- 29 Oct, 2015 2 commits
-
-
Nick Kralevich authored
am: e9d261ff * commit 'e9d261ff': Create a new SELinux type for /data/nativetest
-
Nick Kralevich authored
1) Don't use the generic "system_data_file" for the files in /data/nativetest. Rather, ensure it has it's own special label. This allows us to distinguish these files from other files in SELinux policy. 2) Allow the shell user to execute files from /data/nativetest, on userdebug or eng builds only. 3) Add a neverallow rule (compile time assertion + CTS test) that nobody is allowed to execute these files on user builds, and only the shell user is allowed to execute these files on userdebug/eng builds. Bug: 25340994 Change-Id: I3e292cdd1908f342699d6c52f8bbbe6065359413
-
- 28 Oct, 2015 2 commits
-
-
Nick Kralevich authored
am: 89424bf9 * commit '89424bf9': Update text relocation neverallow assertions
-
Nick Kralevich authored
1) Don't allow any SELinux domain to attempt to perform a text relocation on a file from the /system partition. It's not supported and should never be attempted. 2) Completely block any non-app SELinux domains from using text relocations, regardless of the source. Bug: 20013628 Change-Id: I82573398d0d5586264a717a1e400a3dbc7793fe3
-
- 27 Oct, 2015 4 commits
-
-
Bruce Beare authored
am: 59019fd7 * commit '59019fd7': Define the i2C device policy
-
Bruce Beare authored
Change-Id: I93d9cfea2f2148bb042d1cb8af3649524ad31034 Signed-off-by:
Bruce Beare <bruce.j.beare@intel.com>
-
Jeff Vander Stoep authored
am: 9ba8ade5 * commit '9ba8ade5': Fix MTP sync
-
Jeff Vander Stoep authored
Address the following denial: avc: denied { use } for path="/storage/emulated/0/305512.pdf" dev="fuse" ino=239 scontext=u:r:kernel:s0 tcontext=u:r:priv_app:s0:c512,c768 tclass=fd permissive=0 Bug: 25068662 Change-Id: Ic29d9569ff387dfd411363db751c3642572c8e85
-
- 23 Oct, 2015 4 commits
-
-
Jeff Vander Stoep authored
am: 7b8f9f15 * commit '7b8f9f15': audit untrusted_app access to mtp_device
-
Jeff Vander Stoep authored
am: 0fc831c3 * commit '0fc831c3': Temporarily downgrade to policy version number
-
Jeff Vander Stoep authored
android.process.media moved to priv_app. Add audit rule to test if untrusted_app still requires access or if some/all permissions may be removed. Bug: 25085347 Change-Id: I13bae9c09bd1627b2c06ae84b069778984f9bd5d
-
Jeff Vander Stoep authored
Temporarily move from policy version 30 to 29 until device kernels and prebuilts are all upgraded to the accepted upstream version of the selinux ioctl command whitelisting code. (cherry picked from commit 89765083) Bug: 22846070 Change-Id: I31d1e80aaee164cf41a2f01c6ca846a000898ef4
-
- 19 Oct, 2015 9 commits
-
-
Jeffrey Vander Stoep authored
* commit '1b52ad6b': grant priv_app access to /dev/mtp_usb
-
Jeffrey Vander Stoep authored
-
Jeff Vander Stoep authored
android.process.media needs access to mtp_usb when MTP is enabled. Bug: 25074672 Change-Id: Ic48a3ba8e4395104b0b957f7a9bad69f0e5ee38e
-
Jeff Vander Stoep authored
* commit 'a910a287': Remove untrusted_app access to tmp apk files
-
Jeff Vander Stoep authored
Change-Id: I7f17a87595a05967879ccc33326eb80d7bd00251
-
Jeff Vander Stoep authored
Verifier has moved to the priv_app domain. Neverallow app domain access to tmp apk files with exceptions for platform and priv app domains. Change-Id: I68a2fa39ebc7dc0bfa278fe7d092655f21a5225d
-
Jeffrey Vander Stoep authored
-
Jeff Vander Stoep authored
* commit '7f09a945': Policy for priv_app domain
-
Jeff Vander Stoep authored
