aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-12-06Snap for 11180250 from a7b5fa81daaac01d3a24caaecc2354e71d08d240 to 24Q1-releaseandroid-14.0.0_r37android-14.0.0_r36android-14.0.0_r35android-14.0.0_r34android-14.0.0_r33android-14.0.0_r32android-14.0.0_r31android-14.0.0_r30android-14.0.0_r29android14-qpr2-s5-releaseandroid14-qpr2-s4-releaseandroid14-qpr2-s3-releaseandroid14-qpr2-s2-releaseandroid14-qpr2-s1-releaseandroid14-qpr2-releaseAndroid Build Coastguard Worker
Change-Id: I982bc798acd01c236fed24a6a52244e5a8a63f7c
2023-12-05Revert "Use generic isSelector" am: 27d4f93b76 am: fd16119838 am: 05a74fd219Daniel Chapin
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2858485 Change-Id: Ib50610278ec483c87d4d2c52f60ee340744c821b Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-05Revert "Use generic isSelector" am: 27d4f93b76 am: a772618e5c am: a9be036f81Daniel Chapin
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2858485 Change-Id: Ic52cbb7c1e50bd97ca3e928f619e876d575e962e Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-05Revert "Use generic isSelector" am: 27d4f93b76 am: fd16119838Daniel Chapin
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2858485 Change-Id: I52e564e9ce90b0118f0e1ed576ca784385151b32 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-05Revert "Use generic isSelector" am: 27d4f93b76 am: a772618e5cDaniel Chapin
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2858485 Change-Id: I335a819d7c851b62c3b0a123fbfe34c176469127 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-05Revert "Use generic isSelector" am: 27d4f93b76android-u-qpr3-beta-1-gplandroid-u-qpr2-beta-2-gplDaniel Chapin
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2858485 Change-Id: Id3421f08cf85f2744b757cdd4e89726f98f1b9a5 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-05Revert "Use generic isSelector" am: 27d4f93b76Daniel Chapin
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2858485 Change-Id: I71ff5b24278be5ee64a1d46ba39550c2826720e0 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-05Merge cherrypicks of ['googleplex-android-review.googlesource.com/25550743'] ↵Android Build Coastguard Worker
into 24Q1-release. Change-Id: Ie506073ac2cbea746e2390f7a3b05f332007a6e0
2023-12-05Revert "Use generic isSelector"Daniel Chapin
This reverts commit 3d85f1e1163ea3d5e8a1d7a1dfdadc97ee761fcc. Reason for revert: Droidfood blocking bug: b/314704483 (cherry picked from https://android-review.googlesource.com/q/commit:27d4f93b76486602326633f494baca3a3ee38cf6) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:247928780fcda9c5a5dc71b77249064224a72686) Merged-In: I4cec1f1c4de25c28536c4f56cfd297ab1a9f3812 Change-Id: I4cec1f1c4de25c28536c4f56cfd297ab1a9f3812
2023-12-05Revert "Use generic isSelector"Daniel Chapin
This reverts commit 3d85f1e1163ea3d5e8a1d7a1dfdadc97ee761fcc. Reason for revert: Droidfood blocking bug: b/314704483 Change-Id: I4cec1f1c4de25c28536c4f56cfd297ab1a9f3812
2023-12-02Snap for 11169761 from 5f0adaf8248c386ce42c166cbfe85fc12bca0811 to 24Q1-releaseAndroid Build Coastguard Worker
Change-Id: I12f50df9b77b83fd4621d4df86539267686161e1
2023-12-01Use generic isSelector am: 3d85f1e116 am: d26a4af638 am: 57857be7cbThiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2839485 Change-Id: I907beaae8a76e6d3209fa6eb1d21298b5170e3f5 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-01Use generic isSelector am: 3d85f1e116 am: bce1d3689b am: 28f879de16Thiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2839485 Change-Id: I067484d72885ba209b0944a326474b2008cec004 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-01Use generic isSelector am: 3d85f1e116 am: d26a4af638Thiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2839485 Change-Id: I96867dca9a2731cf062a795fcfdf034beb9e9cab Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-01Use generic isSelector am: 3d85f1e116 am: bce1d3689bThiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2839485 Change-Id: I408f1d9edea15863dde0e50ca5f2000ebf8fad5c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-01Use generic isSelector am: 3d85f1e116Thiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2839485 Change-Id: Iebf082e0c29320766b69c5ea6b9fb151c8676a25 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-01Use generic isSelector am: 3d85f1e116Thiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2839485 Change-Id: I0aad333ba1526c0a61ea2d55c528b1e7373897e7 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-12-01Use generic isSelectorThiébaud Weksteen
