Commits · 087318957f26e921d62f2e234fc14bff3c59030e · CodeLinaro / public-release-test / platform / system / sepolicy

Apr 10, 2018

Start the process of locking down proc/net · 08731895

Files in /proc/net leak information. This change is the first step in
determining which files apps may use, whitelisting benign access, and
otherwise removing access while providing safe alternative APIs.

To that end, this change:
* Introduces the proc_net_type attribute which will assigned to any
new SELinux types in /proc/net to avoid removing access to privileged
processes. These processes may be evaluated later, but are lower
priority than apps.
* Labels /proc/net/{tcp,tcp6,udp,udp6} as proc_net_vpn due to existing
use by VPN apps. This may be replaced by an alternative API.
* Audits all other proc/net access for apps.
* Audits proc/net access for other processes which are currently
granted broad read access to /proc/net but should not be including
storaged, zygote, clatd, logd, preopt2cachename and vold.

Bug: 9496886
Bug: 68016944
Test: Boot Taimen-userdebug. On both wifi and cellular: stream youtube
    navigate maps, send text message, make voice call, make video call.
    Verify no avc "granted" messages in the logs.
Test: A few VPN apps including "VPN Monster", "Turbo VPN", and
"Freighter". Verify no logspam with the current setup.
Test: atest CtsNativeNetTestCases
Test: atest netd_integration_test
Test: atest QtaguidPermissionTest
Test: atest FileSystemPermissionTest

Change-Id: I7e49f796a25cf68bc698c6c9206e24af3ae11457

08731895

Apr 05, 2018
- priv_app: remove more logspam am: 558cdf1e · f433fe5c
  Jeff Vander Stoep authored 6 years ago
```
am: 97b66cb5

Change-Id: Ifcb2f1b137943c4f481e6ef8c19ac211e1b15ece
```
  f433fe5c
- priv_app: remove more logspam · 97b66cb5
  Jeff Vander Stoep authored 6 years ago
```
am: 558cdf1e

Change-Id: I998cb4d7b507c39ddd027a9e24646303c4765512
```
  97b66cb5
- Merge "Wifi HAL SIOCSIFHWADDR sepolicy" am: c9dd7149 am: 62861f86 · 4a180d7d
  Jong Wook Kim authored 6 years ago
```
am: f08328b0

Change-Id: Ia7d4f56cb596cc6aa5d8517d38ba5437ab678f35
```
  4a180d7d
- Merge "Wifi HAL SIOCSIFHWADDR sepolicy" am: c9dd7149 · f08328b0
  Jong Wook Kim authored 6 years ago
```
am: 62861f86

Change-Id: Ia6eefc0d79c77ba363faccb42fb3e8d9e7f9ce24
```
  f08328b0
- Merge "Wifi HAL SIOCSIFHWADDR sepolicy" · 62861f86
  Jong Wook Kim authored 6 years ago
```
am: c9dd7149

Change-Id: Ideee1c776e572f0e8d90eb340f1d2e58b1182a4c
```
  62861f86
- Merge "Wifi HAL SIOCSIFHWADDR sepolicy" · c9dd7149
  Jong Wook Kim authored 6 years ago
  
