aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'cm-13.0' of ↵HEADmm6.0doc HD2017-08-021-0/+7
|\ | | | | | | | | | | https://github.com/LineageOS/android_external_sepolicy into mm6.0 Change-Id: Ie0b44cf12d6364285208c6df3e154c8f2f923ed9
| * Merge tag 'android-6.0.1_r74' into HEADJessica Wagantall2016-11-091-0/+7
| |\ | | | | | | | | | | | | | | | | | | | | | CYNGNOS-3303 Android 6.0.1 release 74 Change-Id: Icf0638b4bfa8716f8b4b1b63481755cf3420e613
| | * Allow the zygote to stat all files it opens.Narayan Kamath2016-09-271-0/+7
| | | | | | | | | | | | | | | | | | bug: 30963384 Change-Id: I62b5ffd43469dbb0bba67e1bb1d3416e7354f9e5 (cherry picked from commit 3ff0b0282688c3776904b8e5409a4dfb7f231e73)
| * | Merge tag 'android-6.0.1_r61' into HEADJessica Wagantall2016-08-021-0/+1
| |\| | | | | | | | | | | | | | | | Android 6.0.1 Release 61 (MOB30Z) Change-Id: If4ef759eb48ed270f658c2412cea5f7edd9b3d97
| * | sepolicy: Add policy for sdcardfs and configfsSteve Kondik2016-07-266-0/+15
| | | | | | | | | | | | | | | Change-Id: I4c318efba76e61b6ab0be9491c352f281b1c2bff Bug: 19160983
| * | Merge remote-tracking branch 'remotes/android-6.0.1_r52' into HEADJessica Wagantall2016-07-077-5/+17
| |\ \ | | | | | | | | | | | | | | | | | | | | Ticket: CYNGNOS-3020 Change-Id: Ia88a540cb0a5d2bf379d03053095a64cc4c73276
* | \ \ Merge "Merge branch 'android-6.0.1_r61' into mm6.0" into mm6.0doc HD2016-08-020-0/+0
|\ \ \ \
| * \ \ \ Merge branch 'android-6.0.1_r61' into mm6.0doc HD2016-08-021-0/+1
| |\ \ \ \ | | | |_|/ | | |/| | | | | | | Change-Id: Ia95ba9874fb745dae191829917c11ea2f0ea6d7a
* | | | | Merge "expose control over unpriv perf access to shell" into mm6.0doc HD2016-08-021-0/+1
|\ \ \ \ \ | |/ / / / |/| / / / | |/ / /
| * | / expose control over unpriv perf access to shellDaniel Micay2016-06-231-0/+1
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This allows the shell user to control whether unprivileged access to perf events is allowed. To enable unprivileged access to perf: adb shell setprop security.perf_harden 0 To disable it again: adb shell setprop security.perf_harden 1 This allows Android to disable this kernel attack surface by default, while still allowing profiling tools to work automatically. It can also be manually toggled, but most developers won't ever need to do that if tools end up incorporating this. (Cherry picked from commit 38ac77e4c2b3c3212446de2f5ccc42a4311e65fc) Bug: 29054680 Change-Id: Idcf6a2f6cbb35b405587deced7da1f6749b16a5f
* | | sepolicy: Add policy for sdcardfs and configfsSteve Kondik2016-07-276-0/+15
| | | | | | | | | | | | | | | Change-Id: I4c318efba76e61b6ab0be9491c352f281b1c2bff Bug: 19160983
* | | Merge tag 'android-6.0.1_r52' into HEADHashBang2016-07-077-5/+17
|\| | | | | | | | | | | Android 6.0.1 Release 52 (MOB30R)