seapp_contexts supports multiple boolean attributes: isPrivApp, isEphemeralApp, isIsolatedComputeApp, isSdkSandboxAudit, isSdkSandboxNext, fromRunAs. Each of these exists to support a specific labelling scenario from the framework. When a new predicate is required, an update to libselinux is also required. This change generically handles any attribute starting with "is" and maps it directly (case-insensitive) to the same seinfo field. It is assumed that only one of these is required at a time. An error is raised if seapp_contexts contains multiple is-selector within one rule. An error is raised if seinfo contains multiple is-selector. The order for comparison between seapp_contexts is altered: an entry with an is-selector will be prioritized over one with an unspecifed is-selector. This is not quite the previous order (e.g., isPrivApp < targetSdkVersion < fromRunAs), but it is understood that the previous order was not intentional and emerged from the incremental contributions to this library. The boolean info.isPreinstalledApp is replaced by checking the first byte of info.partition. Test: atest --host libselinux_test Bug: 307635909 Change-Id: Ice3b84870e3255f6d9357d9750acbe9691b45aad
2023-11-23Snap for 11135477 from 148c2f327d74a51371f0ea80c44f6730d7a9849e to 24Q1-releaseAndroid Build Coastguard Worker
Change-Id: Ibf0f44b900403daa17eb2b0ca399f064512d2be0
2023-11-21Refactor the parsing of seinfo am: 7fd89c00f7 am: c4b477c1de am: f87183c61bThiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2836178 Change-Id: I40a776d1e79ab6927464cb1bd5a5b612cd5c2292 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-11-21Refactor the parsing of seinfo am: 7fd89c00f7 am: 4bf49f0fb0 am: 6af667a24bThiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2836178 Change-Id: I5742cf04e29ef3e54b81cdc2134170fbf3960f74 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-11-21Refactor the parsing of seinfo am: 7fd89c00f7 am: c4b477c1deThiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2836178 Change-Id: Ia03b4d9c99c43b1644c949f5ca6cfb11147f383d Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-11-21Refactor the parsing of seinfo am: 7fd89c00f7 am: 4bf49f0fb0Thiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2836178 Change-Id: I5b172e06cd5efe1c18a0eb9bf7f69593aeb76d29 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-11-21Refactor the parsing of seinfo am: 7fd89c00f7Thiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2836178 Change-Id: I11bfae9f5cb86c03642d30afb7b8f1ea46c9efb0 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-11-21Refactor the parsing of seinfo am: 7fd89c00f7Thiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2836178 Change-Id: Ifa4dbb6ccaa95af13c388fb60736517b77b34475 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-11-21Refactor the parsing of seinfoThiébaud Weksteen
The seinfo string contains many attributes provided by the caller to match an seapp_contexts rule. Its usage has evolved organically and now contains multiple fields for various purposes. Refactor the parsing of seinfo, relying on strtok as the string informally follows the convention of using colons between attributes and an equal sign to separate an attribute and its value. For instance, default:privapp:targetSdkVersion=10000:partition=system:complete A new internal structure is introduced to capture the attributes. The new parse_seinfo function replaces seinfo_parse (which only parsed the first attribute, historically the original seinfo), get_partition and get_app_targetSdkVersion. The new function is expected to behave similarly to the previous code. Unknown attributes are now logged, but still ignored. The "complete" attribute is now interpreted (as the last attribute), but not required. Unit tests are added to cover standard and edge cases. Test: boot and verify denial logs Test: atest --host libselinux_test Bug: 307635909 Change-Id: Ia0e3522c42c80e6e631ff1af644e03f53d88da93
2023-10-27Snap for 11012804 from 9db97963d2d43759a8fdf68f5a3d2b161eb17f11 to 24Q1-releaseAndroid Build Coastguard Worker
Change-Id: Ibf27adbe592115eccebcfa07aebb8cb2eb64de34
2023-10-26Introduce sdk_sandbox_audit SELinux domain am: 90c0d6546d am: 1163af38b5 am: ↵Sandro Montanari
bc58ce3f60 Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2797594 Change-Id: I015b80f186fa32a50feff8ab92241718d17ad8e9 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-10-26Introduce sdk_sandbox_audit SELinux domain am: 90c0d6546d am: 1fb35a146a am: ↵Sandro Montanari
7c4998952f Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2797594 Change-Id: I7a127b33fa31edb7413f52f96ac3d84dba8e8d6f Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-10-26Introduce sdk_sandbox_audit SELinux domain am: 90c0d6546d am: 1163af38b5Sandro Montanari
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2797594 Change-Id: Ife97c50400054605e3e9fe62574a05ee65bc3e31 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-10-26Introduce sdk_sandbox_audit SELinux domain am: 90c0d6546d am: 1fb35a146aSandro Montanari
