6d77d852ea239cdccb357aac39b15bdf26ffe491 |
|
07-Apr-2016 |
Jeff Vander Stoep <jeffv@google.com> |
Add module_load permission to system class (cherry picked from AOSP a16b05892a9e9ed949c2cf22147e206e5c0b296e) Enforce restrictions on kernel module origin when kernel has commit: 61d612ea selinux: restrict kernel module loading Bug: 27824855 Change-Id: Icf2fefec4231f3df8f0f3d914123c22084d87b0b
/system/sepolicy/access_vectors
|
423fd19d91259b19f3460eb4dd5ff9d63731429b |
|
21-May-2015 |
Stephen Smalley <sds@tycho.nsa.gov> |
Update netlink socket classes. Define new netlink socket security classes introduced by upstream kernel commit 6c6d2e9bde1c1c87a7ead806f8f5e2181d41a652 ("selinux: update netlink socket classes"). This was merged in Linux 4.2 and is therefore only required for Android kernels based on 4.2 or newer (e.g. the android-4.4 branch of the kernel/common tree). Add the new socket classes to socket_class_set. Add an initial set of allow rules although further refinement will likely be necessary. Any allow rule previously written on :netlink_socket may need to be rewritten or duplicated for one or more of the more specific classes. For now, we retain the existing :netlink_socket rules for compatibility on older kernels. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> (cherry picked from commit 01d95c23ab8c14d72e4ce98b3dda64ce81ab6306) Change-Id: Ic00a0d474730cda91ba3bc387e0cc14482f82114
/system/sepolicy/access_vectors
|
3198cb5100e1431808897eaa060ed8813001e2c5 |
|
01-Oct-2015 |
Woojung Min <wmin@nvidia.com> |
Add audit_read permission to capability2 In kernel 3.18 following error message is seen since audit_read is added to capability2 at classmap.h So add audit_read permission to capability2. SELinux: Permission audit_read in class capability2 not defined in policy. SELinux: the above unknown classes and permissions will be denied The kernel change from AOSP is: https://android.googlesource.com/kernel/common/+/3a101b8de0d39403b2c7e5c23fd0b005668acf48%5E%21/security/selinux/include/classmap.h Change-Id: I236fbb8ac575c5cb8df097014da6395e20378175 Signed-off-by: Woojung Min <wmin@nvidia.com>
/system/sepolicy/access_vectors
|
e8178b31e636dff4dcc6c5b1464f74f51cc65acf |
|
26-May-2015 |
Stephen Smalley <sds@tycho.nsa.gov> |
Remove unused userspace security classes. These are all userspace security class definitions that are unused in Android; they are only meaningful in Linux distributions. Change-Id: I99738752da996d9a1c7793eea049d937ffe4255b Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
/system/sepolicy/access_vectors
|
cbc8f796551151c0d9651500d5d9f116177a07dc |
|
13-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Rename keystore methods and delete unused permissions Keystore is going through an API cleanup to make names more clear and remove unclear methods. Change-Id: I06354ccd0a9a73fd20168bfce9350c451cfaced3
/system/sepolicy/access_vectors
|
520bb816b86fe36440767db6e2f05fb4e8a08f3e |
|
12-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add keystore user_changed permission user_changed will be used for state change methods around android user creation/deletion. Change-Id: I295ca9adfc4907b5d7bcf0555f6e5a9a3379635b
/system/sepolicy/access_vectors
|
8927772caa421f1c9ccc80337527e039353d65dd |
|
31-Mar-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add keystore add_auth This is for the new addAuthToken keystore method from I7f7647d9a36ea453ec6d62fc84087ca8f76e53dd. These tokens will be used to authorize keymaster operations. The tokens are HMAC'd and so shouldn't be fakeable but this is still limited to system_server only. Change-Id: I3ff46b676ecac8a878d3aa0a25ba9a8b0c5e1f47
/system/sepolicy/access_vectors
|
8f81dcad5bb322a75bc61c8b42f8287e2afeaddc |
|
09-Mar-2015 |
dcashman <dcashman@google.com> |
Only allow system_server to send commands to zygote. Add neverallow rules to ensure that zygote commands are only taken from system_server. Also remove the zygote policy class which was removed as an object manager in commit: ccb3424639821b5ef85264bc5836451590e8ade7 Bug: 19624279 Change-Id: I1c925d7facf19b3953b5deb85d992415344c4c9f
/system/sepolicy/access_vectors
|
72acd6bbbe65f8d776028a4097c427fd1dad235b |
|
27-Aug-2014 |
Robin Lee <rgl@google.com> |
Allow system reset_uid, sync_uid, password_uid Permits the system server to change keystore passwords for users other than primary. (cherrypicked from commit de08be8aa006c313e5025ba5f032abf786a39f71) Bug: 16233206 Change-Id: I7941707ca66ac25bd122fd22e5e0f639e7af697e
