PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2e00e6373f
android_system_sepolicy/private
History
dcashman 2e00e6373f sepolicy: add version_policy tool and version non-platform policy. 
In order to support platform changes without simultaneous updates from
non-platform components, the platform and non-platform policies must be
split.  In order to provide a guarantee that policy written for
non-platform objects continues to provide the same access, all types
exposed to non-platform policy are versioned by converting them and the
policy using them into attributes.

This change performs that split, the subsequent versioning and also
generates a mapping file to glue the different policy components
together.

Test: Device boots and runs.
Bug: 31369363
Change-Id: Ibfd3eb077bd9b8e2ff3b2e6a0ca87e44d78b1317
2016-12-06 08:56:02 -08:00
..
access_vectors access_vectors: Remove unused permission definitions 2016-11-21 23:41:18 +00:00
adbd.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
app.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
atrace.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
audioserver.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
bluetooth.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
bootanim.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
bootstat.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
cameraserver.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
cppreopts.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
debuggerd.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
dhcp.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
domain.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
drmserver.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
dumpstate.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
ephemeral_app.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
file_contexts /dev/port does not seem to be used, adding in rules to confirm. 2016-12-04 16:46:11 -08:00
file_contexts_asan Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
file.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
fingerprintd.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
fs_use Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
fsck.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
gatekeeperd.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
genfs_contexts Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
hal_audio.te clean up hal types 2016-10-26 09:50:04 -07:00
hal_boot.te sepolicy for boot_control HAL service 2016-10-25 13:33:48 -07:00
hal_graphics_allocator.te Add sepolicy for gralloc-alloc HAL 2016-11-14 01:09:51 +00:00
hal_graphics_composer.te Add sepolicy for hwcomposer HAL 2016-11-14 01:10:02 +00:00
hal_light_default.te Move hal_light to attribute. 2016-11-18 08:40:04 -08:00
hal_memtrack.te hal_memtrack: Add sepolicy for memtrack service. 2016-11-03 13:05:48 -07:00
hal_nfc.te clean up hal types 2016-10-26 09:50:04 -07:00
hal_power.te hal_power: Add sepolicy for power service. 2016-11-03 13:01:48 -07:00
hal_thermal.te sepolicy: Add policy for thermal HIDL service 2016-11-08 13:34:31 +01:00
hal_vibrator.te clean up hal types 2016-10-26 09:50:04 -07:00
hal_vr.te clean up hal types 2016-10-26 09:50:04 -07:00
hal_wifi.te wifi_hal: Rename to 'hal_wifi' 2016-10-28 09:00:31 -07:00
hci_attach.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
hostapd.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
hwservicemanager.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
init.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
initial_sid_contexts Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
initial_sids Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
inputflinger.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
install_recovery.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
installd.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
isolated_app.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
kernel.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
keys.conf Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
keystore.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
lmkd.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
logd.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
mac_permissions.xml Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
mdnsd.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
mediaanalytics.te Allow access to mediaanalytics service 2016-12-03 00:06:20 +00:00
mediacodec.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
mediadrmserver.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
mediaextractor.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
mediaserver.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
mls sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
mls_decl sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
mls_macros Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
mtp.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
netd.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
nfc.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
otapreopt_chroot.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
otapreopt_slot.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
perfprofd.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
platform_app.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
policy_capabilities Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
port_contexts Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
postinstall_dexopt.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
postinstall.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
ppp.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
priv_app.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
property_contexts property.te: delete security_prop 2016-11-11 12:31:19 -08:00
racoon.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
radio.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
recovery_persist.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
recovery_refresh.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
rild.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
roles_decl sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
runas.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
sdcardd.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
seapp_contexts Rename autoplay_app to ephemeral_app 2016-10-07 09:52:31 -07:00
security_classes Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
service_contexts Rules for new installd Binder interface. 2016-12-05 15:15:42 -07:00
servicemanager.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
shared_relro.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
shell.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
su.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
surfaceflinger.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
system_app.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
system_server.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
tee.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
toolbox.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
tzdatacheck.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
ueventd.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
uncrypt.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
untrusted_app.te sepolicy: add version_policy tool and version non-platform policy. 2016-12-06 08:56:02 -08:00
update_engine_common.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
update_engine.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
update_verifier.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
users Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
vdc.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
vold.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
webview_zygote.te Add the "webview_zygote" domain. 2016-11-11 10:13:17 -05:00
wificond.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
wpa.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00
zygote.te Split general policy into public and private components. 2016-10-06 13:09:06 -07:00