Verifier needs access to apk files. avc: denied { search } for pid=11905 comm="ackageinstaller" name="vmdl2040420713.tmp" dev="dm-2" ino=13647 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:apk_tmp_file:s0 tclass=dir permissive=0 Give bluetooth_manager_service and trust_service the app_api_service attribute. avc: denied { find } for service=bluetooth_manager pid=7916 uid=10058 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:bluetooth_manager_service:s0 tclass=service_manager permissive=0 avc: denied { find } for service=trust pid=25664 uid=10069 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:trust_service:s0 tclass=service_manager permissive=0 Bug: 25066911 Change-Id: I6be695546f8a951e3329c1ec412936b8637e5835
-
- 18 Oct, 2015 1 commit
-
-
Jeff Vander Stoep authored
* commit '734e4d7c': Give services app_api_service attribute
-
- 17 Oct, 2015 1 commit
-
-
Jeff Vander Stoep authored
avc: denied { find } for service=network_management pid=4503 uid=10070 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:network_management_service:s0 tclass=service_manager avc: denied { find } for service=netstats pid=4503 uid=10070 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:netstats_service:s0 tclass=service_manager permissive=0 Bug: 25022496 Change-Id: Ib6eac76b680fed3eca7e4942c6b0e375f12b6496
-
- 16 Oct, 2015 6 commits
-
-
Jeffrey Vander Stoep authored
* commit 'b1eced68': grant webviewupdate_service app_api_service attribute
-
Jeffrey Vander Stoep authored
-
Jeff Vander Stoep authored
avc: denied { find } for service=webviewupdate pid=11399 uid=10070 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:webviewupdate_service:s0 tclass=service_manager permissive=0 Bug: 25018574 Change-Id: I26a7846d1c80c1ab3842813f4148528030b1106a
-
Jeff Vander Stoep authored
neverallow access to untrusted_app and isolated app Access to cache is a system|signature permission. Only priv/system/platform apps should be allowed access. Change-Id: I7ebd38ce6d39950e74c0a164479bc59e694c852d
-
Jeffrey Vander Stoep authored
* commit '63613805': Privileged apps require access to cache
-
Jeffrey Vander Stoep authored
-
- 15 Oct, 2015 7 commits
-
-
Jeff Vander Stoep authored
gmscore uses cache for updates Bug: 24977552 Change-Id: I45a713fcfc70b71a2de712e77b64fb9feab67dd7
-
Nick Kralevich authored
* commit '745b4406': bluetooth.te: Relax bluetooth neverallow rule.
-
Nick Kralevich authored
Bug: 24866874 (cherry picked from commit 33a779fe) Change-Id: I0a9d4a30859b384cb3621c80568ef9da06ad44f6
-
Nick Kralevich authored
* commit '43cd0cce': allow shell self:process ptrace;
-
Nick Kralevich authored
Allow the non-privileged adb shell user to run strace. Without this patch, the command "strace /system/bin/ls" fails with the following error: shell@android:/ $ strace /system/bin/ls strace: ptrace(PTRACE_TRACEME, ...): Permission denied +++ exited with 1 +++ Change-Id: I207fe0f71941bff55dbeb6fe130e636418f333ee
-
Jeffrey Vander Stoep authored
* commit '1d2eaf92': Allow bluetooth to find the drmservice
-
Jeffrey Vander Stoep authored
-
- 14 Oct, 2015 4 commits
-
-
Jeffrey Vander Stoep authored
* commit 'd62fac7d': Remove permissions for untrusted_app
-
Jeff Vander Stoep authored
* commit 'ee9c0b5f': Add priv_app domain to global seapp_context
-
Jeffrey Vander Stoep authored
-
Jeff Vander Stoep authored
Privileged apps now run in the priv_app domain. Remove permissions from untrusted_app that were originaly added for GMS core, Finsky, and Play store. Bug: 22033466 Change-Id: Ibdce72ad629bfab47de92ac19542e8902e02c8be
-