · ef7b2109

Sandeep Patil authored 7 years ago


The typical use case is where vendor apps which run as untrusted apps
use libraries that are packaged withing the apk

Bug: 37753883
Test: Tested by runnig pre-installed app that packages a library from
      /vendor/app

Change-Id: I445144e37e49e531f4f43b13f34d6f2e78d7a3cf
Signed-off-by: Sandeep Patil <sspatil@google.com>

ef7b2109

sepolicy: allow AAudio apps to use FDs from the audio HAL · d6e9c949

Phil Burk authored 7 years ago


The API does not expose the FD directly. But they are
used by libaaudio.so linked with the app.

Needed for low latency audio.

Bug: 37167970
Test: NativeOboe touch to tone latency app
Change-Id: I92372eff44d856e9aff399dc9c64fd18524fdc44
Signed-off-by: Phil Burk <philburk@google.com>

d6e9c949

Add default label and mapping for vendor services · 082eae4e

Jeff Vander Stoep authored 7 years ago

Adding the default label/mapping is important because:
1.  Lookups of services without an selinux label should generate
    a denial.
2.  In permissive mode, lookups of a service without a label should be
    be allowed, without the default label service manager disallows
    access.
3.  We can neverallow use of the default label.

Bug: 37762790
Test: Build and flash policy onto Marlin with unlabeled vendor services.
    Add/find of unlabeled vendor services generate a denial.

Change-Id: I66531deedc3f9b79616f5d0681c87ed66aca5b80
(cherry picked from commit 639a2b84)

082eae4e

Remove audio from socket_between.._violators · b0ed9363

Steven Moreland authored 7 years ago

Test: Play Music over BT headset
Bug: 37640821
Change-Id: I1fe6c9a289315dc0118888e19250cd64aee9a0d5

b0ed9363

Allow audioserver to talk to bluetooth server · 9450a875

Mikhail Naganov authored 7 years ago

Audioserver loads A2DP module directly. The A2DP module
talks to the bluetooth server.

Bug: 37640821
Test: Play Music over BT headset
Change-Id: Ie6233e52a3773b636a81234b73e5e64cfbff458e

9450a875

Merge "Correct documentation in untrusted_app_all" into oc-dev · 89671020
Nick Kralevich authored 7 years ago

89671020
Merge "Allow vr_hwc and virtual_touchpad to query for permissions" into oc-dev · 22ebf24e
Daniel Nicoara authored 7 years ago

22ebf24e

Apr 27, 2017

Merge changes Ia9960af9,I6987d60c into oc-dev · b9d5d5cc

TreeHugger Robot authored 7 years ago

* changes:
  NFC HAL no longer violates socket access restrictions
  Remove access to sock_file for hal_nfc

b9d5d5cc

SELinux configuration for TextClassifier model updates. · adfc5db0

Abodunrinwa Toki authored 7 years ago

Test: bit FrameworksCoreTests:android.view.textclassifier.TextClassificationManagerTest
Bug: 34780396
Change-Id: I8b98fef913df571e55474ea2529f71750874941c

adfc5db0

NFC HAL no longer violates socket access restrictions · 688a7667

Ruchi Kandoi authored 7 years ago


Test: compiles
Bug: 37640900
Change-Id: Ia9960af9da880fd130b5fb211a054689e2353f1d
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>

688a7667

Remove access to sock_file for hal_nfc · 468eabb1

Ruchi Kandoi authored 7 years ago


Test: manual
Bug: 37640900
Change-Id: I6987d60c1eb1578134b51f4e7417700fd462ba4d
Signed-off-by: Ruchi Kandoi <kandoiruchi@google.com>
(cherry picked from commit ad41fa8d)

468eabb1

Apr 26, 2017
- Merge "Allow installd to read vendor_overlay_file" into oc-dev · 9829506c
  TreeHugger Robot authored 7 years ago
  
  9829506c
- Merge "Allow Bluetooth sys_nice and system_server setsched for Bluetooth HAL" into oc-dev · edc2fedb
  TreeHugger Robot authored 7 years ago
  
  edc2fedb
- Merge "relax fuse_device neverallow rules" into oc-dev · c78db706
  TreeHugger Robot authored 7 years ago
  
  c78db706
- Correct documentation in untrusted_app_all · eda4b88d
  Chad Brubaker authored 7 years ago
```
Rules defined in utrusted_app_all do not apply to all untrusted apps,
update the comments to reflect that.

Test: builds
Change-Id: I6f064bd93c13d8341128d941be34fdfaa0bec5da
```
  eda4b88d
- Allow Bluetooth sys_nice and system_server setsched for Bluetooth HAL · 3c46d2ff
  Philip Cuadra authored 8 years ago
```
Bluetooth needs the capability to set audio-related threads to be RT
scheduled.  Grant it sys_nice.

system_server needs to set priority for the Bluetooth HAL.  Allow it.

Bug 37518404
Test:  Play Bluetooth audio, confirm RT scheduling with systrace
Merged-In: Iaf7b85a11a51883744d72a50addfd320b6fbbc2f
Change-Id: Iaf7b85a11a51883744d72a50addfd320b6fbbc2f

(cherry picked from commit 6eee6eb2)
```
  3c46d2ff
- relax fuse_device neverallow rules · 45766d41
  Nick Kralevich authored 7 years ago
```
The fuse_device neverallow rules are too aggressive and are inhibiting
certain vendor customizations. Relax the /dev/fuse neverallow rules so
that they better reflect the security invariants we want to uphold.

Bug: 37496487
Test: policy compiles.
Change-Id: Ie73b0ba7c76446afc2a7a23ebed1275c977d932d
```
  45766d41
- Merge "Remove rules blocking vrcore_app to connect to VR HWC and VirtualTouchpad" into oc-dev · a5647da3
  TreeHugger Robot authored 7 years ago
  
  a5647da3
- Merge "Assert ban on framework <-> vendor comms over VndBinder" into oc-dev · a9d7b895
  Alex Klyubin authored 7 years ago
  
  a9d7b895
- Merge "Do not warn about empty typesets in neverallows" into oc-dev · 26564ce7
  Alex Klyubin authored 7 years ago
  
  26564ce7