Skip to content
Snippets Groups Projects
Select Git revision
0 results
Search by author
  • Any Author
0 authors
  1. Dec 14, 2018
  3. Dec 13, 2018
  5. Dec 12, 2018
    • Treehugger Robot's avatar
      Merge "bless app created renderscript files" · f523218d
      Treehugger Robot authored
      f523218d
    • Paul Crowley's avatar
      Remove overpermissive neverallow exceptions. · 90e68e92
      Paul Crowley authored 
      Test: Compiles - neverallow rules are compile time checks
Change-Id: I2e1177897d2697cde8a190228ba83381d9a1877a
      90e68e92
    • Yu-Han Yang's avatar
      Add sepolicy for GNSS HAL 2.0 and 1.1 · 63de8591
      Yu-Han Yang authored 
      Bug: 112260995
Bug: 120277977
Test: atest VtsHalGnssV2_0TargetTest
Change-Id: I196d8506b2f7c2153e1f647ea5ba61b81bf3d881
      63de8591
    • Nick Kralevich's avatar
      remove app_data_file execute · b3624743
      Nick Kralevich authored 
      Remove the ability for applications to dlopen() executable code from
their home directory for newer API versions. API versions <= 28 are
uneffected by this change.

Bug: 112357170
Test: cts-tradefed run cts -m CtsRenderscriptTestCases
Change-Id: I1d7f3a1015d54b8610d1c561f38a1a3c2bcf79e4
      b3624743
    • Nick Kralevich's avatar
      bless app created renderscript files · 0eb0a16f
      Nick Kralevich authored 
      When an app uses renderscript to compile a Script instance,
renderscript compiles and links the script using /system/bin/bcc and
/system/bin/ld.mc, then places the resulting shared library into the
application's code_cache directory. The application then dlopen()s the
resulting shared library.

Currently, this executable code is writable to the application. This
violates the W^X property (https://en.wikipedia.org/wiki/W%5EX), which
requires any executable code be immutable.

This change introduces a new label "rs_data_file". Files created by
/system/bin/bcc and /system/bin/ld.mc in the application's home
directory assume this label. This allows us to differentiate in
security policy between app created files, and files created by
renderscript on behalf of the application.

Apps are allowed to delete these files, but cannot create or write these
files. This is enforced through a neverallow compile time assertion.

Several exceptions are added to Treble neverallow assertions to support
this functionality. However, because renderscript was previously invoked
from an application context, this is not a Treble separation regression.

This change is needed to support blocking dlopen() for non-renderscript
/data/data files, which will be submitted in a followup change.

Bug: 112357170
Test: cts-tradefed run cts -m CtsRenderscriptTestCases
Change-Id: Ie38bbd94d26db8a418c2a049c24500a5463698a3
      0eb0a16f
    • Florian Mayer's avatar
      Add persist.heapprofd.enable property. am: c32ca901 am: 4935f908 · 5c6dcb72
      Florian Mayer authored 
      am: 0f094e30

Change-Id: Ibb7cf3bae4e92e618d16d292c848dd257d6f68a2
      5c6dcb72
    • Florian Mayer's avatar
      Add persist.heapprofd.enable property. am: c32ca901 · 0f094e30
      Florian Mayer authored 
      am: 4935f908

Change-Id: I6ea6fee7f042ced9298c931257341ea77d47f48e
      0f094e30
    • Florian Mayer's avatar
      Add persist.heapprofd.enable property. · 4935f908
      Florian Mayer authored 
      am: c32ca901

Change-Id: Ifa37f085f897789fc93a7e7ac7f41890f60e42bc
      4935f908
    • Florian Mayer's avatar
      Add persist.heapprofd.enable property. · c32ca901
      Florian Mayer authored 
      This is analoguous to what Perfetto does with persist.traced.enable.

Test: m
Test: flash walleye
Test: setprop persist.heapprofd.enable 1
      setprop persist.heapprofd.enable 0

Change-Id: I997272ef8c6fe078aca2388ed0cf2ecc3de612a5
      c32ca901