  c9dd7149
- Remove direct qtaguid access from platform/system apps am: f3220aa6 am: e505a35d · ca4e086a
  Jeff Vander Stoep authored 6 years ago
```
am: e53b335d

Change-Id: I02bd67f5aca4a24f5759eda5728b9ed55b0d8454
```
  ca4e086a
- shell: move shell qtaguid perms to shell.te am: 9d28625f am: 7a99df89 · a875aa39
  Jeff Vander Stoep authored 6 years ago
```
am: 0f59d0b1

Change-Id: I0cd1ab02d104e051000673b12e155feb36fafb69
```
  a875aa39
- Remove direct qtaguid access from platform/system apps am: f3220aa6 · e53b335d
  Jeff Vander Stoep authored 6 years ago
```
am: e505a35d

Change-Id: I7183822e3930dc6ef1b995027d784831b74aaf9f
```
  e53b335d
- shell: move shell qtaguid perms to shell.te am: 9d28625f · 0f59d0b1
  Jeff Vander Stoep authored 6 years ago
```
am: 7a99df89

Change-Id: I577f211e913fd5ad2150a54d6931a810ec58cb43
```
  0f59d0b1
- Remove direct qtaguid access from platform/system apps · e505a35d
  Jeff Vander Stoep authored 6 years ago
```
am: f3220aa6

Change-Id: Ibf50ab24fa12e07fc44e89420bba99d5665156d9
```
  e505a35d
- shell: move shell qtaguid perms to shell.te · 7a99df89
  Jeff Vander Stoep authored 6 years ago
```
am: 9d28625f

Change-Id: Iadb2f23c577f3641ed9785891c97a000d757957a
```
  7a99df89
Apr 04, 2018
- priv_app: remove more logspam · 558cdf1e
  Jeff Vander Stoep authored 6 years ago
```
avc: denied { read } for name="ext4" dev="sysfs" ino=32709
scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:sysfs:s0
tclass=dir permissive=0 b/72749888
avc: denied { read } for name="state" dev="sysfs" ino=51318
scontext=u:r:priv_app:s0:c512,c768
tcontext=u:object_r:sysfs_android_usb:s0 tclass=file permissive=0
b/72749888

Bug: 72749888
Test: build/boot taimen-userdebug. No more logspam
Change-Id: Ic43d1c8b71e1e5e0e6f9af1e03816c4084120e7e
```
  558cdf1e
- Remove direct qtaguid access from platform/system apps · f3220aa6
  Jeff Vander Stoep authored 6 years ago
```
System components should use the public tagSocket() API, not direct
file access to /proc/net/xt_qtaguid/* and /dev/xt_qtaguid.

Test: build/boot taimen-userdebug. Use youtube, browse chrome,
    navigate maps on both cellular and wifi.
Bug: 68774956

Change-Id: Id895395de100d8f9a09886aceb0d6061fef832ef
```
  f3220aa6
- shell: move shell qtaguid perms to shell.te · 9d28625f
  Jeff Vander Stoep authored 6 years ago
```
Remove unecessary access to /proc/net/xt_qtaguid/ctrl and
/dev/xt_qtaguid.

Bug: 68774956
Test: atest CtsNativeNetTestCases
Test: adb root; atest tagSocket
Change-Id: If3a1e823be0e342faefff28ecd878189c68a8e92
```
  9d28625f
- Allowing incidentd to get stack traces from processes. am: 985db6d8 am: 5f98693a · 58ec02be
  Kweku Adams authored 6 years ago
```
am: 49733255

Change-Id: I412a4ffeba18478ec634344d8ebf29b5ac992d31
```
  58ec02be
- Allowing incidentd to get stack traces from processes. am: 985db6d8 · 49733255
  Kweku Adams authored 6 years ago
```
am: 5f98693a

Change-Id: Iaeaaeb8195e2ffcbf148b1764d57d4e1c7da6f4f
```
  49733255
- Allowing incidentd to get stack traces from processes. · 5f98693a
  Kweku Adams authored 6 years ago
```
am: 985db6d8

Change-Id: I1c05fb2469df71f5572aaf8ed88333dc3c92d3c5
```
  5f98693a
- Allowing incidentd to get stack traces from processes. · 985db6d8
  Kweku Adams authored 7 years ago
```
Bug: 72177715
Test: flash device and check incident output
Change-Id: I16c172caec235d985a6767642134fbd5e5c23912
```
  985db6d8
- [automerger skipped] Merge "Reland "Allow dexopt to follow /odm/lib(64)... · 2c6f0284
  Jiyong Park authored 6 years ago
```
[automerger skipped] Merge "Reland "Allow dexopt to follow /odm/lib(64) symlinks.""" into pi-dev am: 3c0b8c01  -s ours
am: 7b0e2f1b  -s ours

Change-Id: Id186b40893925459baf924427a7447fb94b6b565
```
  2c6f0284
- Merge "Allow dumpstate to trace drm hals" into pi-dev am: f7d49787 · 359d40ed
  Jeff Tinker authored 6 years ago
```
am: 41cc2b05

Change-Id: I14036bfad3b59bf2add0de1f3001b23f0d908980
```
  359d40ed
- [automerger skipped] Merge "Reland "Allow dexopt to follow /odm/lib(64) symlinks.""" into pi-dev · 7b0e2f1b
  Jiyong Park authored 6 years ago
```
am: 3c0b8c01  -s ours

Change-Id: I1a3b2f22453bf846f0d68d13aa72c57822c336a8
```
  7b0e2f1b
- Merge "Allow dumpstate to trace drm hals" into pi-dev · 41cc2b05
  Jeff Tinker authored 6 years ago
```
am: f7d49787

Change-Id: Ia141cdcd71b7f76a566ce2f9d0cf720d90693af2
```
  41cc2b05
- Merge "Reland "Allow dexopt to follow /odm/lib(64) symlinks.""" into pi-dev · 3c0b8c01
  TreeHugger Robot authored 6 years ago
  
