Commits · a5d0ac440b7b0cdc84d8ad6b9c9451b4042f7b48 · halo / external_sepolicy

08 Oct, 2013 1 commit
- merge in KQS81M · a5d0ac44
  Ed Heyl authored 11 years ago
  
  a5d0ac44
18 Sep, 2013 1 commit
- merge in klp-release history after reset to klp-dev · b5f788e7
  The Android Automerger authored 11 years ago
  
  b5f788e7
17 Sep, 2013 1 commit

Fix long-tail denials in enforcing domains. · 3bb1ccc2

Geremy Condra authored 11 years ago

The specific denials we see are:

denied { getattr } for pid=169 comm=""installd"" path=""/data/data/com.android.providers.downloads/cache/downloadfile.jpeg"" dev=""mmcblk0p23"" ino=602861 scontext=u:r:installd:s0 tcontext=u:object_r:download_file:s0 tclass=file
denied { fsetid } for pid=598 comm=""netd"" capability=4 scontext=u:r:netd:s0 tcontext=u:r:netd:s0 tclass=capability
denied { read } for pid=209 comm=""installd"" name=""cache"" dev=""mmcblk0p28"" ino=81694 scontext=u:r:installd:s0 tcontext=u:object_r:download_file:s0 tclass=dir

Bug: 10786017
Change-Id: Ia5d0b6337f3de6a168ac0d5a77df2a1ac419ec29

3bb1ccc2

12 Sep, 2013 1 commit
- merge in klp-release history after reset to klp-dev · fd7bf2a5
  The Android Automerger authored 11 years ago
  
  fd7bf2a5
11 Sep, 2013 5 commits
- Merge "Allow vold to start and stop processes via init" into klp-dev · 13a74a3a
  Geremy Condra authored 11 years ago
  
  13a74a3a
- Switch installd to use r_dir_perms for download_file dirs. · a77068b3
  Geremy Condra authored 11 years ago
```
This fixes an issue in which installd can't open download
file dirs.

Bug: 10710450
Change-Id: I1dd08188a88428143c4bb914e872175dc3755597
```
  a77068b3
- Switch installd to use r_dir_perms for download_file dirs. · 011094cc
  Geremy Condra authored 11 years ago
```
This fixes an issue in which installd can't open download
file dirs.

Bug: 10710450
Change-Id: I1dd08188a88428143c4bb914e872175dc3755597
```
  011094cc
- Give vold the capability to kill. · 7eb786bc
  Geremy Condra authored 11 years ago
```
Bug: 10706792
Change-Id: I85085ab7a6f0f3d12ba4d2b21b655bb64795495f
```
  7eb786bc
- Allow vold to start and stop processes via init · 49748558
  Ken Sumrall authored 11 years ago
```
This is needed for the new fuse wrapped sdcard support.

bug: 10330128

Change-Id: Ic5ebc769d376bf061d237616e56bcd562a63c6be
```
  49748558
10 Sep, 2013 4 commits
- merge in klp-release history after reset to klp-dev · e7e42f03
  The Android Automerger authored 11 years ago
  
  e7e42f03
- Backport part of d615ef34 to klp-dev · 9565c5ce
  Nick Kralevich authored 11 years ago
```
Part of d615ef34 hasn't been backported
to klp-dev yet.  Do it now.

Change-Id: Ib4f26c64d376e236fa3f76166f5d78a9f28b79a3
```
  9565c5ce
- Allow installd to clear fifos and sockets · 839af9ed
  Nick Kralevich authored 11 years ago
```
Bug: 10680357
Change-Id: I2a20f4aaaa53acbd53a404d369a79ae47246ad6f
```
  839af9ed
- Fix bug report notification not showing up. · b9bbfeb0
  Alex Klyubin authored 11 years ago
```
Bug: 10498304
Change-Id: I74cac92368353694612dbd94f0d072b97ec9878b
```
  b9bbfeb0
09 Sep, 2013 2 commits
- Fix bug report notification not showing up. · a96a05a8
  Nick Kralevich authored 11 years ago
```
Bug: 10498304
Change-Id: Ic0e30bdf6cc35f9d9e2752f36940e75e7ae37d83
```
  a96a05a8
- Fix bug report notification not showing up. · d629b87e
  Nick Kralevich authored 11 years ago
```
Bug: 10498304
Change-Id: Ic0e30bdf6cc35f9d9e2752f36940e75e7ae37d83
```
  d629b87e
05 Sep, 2013 1 commit