| * | Remove generic socket access from untrusted processesNick Kralevich2016-05-271-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SELinux defines various classes for various socket types, including tcp_socket, udp_socket, rawip_socket, netlink_socket, etc. Socket classes not known to the SELinux kernel code get lumped into the generic "socket" class. In particular, this includes the AF_MSM_IPC socket class. Bluetooth using apps were granted access to this generic socket class at one point in 2012. In 1601132086b054adc70e7f8f38ed24574c90bc37, a TODO was added indicating that this access was likely unnecessary. In cb835a2852997dde0be2941173f8c879ebbef157, an auditallow was added to test to see if this rule was actually used, and in master branch d0113ae0aed1a455834f26ec847b6ca8610e3b16, this rule was completely deleted. Revoke access to the generic socket class for isolated_app, untrusted_app, and shell for older Android releases. This is conceptually a backport of d0113ae0aed1a455834f26ec847b6ca8610e3b16, but affecting fewer domains to avoid potential breakage. Add a neverallow rule asserting that this rule isn't present for the untrusted domains. Contrary to our usual conventions, the neverallow rule is placed in bluetooth.te, to avoid merge conflicts and simplify patching. Bug: 28612709 Bug: 25768265 Change-Id: Ibfbb67777e448784bb334163038436f3c4dc1b51
| * | Further restrict socket ioctls available to appsJeff Vander Stoep2016-05-276-4/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restrict unix_dgram_socket and unix_stream_socket to a whitelist for all domains. Remove ioctl permission for netlink_selinux_socket and netlink_route_socket for netdomain. Bug: 28171804 Bug: 27424603 Change-Id: I650639115b8179964ae690a39e4766ead0032d2e
* | | sepolicy: Allow platform_app to run su_exec() (1/2)LorDClockaN2016-06-061-1/+1
| | | | | | | | | | | | | | | | | | 2nd part is in vendor/aicp/sepolicy Change-Id: I22ecf815f48013710ed50f541cb9b704385efc90
* | | sepolicy: Allow system_server to run su_exec() (1/2)LorDClockaN2016-06-041-1/+1
| | | | | | | | | | | | | | | | | | 2nd part is in vendor/aicp/sepolicy Change-Id: Ia81d86abf6a9edfce0e497462f023e78e443beaf
* | | Merge "Revert "sepolicy: Add tad_placeholder attribute"" into mm6.0Davor Bertovic2016-04-242-4/+1
|\ \ \
| * | | Revert "sepolicy: Add tad_placeholder attribute"Peter Repukat2016-04-242-4/+1
| | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 8ee1e006e3b59f3414c5dbb0e461e14d1a5b3104. Change-Id: I7c206c949961749b7d16395503d2552c6740ac3b
* | | | Merge branch 'cm-13.0' of ↵LorDClockaN2016-04-200-0/+0
|\ \ \ \ | |/ / / |/| | / | | |/ | |/| https://github.com/CyanogenMod/android_external_sepolicy.git into r30
| * | Merge tag 'android-6.0.1_r30' into HEADJessica Wagantall2016-04-180-0/+0
| |\| | | | | | | | | | | | | Ticket: RM-234 Android 6.0.1 release 30
| | * DO NOT MERGE: Further restrict access to socket ioctl commandsJeff Vander Stoep2016-02-262-5/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove untrusted/isolated app access to device private commands. Only allow shell user to access unprivileged socket ioctl commands. Bug: 26324307 Bug: 26267358 Change-Id: Iddf1171bc05c7600e0292f925d18d748f13a98f2
* | | sepolicy: Add tad_placeholder attributeHumberto Borba2016-04-172-1/+4