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2797594 Change-Id: I21ce6a808a1db942978cf7195c59c1611766e50c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-10-26Introduce sdk_sandbox_audit SELinux domain am: 90c0d6546dSandro Montanari
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2797594 Change-Id: I99385f64dec55322fb600c15da8a648ee15b453d Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-10-26Introduce sdk_sandbox_audit SELinux domain am: 90c0d6546dSandro Montanari
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2797594 Change-Id: I30e008c05bfa75bff1ffb60bd7c8c869c7fc062c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-10-26Introduce sdk_sandbox_audit SELinux domainandroid-u-rb-dp-10-gplandroid-u-rb-dp-10-gplSandro Montanari
Bug: 295861450 Test: atest CtsSdkSandboxInprocessTests and adb shell ps -Z Change-Id: Ic2dc4c854b3bbe5719b83fcd5504766a1e92e6a4
2023-09-21Snap for 10843824 from d497bb75b7101a5fc49f839e81ccd7ea85555190 to 24Q1-releaseandroid-u-qpr2-beta-1-gplAndroid Build Coastguard Worker
Change-Id: I472052995345d5635498a607bbfcd073ec526806
2023-09-06Remove APEX sepolicy support am: e9448817b3 am: befd9372d7 am: 298608b246 ↵Thiébaud Weksteen
am: 61ac3b9137 am: 32eb7e6bc4 Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2736178 Change-Id: I24e805b894916f7e0d9a3ded5c0009abab7dc439 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-09-06Remove APEX sepolicy support am: e9448817b3 am: befd9372d7 am: 298608b246 ↵Thiébaud Weksteen
am: 61ac3b9137 Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2736178 Change-Id: I25227cf516e7a4799a4cbea23740cddbfac53919 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-09-06Remove APEX sepolicy support am: e9448817b3 am: befd9372d7 am: 298608b246Thiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2736178 Change-Id: I372c214844771151969d8b021023b6e7a6fe1862 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-09-06Remove APEX sepolicy support am: e9448817b3 am: befd9372d7Thiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2736178 Change-Id: I3117e97c5ace1a8b69d869bf189a0e8b751849ec Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-09-06Remove APEX sepolicy support am: e9448817b3Thiébaud Weksteen
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2736178 Change-Id: I784f0839f4ce0d1aee5f87837529acd328f3e6f3 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-09-04Remove APEX sepolicy supportThiébaud Weksteen
Test: boot aosp_cf_x86_64_phone Bug: 297794885 Change-Id: Ia447f1ce783eb83db41454aaee5e93f7f09c36b1
2023-08-16Add a comment to keep in sync with CTS am: 5cfac38d10 am: 03af209f74 am: ↵Inseob Kim
7959969e47 am: 603ac63b13 am: 6c035ce159 Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2709434 Change-Id: I463e5a8cf24dd6361ea4e9b9aabcad4dd6a9ce98 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-16Add a comment to keep in sync with CTS am: 5cfac38d10 am: 03af209f74 am: ↵Inseob Kim
7959969e47 am: 603ac63b13 Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2709434 Change-Id: Ie9526b15e1cab0da56a2152f91cf99d4d7c5f5bf Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-16Add a comment to keep in sync with CTS am: 5cfac38d10 am: 03af209f74 am: ↵Inseob Kim
7959969e47 Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2709434 Change-Id: I23020f2dcc69c7e8f3b53fda7ed7954117922329 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-16Add a comment to keep in sync with CTS am: 5cfac38d10 am: 03af209f74Inseob Kim
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2709434 Change-Id: I15579adc5dd42b42747d69ebba92e1f3fb3037ba Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-16Add a comment to keep in sync with CTS am: 5cfac38d10Inseob Kim
Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2709434 Change-Id: I38131daf2d6fb24828cd82f8cc9af501eefe7704 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-16Add a comment to keep in sync with CTSInseob Kim
Test: N/A Change-Id: I8d8c5033bcd9553a7b33e2d3875cc387fc4ddb86
2023-08-01Change seapp partition log to warning am: cde31a9d4d am: 9f06a40585 am: ↵Inseob Kim
6d76d34364 am: 0fee82b014 am: aa4e4066d3 Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2685446 Change-Id: Idabe772ac7b28da4fffd2d693710e0e58fe8968c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-01Change seapp partition log to warning am: cde31a9d4d am: 9f06a40585 am: ↵Inseob Kim
6d76d34364 am: 0fee82b014 Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2685446 Change-Id: I052a3899aa567440c4e7b4ecdb5aa53782a5f9b3 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-01Change seapp partition log to warning am: cde31a9d4d am: 9f06a40585 am: ↵Inseob Kim
6d76d34364 Original change: https://android-review.googlesource.com/c/platform/external/selinux/+/2685446 Change-Id: I06a0ce738ef402163a3cc12c9e78bf481c3a6b8f Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-29 17:11:03 +0000