Commits · 63c7ad6efbf2e64a8e5d41be581d769cf6c5c413 · CodeLinaro / public-release-test / platform / system / sepolicy

Sep 26, 2016
- Allow dumpstate to run ss. · 63c7ad6e
  Lorenzo Colitti authored 8 years ago
```
Bug: 23113288
Change-Id: I123e5d40955358665800fe3b86cd5f8dbaeb8717
```
  63c7ad6e
Sep 16, 2016

Add app_api_service to connmetrics_service · d0561efe

Hugo Benichi authored 8 years ago

This allows the ConnectivityMetrics app to dump connmetrics service
metrics.

Bug: 31254800
Change-Id: I4c3da8cc80a5820dbed9843badc1464f3ae40581

d0561efe

Sep 12, 2016
- Merge "New service name for IpConnectivity metrics" into nyc-mr1-dev · 5ed3131e
  Hugo Benichi authored 8 years ago
  
  5ed3131e
Sep 09, 2016
- New service name for IpConnectivity metrics · f412cc62
  Hugo Benichi authored 8 years ago
```
Bug: 31254800
Change-Id: If8708c8a4e0ea7655f31028881248a14cf2ba5f7
```
  f412cc62
Sep 08, 2016
- Merge "selinux: Update policies for mediadrmserver" into nyc-mr1-dev · 030632f0
  TreeHugger Robot authored 8 years ago
  
  030632f0
- Allow the zygote to stat all files it opens. am: a60342b7 · 35a0597a
  Narayan Kamath authored 8 years ago
```
am: 28e18c3a

Change-Id: I88bec1549bb1a28b70cb32b10911baa8d91669e9
```
  35a0597a
- Allow the zygote to stat all files it opens. · 28e18c3a
  Narayan Kamath authored 8 years ago
```
am: a60342b7

Change-Id: I2d7c99660b6bb9b45922f1203cb1eafe90659238
```
  28e18c3a
Sep 07, 2016

Allow the zygote to stat all files it opens. · a60342b7

Narayan Kamath authored 8 years ago

bug: 30963384

(cherry picked from commit 63203a01)

Change-Id: Ifa4b9a645f8edcf51e3f025316106e5b65a4790d

a60342b7

Aug 26, 2016
- Merge "Allow the zygote to stat all files it opens." into nyc-mr1-dev · 4af6d81b
  TreeHugger Robot authored 8 years ago
  
  4af6d81b
Aug 25, 2016
- Allow the zygote to stat all files it opens. · 63203a01
  Narayan Kamath authored 8 years ago
```
bug: 30963384
Change-Id: I62b5ffd43469dbb0bba67e1bb1d3416e7354f9e5
```
  63203a01
Aug 23, 2016

fix build: exclude bluetooth from neverallow restriction am: 7e380216 · ce84793b
Nick Kralevich authored 8 years ago
```
am: a59830d9

Change-Id: Ibb2f08c673f62136d51b6c510b830bcc958ce236
```
ce84793b
fix build: exclude bluetooth from neverallow restriction · a59830d9
Nick Kralevich authored 8 years ago
```
am: 7e380216

Change-Id: I827a8b38264906bd06a8fefb9c3a8209dbc1035f
```
a59830d9

fix build: exclude bluetooth from neverallow restriction · 7e380216

Nick Kralevich authored 8 years ago

Bluetooth is sometimes started from init.

Addresses the following compiler error:

  libsepol.report_failure: neverallow on line 489 of
  system/sepolicy/domain.te (or line 9149 of policy.conf) violated by
  allow init bluetooth:process { transition };
  libsepol.check_assertions: 1 neverallow failures occurred
  Error while expanding policy

