Age | Commit message (Collapse) | Author |
|
Change-Id: I4b12dc3dcb432edbdf95dd3bc97f809912ce86d1
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
Change-Id: I45b4a749bf4fb085d96d912871bae33aa5288119
|
|
The app_* syntax was a legacy of the original approach of looking up
the username returned by getpwuid() and the original username encoding
scheme by bionic. With the recent changes to move away from this approach,
there is no reason to retain that syntax. Instead, just use _app to match
app UIDs and _isolated to match isolated service UIDs. The underscore
prefix is to signify that these are not real usernames and to avoid
conflicts with any system usernames.
Requires a corresponding change to libselinux.
Change-Id: Ic388a12c1c9d3e47386c8849db607140ef8a3d75
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
Used when an app service is declared with android:isolatedProcess="true".
Place such processes in a separate domain, and further isolate them
from each other via categories.
Change-Id: I1d64f8278f0619eedb448f9a741f1d2c31985325
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
The policy version suffix support was carried over from conventional
Linux distributions, where we needed to support simultaneous installation
of multiple kernels and policies. This isn't required for Android, so
get rid of it and thereby simplify the policy pathname.
We still default to generating a specific policy version (the highest
one supported by the emulator kernel), but this can be overridden
by setting POLICYVERS on the make command-line or in the environment.
Requires a corresponding change to libselinux.
Change-Id: I40c88e13e8063ea37c2b9ab5b3ff8b0aa595402a
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
* changes:
Fix for segfault/jmp depends on unitialized variable
Fix check_seapp segfault and undefined linking err
|
|
When realloc creates the first block of memory, it must
be initialized to NULL for the following strcat functions
to operate correctly.
Change-Id: I98fc14e1b19de5aa205354d16e54445293430d8e
|
|
When LINK_SEPOL_STATIC was not defined, symbol
log_warning was trying to be resolved by the linker.
That symbol was not defined as it should have been
log_warn and not log_warning.
When a key would be validated in key_map_validate(), an
unchecked key, like user, could cuase a segfault when
the se_key was getting free'd no matter what at the end
of the function, even if no se_key was alloc'd.
Change-Id: If334ba7350e6d2ad1fa9bed142bb2fabe7caa057
|
|
|
|
Change-Id: I87f81a632ed61f284f2fe09726f5c4529d36f252
|
|
Change-Id: If4deccfe740c8de6b88929a0d0439667c3ea340d
|
|
Change-Id: If3ed9998033378de5b47472315444f5b8bd4743e
|
|
|
|
Change-Id: I62ce62475f4a17d278243cc96db773872b2dc89c
|
|
Change-Id: I4f0576a47ca2e99bca719bf321349c7d7d05cd3c
|
|
Change-Id: I4f522869eeaa6f84771e4ee2328f65296dcc29db
|
|
Change-Id: I614caa520e218f8f148eef641fed2301571da8e1
|
|
Provides support for overriding seapp_contexts declerations
in per device seapp_contexts files.
Change-Id: I23a0ffa1d24f1ce57825b168f29a2e885d3e1c51
|
|
|
|
Initial policy for Point-to-Point tunneling and
tunneling manager services.
|
|
|
|
|
|
Change-Id: Ia292607cbd06514a8ac3b0ad49eaefcdce12ef16
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This patchset covers the /mnt/asec variety only.
|
|
This was moved from external/mac-policy.git
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
apps, not platform apps.
Platform (any of the apps signed by build keys, i.e. platform|release|shared|media) apps expect to be able to share files with each other or with third party apps by passing open files or pathnames over Binder. Therefore, we switch to only enforcing the per-app process and file isolation via SELinux on third party apps, not platform apps.
Make the platform app domains mlstrustedsubjects so that they can access any files created by third party apps.
Introduce a new platform_app_data_file type for platform apps so that we can mark it as a mlstrustedobject and allow third party apps to read/write files created by the platform apps.
Specify this new type for the platform app entries in seapp_contexts.
Remove levelFromUid=true for the platform apps in seapp_contexts since we are no longer enforcing per-app separation among them.
|
|
|
|
|
|
|
|
/proc/net/xt_qtaguid/ctrl from "qtaguid" to "qtaguid_proc"; 2. Label /dev/xt_qtaguid with "qtaguid_device"; 3. Allow mediaserver read/[write] to qtaguid_proc and qtaguid_device; 4. Allow media apps read/[write] to qtaguid_proc and qtaguid_device; 5. Allow system read/[write] to qtaguid_proc and qtaguid_device.
Actually, some of policies related to qtaguid have been there already, but
we refind existing ones and add new ones.
|