| | | | | | | | | | | | | | | | | | | | | It is required for all Sony devices. Signed-off-by: Humberto Borba <humberos@gmail.com> Change-Id: I6f4ba0bdae76ba174ad6e7eb52742d6135aa80e8
* | | sepolicy: allow logcat apps to work with supersubeanstown1062016-04-041-0/+1
| | | | | | | | | | | | Change-Id: I1e1d3b5a1941cd10104bb3f92a8ca3226a93c0ff
* | | sepolicy: allow logthatshit to work with SuperSU on Enforcingpranav2016-04-041-0/+1
| | | | | | | | | | | | Change-Id: Ief356440cccc9b9cb49da74390c355c29c444391
* | | Patch to allow SuperSU to run in SELinux enforcingbeanstown1062016-03-131-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a special thanks to @Chainfire for pointing me to the right places and @imoseyon for helping with the selinux rules Written By: @BeansTown106 Keep the @ in my name id like to track the use of this.. Change-Id: I10c98e73fb8e025c6dd3ddbb7ca7abf9662dd8cb
* | | Merge branch 'cm-13.0' of ↵LorDClockaN2016-03-134-6/+17
|\| | | | | | | | | | | https://github.com/CyanogenMod/android_external_sepolicy.git into r22
| * | Merge tag 'android-6.0.1_r22' of ↵Steve Kondik2016-03-104-6/+17
| |\ \ | | | | | | | | | | | | | | | | | | | | https://android.googlesource.com/platform/external/sepolicy into cm-13.0 Android 6.0.1 release 22
| | * \ DO NOT MERGE: Further restrict access to socket ioctl commands am: ↵Jeff Vander Stoep2016-01-122-5/+12
| | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 57531cacb4 am: c0ce53cc8d am: f290a2ddd0 * commit 'f290a2ddd08e9b27fbded7a999238b2ae4517bf5': DO NOT MERGE: Further restrict access to socket ioctl commands
| | | * \ DO NOT MERGE: Further restrict access to socket ioctl commands am: 57531cacb4Jeff Vander Stoep2016-01-122-5/+12
| | | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: c0ce53cc8d * commit 'c0ce53cc8d4538b9215702df1c6f5208cf415cda': DO NOT MERGE: Further restrict access to socket ioctl commands
| | | | * \ DO NOT MERGE: Further restrict access to socket ioctl commandsJeff Vander Stoep2016-01-122-5/+12
| | | | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: 57531cacb4 * commit '57531cacb40682be4b1189c721fd1e7f25bf3786': DO NOT MERGE: Further restrict access to socket ioctl commands
| | | | | * | DO NOT MERGE: Further restrict access to socket ioctl commandsJeff Vander Stoep2016-01-052-5/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove untrusted/isolated app access to device private commands. Only allow shell user to access unprivileged socket ioctl commands. Bug: 26324307 Bug: 26267358 Change-Id: Iddf1171bc05c7600e0292f925d18d748f13a98f2
| | * | | | | Add policies for system_server to delete fpdata folderAmith Yamasani2015-12-181-1/+3
| | |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | Bug: 26211308 Change-Id: I8fd2d14ea52d49a33e6cdbcdf90630eea89f7dd0
| | * | | | Enable permission checking by binderservicedomain.dcashman2015-10-291-0/+3
| | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: 32d207e042 * commit '32d207e042c280a1d230e180dc6d49aba3b0248c': Enable permission checking by binderservicedomain.