Change-Id: I2bc1e15217892e1ba2a62c9683af0f3c0aa16b86

7e380216

Aug 22, 2016

Remove platform_app from neverallow execute from /data am: c55cf17a · 31bb306a
Nick Kralevich authored 8 years ago
```
am: 69fe5d07

Change-Id: Iaaea2aaeaba08869a8885c88e07c436196134d11
```
31bb306a
Rework neverallow for /data execute permission am: eedacf83 · 76e85e8c
Eino-Ville Talvala authored 8 years ago
```
am: 81fb2363

Change-Id: I129acfbecd2b8bb840c4d4897dbcc43f2ed0d2e2
```
76e85e8c
Remove platform_app from neverallow execute from /data · 69fe5d07
Nick Kralevich authored 8 years ago
```
am: c55cf17a

Change-Id: I48f8bbfab4cdd36e6f1555919ff5d032c07af0a2
```
69fe5d07
Rework neverallow for /data execute permission · 81fb2363
Eino-Ville Talvala authored 8 years ago
```
am: eedacf83

Change-Id: I4b23d564c6a4787180fea2c1530cc78808cbd0d0
```
81fb2363

Remove platform_app from neverallow execute from /data · c55cf17a

Nick Kralevich authored 8 years ago

Apparently some manufacturers sign APKs with the platform key
which use renderscript. Renderscript works by compiling the
.so file, and placing it in the app's home directory, where the
app loads the content.

Drop platform_app from the neverallow restriction to allow partners
to add rules allowing /data execute for this class of apps.

We should revisit this in the future after we have a better
solution for apps which use renderscript.

Bug: 29857189
Change-Id: I058a802ad5eb2a67e657b6d759a3ef4e21cbb8cc

c55cf17a

Rework neverallow for /data execute permission · eedacf83

Eino-Ville Talvala authored 8 years ago

Previously appdomains allowed to execute off of /data
where whitelisted. This had the unfortunate side effect of
disallowing the creation of device specific app domains
with fewer permissions than untrusted_app. Instead grant
all apps a neverallow exemption and blacklist specific app
domains that should still abide by the restriction.

This allows devices to add new app domains that need
/data execute permission without conflicting with this rule.

Bug: 26906711

(cherry picked from commit c5266df9)

Change-Id: I4adb58e8c8b35122d6295db58cedaa355cdd3924

eedacf83

Aug 17, 2016
- Merge "Allow system_server to delete directories in preloads" into nyc-mr1-dev · 1be3b599
  Fyodor Kupolov authored 8 years ago
  
  1be3b599
Aug 15, 2016
- Merge "sepolicy: give otapreopt getattr" into nyc-mr1-dev · 6ef377a0
  Andreas Gampe authored 8 years ago
  
  6ef377a0
Aug 13, 2016

sepolicy: give otapreopt getattr · 88c51465

Andreas Gampe authored 8 years ago

Allow the otapreopt rename script to read file attributes. This is
being used to print the aggregate artifact size for diagnostic
purposes.

Bug: 30832951
Change-Id: Iee410adf59dcbb74fa4b49edb27d028025cd8bf9

88c51465

Aug 10, 2016

Allow executing update_engine_sideload from recovery. · 27f19427

Alex Deymo authored 8 years ago

The recovery flow for A/B devices allows to sideload an OTA downloaded
to a desktop and apply from recovery. This patch allows the "recovery"
context to perform all the operations required to apply an update as
update_engine would do in the background. These rules are now extracted
into a new attributte called update_engine_common shared between
recovery and update_engine.

Bug: 27178350

(cherry picked from commit d63084d3)

Change-Id: I1f3e1e83a21e37e09b69cd9c497f87b42b9cbeb1

27f19427

Aug 02, 2016

selinux: Update policies for mediadrmserver · 8db0f254

Takahiro Aizawa authored 8 years ago

DRM 3rd party application with platform signature
requires the permission.

Bug: 30352348
Change-Id: Idd673506764ae435db1be8cc8c13658541ffa687

8db0f254

Jul 22, 2016
- allow policy to create a file by vfat (fs_type) for a case using sdcardfs · 69270e53
  Eric Bae authored 8 years ago
```
am: 320a0f54

Change-Id: I6aec72f8175839f4fefeb50f86fedc4202c776b8
```
  69270e53
- allow policy to create a file by vfat (fs_type) for a case using sdcardfs · 320a0f54
  Eric Bae authored 8 years ago
```
Change-Id: Ia938d73b1a49b9ba4acf906df37095d21edee22e
```
  320a0f54
Jul 20, 2016