Give Zygote the ability to write app data files. · ae5927b8

Geremy Condra authored 11 years ago

This fixes another bug encountered while taking bugreports.

Bug: 10498304
Change-Id: Ie33e869ccd28c5461f4f3736c078b2a865aa7cdd

ae5927b8

04 Sep, 2013 1 commit

Give Zygote the ability to write app data files. · 090645b3

Geremy Condra authored 11 years ago

This fixes another bug encountered while taking bugreports.

Bug: 10498304
Change-Id: Ie33e869ccd28c5461f4f3736c078b2a865aa7cdd

090645b3

29 Aug, 2013 1 commit
- merge in klp-release history after reset to klp-dev · da952e12
  The Android Automerger authored 11 years ago
  
  da952e12
28 Aug, 2013 1 commit
- Add capabilities to Zygote to fix valgrind. · e0362602
  Geremy Condra authored 11 years ago
```
Bug: 10455872
Change-Id: I98885e8cd1e4f9ab0d3e2af6d79b078a000db539
```
  e0362602
17 Aug, 2013 1 commit

Add the ability to write shell files to the untrusted_app domain. · a9bf59ca

Geremy Condra authored 11 years ago

Bug: 10290009
Change-Id: Ic794299261672b36a2b630893b65ab176c3eee6b
(cherry picked from commit eaa4e844e4c8549c9b4808a1272876a6995ca5a7)

a9bf59ca

16 Aug, 2013 1 commit

Add the ability to write shell files to the untrusted_app domain. · 29d0d406

Geremy Condra authored 11 years ago

Bug: 10290009
Change-Id: Ic794299261672b36a2b630893b65ab176c3eee6b
(cherry picked from commit eaa4e844e4c8549c9b4808a1272876a6995ca5a7)

29d0d406

06 Aug, 2013 1 commit
- merge in klp-release history after reset to master · 6db3c2d1
  The Android Automerger authored 11 years ago
  
  6db3c2d1
05 Aug, 2013 1 commit
- Fix clatd, broken by selinux policing /dev/tun · ab7dfabb
  Lorenzo Colitti authored 11 years ago
```
Bug: 10175701
Change-Id: I185df22bdbaafd56725760ec6c71340b67455046
```
  ab7dfabb
30 Jul, 2013 1 commit
- merge in klp-release history after reset to master · 3411f785
  The Android Automerger authored 11 years ago
  
  3411f785
26 Jul, 2013 1 commit
- Merge "healthd: add sepolicy" · 32c0dbd2
  Todd Poynor authored 11 years ago
  
  32c0dbd2
17 Jul, 2013 1 commit
- merge in klp-release history after reset to master · ebdbc2fe
  The Android Automerger authored 11 years ago
  
  ebdbc2fe
16 Jul, 2013 6 commits
- Permit apps to bind TCP/UDP sockets to a hostname · 7cda86eb
  Alex Klyubin authored 11 years ago
```
Change-Id: Ided2cf793e94bb58529789c3075f8480c0d0cf4e
```
  7cda86eb
- Move isolated_app.te / untrusted_app.te into permissive · 08711d34
  Nick Kralevich authored 11 years ago
```
OTAs aren't properly labeling /system, which is causing SELinux
breakage. Temporarily put isolated_app.te and untrusted_app.te
into permissive.

Bug: 9878561
Change-Id: Icaf674ad6b3d59cbca3ae796c930c98ab67cae9c
```
  08711d34
- Move isolated_app.te / untrusted_app.te into permissive · 24617fc3
  Nick Kralevich authored 11 years ago
```
OTAs aren't properly labeling /system, which is causing SELinux
breakage. Temporarily put isolated_app.te and untrusted_app.te
into permissive.

Bug: 9878561
Change-Id: Icaf674ad6b3d59cbca3ae796c930c98ab67cae9c
```
  24617fc3
- Allow apps to create listening ports · 59faed05
  Nick Kralevich authored 11 years ago
```
Bug: 9872463
Change-Id: I47eabeace3387afd24c0fd4bee70e77c0a3586d5
```
  59faed05
- merge in klp-release history after reset to master · 73e859c6
  The Android Automerger authored 11 years ago
  