  3c0b8c01
- Merge "Allow dumpstate to trace drm hals" into pi-dev · f7d49787
  TreeHugger Robot authored 6 years ago
  
  f7d49787
- Merge "Rename qtaguid_proc to conform to name conventions" am: 38a84cf8 am: d093691c · 385d6f58
  Jeff Vander Stoep authored 6 years ago
```
am: e8db0b37

Change-Id: I1a100b79b00618af667c31bb7651762ce6dd822d
```
  385d6f58
- Merge "Rename qtaguid_proc to conform to name conventions" am: 38a84cf8 · e8db0b37
  Jeff Vander Stoep authored 6 years ago
```
am: d093691c

Change-Id: Ie6ffba47ea2164260d60115a738c57f0e47f04be
```
  e8db0b37
- Merge "Rename qtaguid_proc to conform to name conventions" · d093691c
  Jeff Vander Stoep authored 6 years ago
```
am: 38a84cf8

Change-Id: I76cbd596ac70b065c288b30855db956fd456b5f6
```
  d093691c
- [automerger skipped] Merge changes from topic "proc_sysfs_type" into pi-dev am: 40e6b795 -s ours · 0ec9232e
  Tri Vo authored 6 years ago
```
am: a7fea58d  -s ours

Change-Id: Id99363967c8837494a320cbbde800869de97ef55
```
  0ec9232e
- [automerger skipped] Test that /proc files have proc_type attribute. am: 7698c72f -s ours · 6f9aa433
  Tri Vo authored 6 years ago
```
am: fcbc3fcf  -s ours

Change-Id: I7e0cbf7981125ab29c7dbc3942e2c8db635d5379
```
  6f9aa433
- [automerger skipped] Merge changes from topic "proc_sysfs_type" into pi-dev · a7fea58d
  Tri Vo authored 6 years ago
```
am: 40e6b795  -s ours

Change-Id: I08541ef49695b32c24cdfcff9c112cb9cf7c9ccb
```
  a7fea58d
- Merge "Rename qtaguid_proc to conform to name conventions" · 38a84cf8
  Treehugger Robot authored 6 years ago
  
  38a84cf8
- [automerger skipped] Test that /proc files have proc_type attribute. · fcbc3fcf
  Tri Vo authored 6 years ago
```
am: 7698c72f  -s ours

Change-Id: I8e68dd92f2513906a0fcceaffaeb464b7ff66237
```
  fcbc3fcf
- Merge "Block SDK 28 app from using proc/net/xt_qtaguid" am: c69cbe55 am: c9f91a8c · 13f7e19e
  Chenbo Feng authored 6 years ago
```
am: 6fd5da1c

Change-Id: If73b6334e0a1b2fdf4912f90578f2e0099bf0e49
```
  13f7e19e
- Merge changes from topic "proc_sysfs_type" into pi-dev · 40e6b795
  Tri Vo authored 6 years ago
```
* changes:
  Test that /proc files have proc_type attribute.
  Assert types labeled in genfs_contexts have correct attributes
```
  40e6b795
Apr 03, 2018
- Merge "Block SDK 28 app from using proc/net/xt_qtaguid" am: c69cbe55 · 6fd5da1c
  Chenbo Feng authored 6 years ago
```
am: c9f91a8c

Change-Id: I19acbd57012782c82995dacd3165a6ae8605c00a
```
  6fd5da1c
- Merge "Block SDK 28 app from using proc/net/xt_qtaguid" · c9f91a8c
  Chenbo Feng authored 6 years ago
```
am: c69cbe55

Change-Id: I741c90bf96d43b6ab5227696ac24d8891cf5dc97
```
  c9f91a8c
- Merge "Block SDK 28 app from using proc/net/xt_qtaguid" · c69cbe55
  Treehugger Robot authored 6 years ago
  
  c69cbe55
- Merge "Rename qtaguid_proc to conform to name conventions" · aab6782e
  TreeHugger Robot authored 6 years ago
  
  aab6782e