Merge "drmserver: read locked ringtones" into nyc-mr1-dev · eba62067
TreeHugger Robot authored 8 years ago

eba62067
Merge "adbd: allow reading apk_data_file" into nyc-mr1-dev · a39d934b
TreeHugger Robot authored 8 years ago

a39d934b

drmserver: read locked ringtones · f23b870a

Jeff Vander Stoep authored 8 years ago

avc: denied { read } for comm="generic" path="/data/system_de/0/ringtones/ringtone_cache" dev="sda35" ino=1114120 scontext=u:r:drmserver:s0 tcontext=u:object_r:ringtone_file:s0 tclass=file

Change-Id: I40992733d779743be92c15a094d166a3df64a10f
Fixes: 30167454

f23b870a

adbd: allow reading apk_data_file · a7915ceb

Jeff Vander Stoep authored 8 years ago

(cherry picked from commit d743ddea)

avc: denied { search } for comm=73657276696365203139 name="app" dev="sda35" ino=770049 scontext=u:r:adbd:s0 tcontext=u:object_r:apk_data_file:s0 tclass=dir permissive=0

Bug: 30000600
Change-Id: I86958ebcca815ee1779f85fb425592493f40101a

a7915ceb

Jul 19, 2016
- Merge "allow system_server to set bootanim scheduling priority" into nyc-mr1-dev · bee7f71a
  Wei Wang authored 8 years ago
  
  bee7f71a
Jul 15, 2016

allow system_server to set bootanim scheduling priority · 1617c0ce

Wei Wang authored 8 years ago

Addresses the following denial:
     avc: denied { setsched } for pid=1405 comm="Binder:1094_3" scontext=u:r:system_server:s0 tcontext=u:r:bootanim:s0 tclass=process permissive=0

Maybe fix bug 30118894.

Bug: 30118894
Change-Id: I29be26c68094c253778edc8e4fef2ef1a238ee2e

1617c0ce

Merge "Define and group ppp socket ioctls" into nyc-mr1-dev · 49f0af54
TreeHugger Robot authored 8 years ago

49f0af54

Define and group ppp socket ioctls · cbde7f9f

Jeff Vander Stoep authored 8 years ago

Needed for legacy VPN access.

Note that ioctl whitelisting only uses the type and command fields
of the ioctl so only the last two bytes are necessary, thus 0x40047438
and 0x7438 are treated the same.

Bug: 30154346
Change-Id: I45bdc77ab666e05707729a114d933900655ba48b

cbde7f9f

Jul 14, 2016
- Merge "Allow apps to read preloaded photos" into nyc-mr1-dev · 77a15a17
  Amith Yamasani authored 8 years ago
  
  77a15a17
- Merge "Add sepolicy for update_verifier" into nyc-mr1-dev · b4c824b9
  Tianjie Xu authored 8 years ago
  
  b4c824b9
- Allow apps to read preloaded photos · e01654f9
  Amith Yamasani authored 8 years ago
```
For Retail Demo mode, we need to preload photos in
/data/preloads and allow regular apps to access the
photos returned by the media provider from the preloads
directory.

Bug: 29940807
Change-Id: Ic1061dac55ace1b125ae04b5b0c70aae9aa0c732
```
  e01654f9
- Merge "logpersist: reserve persist.logd.logpersistd" into nyc-mr1-dev · eac25bfb
  TreeHugger Robot authored 8 years ago
  
  eac25bfb
- nfc: allow access to drmserver_service · 9bf95372
  Jeff Vander Stoep authored 8 years ago
```
am: 479712b0

Change-Id: I926aa0ab56d0758e66a7fa9d01a8be70937baa67
```
  9bf95372
- logpersist: reserve persist.logd.logpersistd · 8f97c66e
  Mark Salyzyn authored 8 years ago
```
(cherry-pick from commit 68d67a0f)

shell, system_app and logd access granted on debug builds only

Add logd.logpersistd as well

Bug: 28936216
Bug: 28788401
Change-Id: Ib9648e8565cc0ea0077cf0950b0e4ac6fe0a3135
```
  8f97c66e