  73e859c6
- Only init should be able to load a security policy · 2637198f
  Nick Kralevich authored 11 years ago
```
Bug: 9859477
Change-Id: Iadd26cac2f318b81701310788bed795dadfa5b6b
```
  2637198f
15 Jul, 2013 6 commits

Temporarily allow untrusted apps to read shell data files. · 8a2ebe34

Nick Kralevich authored 11 years ago

This is needed to support "Verify App" functionality.
During side loading, the Verify App functionality reads the APK
to determine if it's safe to install.

Bug: 9863154
Change-Id: I33f6b0fd012f6cb194e253d5d92cf6189d6aa222

8a2ebe34

Merge "untrusted_app.te / isolated_app.te / app.te first pass" · 0b5b4faf
Nick Kralevich authored 11 years ago

0b5b4faf

Remove /sys from file_contexts · 3632bb29

Nick Kralevich authored 11 years ago

/sys was getting labeled as a rootfs file, but according to
genfs_contexts, it's really a sysfs file. This conflict is causing
problems when patch f29c533c49ab1c90eae612b1c454f2c6879a6658 from
system/core is applied.

Change-Id: I3f34c9ee68bedb171ebebfcd356e924c987b58ff

3632bb29

Merge "domain.te: Temporarily work around debuggerd connection bug" · ceff21b7
Nick Kralevich authored 11 years ago

ceff21b7

domain.te: Temporarily work around debuggerd connection bug · 5919d1c8

Nick Kralevich authored 11 years ago

For some reason, the debuggerd socket isn't getting properly
labeled. Work around this bug for now by allowing all domains
to connect to all unix stream sockets.

Bug: 9858255
Change-Id: If994e51b0201ea8cae46341efc76dc71a4e577c8

5919d1c8

merge in klp-release history after reset to master · caf7531c
The Android Automerger authored 11 years ago

caf7531c

14 Jul, 2013 1 commit

untrusted_app.te / isolated_app.te / app.te first pass · 6634a108

Nick Kralevich authored 11 years ago

This is my first attempt at creating an enforcing SELinux domain for
apps, untrusted_apps, and isolated_apps. Much of these rules are based on the
contents of app.te as of commit 11153ef3
with extensive modifications, some of which are included below.

* Allow communication with netd/dnsproxyd, to allow netd to handle
  dns requests
* Allow binder communications with the DNS server
* Allow binder communications with surfaceflinger
* Allow an app to bind to tcp/udp ports
* Allow all domains to read files from the root partition, assuming
  the DAC allows access.

In addition, I added a bunch of "neverallow" rules, to assert that
certain capabilities are never added.

This change has a high probability of breaking someone, somewhere.
If it does, then I'm happy to fix the breakage, rollback this change,
or put untrusted_app into permissive mode.

Change-Id: I83f220135d20ab4f70fbd7be9401b5b1def1fe35

6634a108

13 Jul, 2013 1 commit

remove "self:process ptrace" from domain, netd neverallow rules · 9a19885c

Nick Kralevich authored 11 years ago

Remove "self:process ptrace" from all SELinux enforced domains.
In general, a process should never need to ptrace itself.
We can add this back to more narrowly scoped domains as needed.

Add a bunch of neverallow assertions to netd.te, to verify that netd
never gets unexpected capabilities.

Change-Id: Ie862dc95bec84068536bb64705667e36210c5f4e

9a19885c