Commits · 4d3ee1a5b6bb1a38bc2f9efa374ac9951d45107b · CodeLinaro / public-release-test / platform / system / sepolicy

Apr 04, 2018

Allowing incidentd to get stack traces from processes. · 985db6d8

Kweku Adams authored 7 years ago

Bug: 72177715
Test: flash device and check incident output
Change-Id: I16c172caec235d985a6767642134fbd5e5c23912

985db6d8

Mar 30, 2018
- Allow incidentd to read LAST_KMSG only for userdebug builds · 76238cd4
  Yi Jin authored 7 years ago
```
Bug: 73354384
Test: manual
Change-Id: Iaaeded69c287eae757aaf68dc18bc5a0c53b94e6
```
  76238cd4
Mar 07, 2018

Enabling incidentd to get top and ps data. · 06ac7dba

Kweku Adams authored 7 years ago

Bug: 72177715
Bug: 72384374
Test: flash device and make sure incidentd is getting data without SELinux denials
Change-Id: I684fe014e19c936017a466ec2d6cd2e1f03022c0

06ac7dba

Jan 24, 2018
- Update sepolicy of statsd to be able to find incident_service · cf38ca5e
  yro authored 7 years ago
```
Test: manual testing
Change-Id: Ia97c956c08d2062af6b33622c6b61ca3810b0cb1
```
  cf38ca5e
Jan 23, 2018
- Selinux permissions for incidentd project · bc24ba72
  Yi Jin authored 7 years ago
```
Bug: 64222712
Test: manual
Change-Id: Ica77ae3c9e535eddac9fccf11710b0bcb3254ab3
```
  bc24ba72
Nov 21, 2017

sepolicy: Add rules for non-init namespaces · 9b2e0cbe

Benjamin Gordon authored 7 years ago

In kernel 4.7, the capability and capability2 classes were split apart
from cap_userns and cap2_userns (see kernel commit
8e4ff6f228e4722cac74db716e308d1da33d744f). Since then, Android cannot be
run in a container with SELinux in enforcing mode.

This change applies the existing capability rules to user namespaces as
well as the root namespace so that Android running in a container
behaves the same on pre- and post-4.7 kernels.

This is essentially:
  1. New global_capability_class_set and global_capability2_class_set
     that match capability+cap_userns and capability2+cap2_userns,
     respectively.
  2. s/self:capability/self:global_capability_class_set/g
  3. s/self:capability2/self:global_capability2_class_set/g
  4. Add cap_userns and cap2_userns to the existing capability_class_set
     so that it covers all capabilities.  This set was used by several
     neverallow and dontaudit rules, and I confirmed that the new
     classes are still appropriate.

Test: diff new policy against old and confirm that all new rules add
      only cap_userns or cap2_userns;
      Boot ARC++ on a device with the 4.12 kernel.
Bug: crbug.com/754831

Change-Id: I4007eb3a2ecd01b062c4c78d9afee71c530df95f

9b2e0cbe

Mar 24, 2017

Vendor domains must not use Binder · f5446eb1

Alex Klyubin authored 8 years ago

On PRODUCT_FULL_TREBLE devices, non-vendor domains (except vendor
apps) are not permitted to use Binder. This commit thus:
* groups non-vendor domains using the new "coredomain" attribute,
* adds neverallow rules restricting Binder use to coredomain and
  appdomain only, and
* temporarily exempts the domains which are currently violating this
  rule from this restriction. These domains are grouped using the new
  "binder_in_vendor_violators" attribute. The attribute is needed
  because the types corresponding to violators are not exposed to the
  public policy where the neverallow rules are.

Test: mmm system/sepolicy
Test: Device boots, no new denials
Test: In Chrome, navigate to ip6.me, play a YouTube video
Test: YouTube: play a video
Test: Netflix: play a movie
Test: Google Camera: take a photo, take an HDR+ photo, record video with
      sound, record slow motion video with sound. Confirm videos play
      back fine and with sound.
Bug: 35870313
Change-Id: I0cd1a80b60bcbde358ce0f7a47b90f4435a45c95

f5446eb1

Feb 07, 2017
- Add incident command and incidentd daemon se policy. · 41f93db9
  Joe Onorato authored 8 years ago
```
Test: adb shell incident
Bug: 31122534
Change-Id: I4ac9c9ab86867f09b63550707673149fe60f1906
```
  41f93db9