| | | * | | Enable permission checking by binderservicedomain.dcashman2015-10-291-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | binderservicedomain services often expose their methods to untrusted clients and rely on permission checks for access control. Allow these services to query the permission service for access decisions. Bug: 25282923 Change-Id: I39bbef479de3a0df63e0cbca956f3546e13bbb9b
| | * | | | Merge "Revert "Update sepolicy to allow ThermalObserver system service"" ↵Anthony Hugh2015-10-222-2/+0
| | |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | into cw-e-dev
| | | * | | | Revert "Update sepolicy to allow ThermalObserver system service"Anthony Hugh2015-10-222-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit cda36e31d162bbab78b19c61c166e15f18815788. This will be moved to a device specific file. BUG: 24555181 Change-Id: I0eb543211245c37da77bbf42449f70ff3fdf79ec
| | * | | | | Merge remote-tracking branch \'goog/mnc-cts-release\' into HEAD am: ↵Bill Yi2015-10-210-0/+0
| | |\ \ \ \ \ | | | | |/ / / | | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 7d20f40879 am: a8bbe96d8b am: 5eac92174c * commit '5eac92174c8a036e088337c1c44f1ea84ab59b0f':
| | | * | | | Merge remote-tracking branch \'goog/mnc-cts-release\' into HEAD am: 7d20f40879Bill Yi2015-10-210-0/+0
| | | |\ \ \ \ | | | | | |/ / | | | | |/| | | | | | | | | | | | | | | | | | | | | | | am: a8bbe96d8b * commit 'a8bbe96d8b3fc76bd36e7f6582b79c94a7ecaa80':
| | | | * | | Merge remote-tracking branch \'goog/mnc-cts-release\' into HEADBill Yi2015-10-210-0/+0
| | | | |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | am: 7d20f40879 * commit '7d20f40879d1cdcc39dc6e876371020c258d5a86':
| | | | | * \ \ Merge remote-tracking branch 'goog/mnc-cts-release' into HEADBill Yi2015-10-210-0/+0
| | | | | |\ \ \
| | * | | | | | | Merge "untrusted_apps: Allow untrusted apps to find healthd_service." into ↵Nick Kralevich2015-10-191-0/+1
| | |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | mnc-dr-dev am: 6ab438dc8b * commit '6ab438dc8b4c8b661c8209ecfb66b626b8bdc532': untrusted_apps: Allow untrusted apps to find healthd_service.
| | * | | | | | | am 9fcc949f: am 63af426a: bluetooth.te: Relax bluetooth neverallow rule. am: ↵Nick Kralevich2015-10-140-0/+0
| | |\ \ \ \ \ \ \ | | | |_|_|_|_|/ / | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 33a779fecb * commit '9fcc949f3ca6c2a6d968f3bde57c8ce89f5d9bc6': bluetooth.te: Relax bluetooth neverallow rule.
| | * | | | | | | Update sepolicy to allow ThermalObserver system serviceBryce Lee2015-09-242-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bug: 21445745 Change-Id: I59fd20f61a5e669e000f696f3738cc11071920aa
| | * | | | | | | am 48dae29f: Merge "Allow system_server to bind ping sockets." into mnc-dr-devLorenzo Colitti2015-09-151-1/+5
| | |\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit '48dae29f9a046b328b49abd2073e134d7c29b274': Allow system_server to bind ping sockets.
| | * \ \ \ \ \ \ \ am 0b764ae9: Allow untrusted_app to list services.dcashman2015-09-111-0/+3
| | |\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * commit '0b764ae98a7fe452690616b7d722a63bb7cd5fa8': Allow untrusted_app to list services.
| | * | | | | | | | | DO NOT MERGE Grant Bluetooth the ability to acquire wake locks.Sharvil Nanavati2015-08-311-1/+3
| | | |_|_|_|_|_|/ / | | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bug: 23375670 Change-Id: I0454c580b465a2f0edc928cf0effb71733866f03
| * | | | | | | | | Revert "property: Make the adb tcp port property a wildcard"Ethan Chen2015-12-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Causes android.cts.security.SELinuxHostTest#testAospPropertyContexts test failure since it's looking for an exact string match. This reverts commit 60ddcc03e9401c3fb1e064bb84171a112a9bb8be. Change-Id: I66b5e1d59588be7b73b49f9b0e06d4834a008cf3
* | | | | | | | | | sepolicy: Allow system_app to run su_exec()Zipsnet2015-12-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Change-Id: I56f83cc4896de75165e010d12ff38525015e8e54
* | | | | | | | | | Revert "property: Make the adb tcp port property a wildcard"Ethan Chen2015-12-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Causes android.cts.security.SELinuxHostTest#testAospPropertyContexts test failure since it's looking for an exact string match. This reverts commit 60ddcc03e9401c3fb1e064bb84171a112a9bb8be. Change-Id: I66b5e1d59588be7b73b49f9b0e06d4834a008cf3
* | | | | | | | | | Merge branch 'cm-13.0' of ↵doc HD2015-12-083-1/+5
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://github.com/CyanogenMod/android_external_sepolicy into mm6.0
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-20 00:49:20 +0000