/system/sepolicy/access_vectors
|
70f75ce9e5975df47d0ccb32660bb618c22ef181 |
|
02-Jul-2014 |
Riley Spahn <rileyspahn@google.com> |
Add fine grained access control to DrmManagerService. Add policies supporting SELinux MAC in DrmManagerservice. Add drmservice class with verbs for each of the functions exposed by drmservice. Change-Id: Ib758a23302962f41e5103c4853c65adea3a5994e
/system/sepolicy/access_vectors
|
ba992496f01e40a10d9749bb25b6498138e607fb |
|
24-Jul-2014 |
Stephen Smalley <sds@tycho.nsa.gov> |
Define debuggerd class, permissions, and rules. Define a new class, permissions, and rules for the debuggerd SELinux MAC checks. Used by Ib317564e54e07cc21f259e75124b762ad17c6e16 for debuggerd. Change-Id: I8e120d319512ff207ed22ed87cde4e0432a13dda Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
/system/sepolicy/access_vectors
|
b8511e0d98880a683c276589ab7d8d7666b7f8c1 |
|
07-Jul-2014 |
Riley Spahn <rileyspahn@google.com> |
Add access control for each service_manager action. Add SELinux MAC for the service manager actions list and find. Add the list and find verbs to the service_manager class. Add policy requirements for service_manager to enforce policies to binder_use macro. Change-Id: I224b1c6a6e21e3cdeb23badfc35c82a37558f964
/system/sepolicy/access_vectors
|
1196d2a5763c9a99be99ba81a4a29d938a83cc06 |
|
17-Jun-2014 |
Riley Spahn <rileyspahn@google.com> |
Adding policies for KeyStore MAC. Add keystore_key class and an action for each action supported by keystore. Add policies that replicate the access control that already exists in keystore. Add auditallow rules for actions not known to be used frequently. Add macro for those domains wishing to access keystore. Change-Id: Iddd8672b9e9b72b45ee208e6eda608cc9dc61edc
/system/sepolicy/access_vectors
|
f90c41f6e8d5c1266e154f46586a2ceb260f1be6 |
|
06-Jun-2014 |
Riley Spahn <rileyspahn@google.com> |
Add SELinux rules for service_manager. Add a service_mananger class with the verb add. Add a type that groups the services for each of the processes that is allowed to start services in service.te and an attribute for all services controlled by the service manager. Add the service_contexts file which maps service name to target label. Bug: 12909011 Change-Id: I017032a50bc90c57b536e80b972118016d340c7d
/system/sepolicy/access_vectors
|
d7af45d3741648c45560797a5b6f02dec784668f |
|
07-Jun-2014 |
Nick Kralevich <nnk@google.com> |
add attach_queue to tun_socket Modeled after http://oss.tresys.com/pipermail/refpolicy/2013-January/006283.html Addresses the following kernel error message: <6>[ 3.855423] SELinux: Permission attach_queue in class tun_socket not defined in policy. <6>[ 3.862482] SELinux: the above unknown classes and permissions will be denied <7>[ 3.869668] SELinux: Completing initialization. Change-Id: Iad87fcd5348d121a808dbe7ae3c63f8c90fc09fc
/system/sepolicy/access_vectors
|
c4db82cf85feccb81d0c3625fde440523323c634 |
|
03-May-2014 |
dcashman <dcashman@google.com> |
Remove specifycapabilities permission. specifycapabilities is no longer specified by the zygote userspace manager. It was removed in commit: 42a4bb5730266f80585e67262c73505d0bfffbf8. Remove this permission from policy. Change-Id: I866a25b590a375a68de6eec9af1b3ef779889985
/system/sepolicy/access_vectors
|
9ce99e3908fcd81430bc9612e5d86819939b6db2 |
|
16-Nov-2012 |
Stephen Smalley <sds@tycho.nsa.gov> |
Update binder-related policy. The binder_transfer_binder hook was changed in the kernel, obsoleting the receive permission and changing the target of the transfer permission. Update the binder-related policy to match the revised permission checking. Change-Id: I1ed0dadfde2efa93296e967eb44ca1314cf28586 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
/system/sepolicy/access_vectors
|
a1ce2fa2218a768823a7c39426983a248b6e4f50 |
|
10-Aug-2012 |
Stephen Smalley <sds@tycho.nsa.gov> |
Define wake_alarm and block_suspect capabilities.
/system/sepolicy/access_vectors
|
124720a6976a69357522299afbe5591854e40775 |
|
04-Apr-2012 |
Stephen Smalley <sds@tycho.nsa.gov> |
Add policy for property service. New property_contexts file for property selabel backend. New property.te file with property type declarations. New property_service security class and set permission. Allow rules for setting properties.
/system/sepolicy/access_vectors
|
2dd4e51d5c2a2dfc0bfdee9303269f5a665f6e35 |
|
04-Jan-2012 |
Stephen Smalley <sds@tycho.nsa.gov> |
SE Android policy.
/system/sepolicy/access_vectors
|