This helps in the investigation of driver-related issues.
Bug: 145388549
Test: Manually, log collected on user build
Change-Id: I40631aac7878f58e399bc583898630055583fc7c
Enforce new requirements on app with targetSdkVersion=30 including:
- No RTM_GETLINK on netlink route sockets.
Remove some of the repetitive descriptions in each untrusted_app_N.te
file, and instead refer to the description in
public/untrusted_app.te.
Bug: 141455849
Test: CtsSelinuxTargetSdkCurrentTestCases
Test: libcore.java.net.NetworkInterfaceTest#testGetNetworkInterfaces
Change-Id: I89553e48db3bc71f229c71fafeee9005703e5c0b
Looking at go/sedenials, we see this permission being used by
MediaProvider like so:
type=1400 audit(0.0:3651): avc: granted { getattr } for comm=4173796E635461736B202331 path="/sys/fs/selinux/class/tipc_socket/perms/recvfrom" dev="selinuxfs" ino=67111391 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:selinuxfs:s0 tclass=file app=com.google.android.providers.media.module
... and numerous other directories, apparently from a filesystem walk.
It appears that this permission should not be granted to all priv-apps
now that GMS core has been split out into its own domain. This change
removes the permission for the priv_app domain and the corresponding
auditallow.
Bug: 147833123
Test: TH
Change-Id: I88146785c7ac3a8c15fe9b5f34f05d936f08ea48
We don't want to accidentally allow this, and a neverallow also means
that the issue will be found during development, instead of review.
Fixes: 148081219
Test: compile policy only
Change-Id: I57990a2a4ab9e5988b09dae2dd6a710ce8f53800
Written exclusively by init. Made it readable by shell for CTS, and for
easier platform debugging.
Bug: 137092007
Change-Id: Ia5b056117502c272bc7169661069d0c8020695e2
The comment in this file acknowledges that this is needed for "Wipe
data/cache", however it does not actually grant the permission for
cache_block_device. Add it. Fixes a denial seen on cuttlefish:
avc: denied { ioctl } for pid=223 comm="mke2fs"
path="/dev/block/vda3" dev="tmpfs" ino=486 ioctlcmd=0x127b
scontext=u:r:recovery:s0 tcontext=u:object_r:cache_block_device:s0
tclass=blk_file permissive=0
Bug: 146898312
Change-Id: I82b9975085c027941c970ca44dbb1a7a370295fa
This reverts commit a1aa2210a9.
Reason for revert: Potential culprit for Bug b/148049462 - verifying through Forrest before revert submission
Change-Id: Ibe4fa1dee84defde324deca87d9de24a1cc2911a
Enforce new requirements on app with targetSdkVersion=30 including:
- No bind() on netlink route sockets.
- No RTM_GETLINK on netlink route sockets.
Remove some of the repetitive descriptions in each untrusted_app_N.te
file, and instead refer to the description in
public/untrusted_app.te.
Bug: 141455849
Test: CtsSelinuxTargetSdkCurrentTestCases
Change-Id: Iad4d142c0c13615b4710d378bc1feca4d125b6cc
Linkerconfig should generate multiple linker configurations for APEX
with binaries. To meet this requirement, linkerconfig should be able to
create sub-directories per APEX module with binary, and also
linkerconfig should be able to scan APEX directories.
Bug: 147987608
Test: m -j passed && No sepolicy error from cuttlefish
Change-Id: I804a8e6121f647dfb1778c564649a33e4547a24a
This was originally added due to:
avc: denied { module_request } for comm="dnsmasq" kmod="netdev-bt-pan" scontext=u:r:dnsmasq:s0 tcontext=u:r:kernel:s0 tclass=system permissive=0
in wahoo specific selinux policy in commit cd761300c1cc67cb2be3e001b95317e8a865c5fe 'Allow some denials we have seen.'
This is most likely simply triggered by a race condition on attempting
to access a non existent network device 'bt-pan'.
While we've never seen this anywhere else, it could potentially happen
on any device so we might as well make this global...
Test: N/A
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I00f61a5fc2bfce604badf3b96f6ed808157eb78c
For vndk related properties, use vndk_prop context.
vndk_prop can be defined by 'init' and 'vendor_init', but free to
read by any processes.
Bug: 144534640
Test: check boot to see if the VNDK properties are readable
Change-Id: Ifa2bb0ce6c301ea2071e25ac4f7e569ea3ce5d83
System_server will listen on incoming packets from zygotes.
Bug: 136036078
Test: atest CtsAppExitTestCases:ActivityManagerAppExitInfoTest
Change-Id: I42feaa317615b90c5277cd82191e677548888a71
The code that uses the property has not been committed, so this change
has no impact on the codebase.
Bug: 140788621
Test: build an image that combines this change with the client code
and boot a phone. Verify that there are no policy violations.
Change-Id: Ie6c1a791578c61adae5b71a38e61a2f5b20bb817
We added an auditallow for this permission on 12/17/2019, and have not
seen any recent logs for this in go/sedenials. No other priv-app should
rely on this now that gmscore is running in its own domain.
Bug: 147833123
Test: TH
Change-Id: I96f810a55e0eb8f3778aea9598f6437de0f65c7f
We added auditallows for these permissions on 12/16/2019, and have not
seen any recent logs for this in go/sedenials. No other priv-app should
rely on this now that gmscore is running in its own domain.
Bug: 147833123
Test: TH
Change-Id: I4789b29462ef561288aeaabbdb1e57271d5fcd2a