c80f9e037bedb09d08a261f255f87ea105fa371b |
|
21-Dec-2017 |
Primiano Tucci <primiano@google.com> |
Perfetto SELinux policies Perfetto is a performance instrumentation and logging framework, living in AOSP's /external/pefetto. Perfetto introduces in the system one binary and two daemons (the binary can specialize in either depending on the cmdline). 1) traced: unprivileged daemon. This is architecturally similar to logd. It exposes two UNIX sockets: - /dev/socket/traced_producer : world-accessible, allows to stream tracing data. A tmpfs file descriptor is sent via SCM_RIGHTS from traced to each client process, which needs to be able to mmap it R/W (but not X) - /dev/socket/traced_consumer : privilege-accessible (only from: shell, statsd). It allows to configure tracing and read the trace buffer. 2) traced_probes: privileged daemon. This needs to: - access tracingfs (/d/tracing) to turn tracing on and off. - exec atrace - connect to traced_producer to stream data to traced. init.rc file: https://android-review.googlesource.com/c/platform/external/perfetto/+/575382/14/perfetto.rc Bug: 70942310 Change-Id: Ia3b5fdacbd5a8e6e23b82f1d6fabfa07e4abc405
/system/sepolicy/private/untrusted_v2_app.te
|
63f4677342eb93dd2ac90187671a52282190533a |
|
09-Nov-2017 |
Jeff Vander Stoep <jeffv@google.com> |
Allow vendor apps to use surfaceflinger_service Vendor apps may only use servicemanager provided services marked as app_api_service. surfaceflinger_service should be available to vendor apps, so add this attribute and clean up duplicate grants. Addresses: avc: denied { find } scontext=u:r:qtelephony:s0 tcontext=u:object_r:surfaceflinger_service:s0 tclass=service_manager avc: denied { find } scontext=u:r:ssr_detector:s0 tcontext=u:object_r:surfaceflinger_service:s0 tclass=service_manager avc: denied { find } scontext=u:r:qcneservice:s0 tcontext=u:object_r:surfaceflinger_service:s0 tclass=service_manager Bug: 69064190 Test: build Change-Id: I00fcf43b0a8bde232709aac1040a5d7f4792fa0f
/system/sepolicy/private/untrusted_v2_app.te
|
91d398d802b4fbd33c2b88da9f56ecee8bdc363c |
|
26-Sep-2017 |
Dan Cashman <dcashman@google.com> |
Sync internal master and AOSP sepolicy. Bug: 37916906 Test: Builds 'n' boots. Change-Id: Ia1d86264446ebecc1ca79f32f11354921bc77668 Merged-In: I208ec6a864127a059fb389417a9c6b259d7474cb
/system/sepolicy/private/untrusted_v2_app.te
|
f5446eb1486816c00136b2b5f0a3cc4a01706000 |
|
23-Mar-2017 |
Alex Klyubin <klyubin@google.com> |
Vendor domains must not use Binder On PRODUCT_FULL_TREBLE devices, non-vendor domains (except vendor apps) are not permitted to use Binder. This commit thus: * groups non-vendor domains using the new "coredomain" attribute, * adds neverallow rules restricting Binder use to coredomain and appdomain only, and * temporarily exempts the domains which are currently violating this rule from this restriction. These domains are grouped using the new "binder_in_vendor_violators" attribute. The attribute is needed because the types corresponding to violators are not exposed to the public policy where the neverallow rules are. Test: mmm system/sepolicy Test: Device boots, no new denials Test: In Chrome, navigate to ip6.me, play a YouTube video Test: YouTube: play a video Test: Netflix: play a movie Test: Google Camera: take a photo, take an HDR+ photo, record video with sound, record slow motion video with sound. Confirm videos play back fine and with sound. Bug: 35870313 Change-Id: I0cd1a80b60bcbde358ce0f7a47b90f4435a45c95
/system/sepolicy/private/untrusted_v2_app.te
|
7291641803f204f5ba3ebdbe700f9510419810a3 |
|
01-Nov-2016 |
Chong Zhang <chz@google.com> |
MediaCAS: adding media.cas to service Also allow media.extractor to use media.cas for descrambling. bug: 22804304 Change-Id: Id283b31badecb11011211a776ba9ff5167a9019d
/system/sepolicy/private/untrusted_v2_app.te
|
a782a816271e48e357faf93a61b4fde259da1e3b |
|
06-Feb-2017 |
Chad Brubaker <cbrubaker@google.com> |
Add new untrusted_v2_app domain untrusted_v2_app is basically a refinement of untrusted_app with legacy capabilities removed and potentially backwards incompatible changes. This is not currently hooked up to anything. Bug: 33350220 Test: builds Change-Id: Ic9fad57476bc2b6022b1eaca8667bf6d844753c2
/system/sepolicy/private/untrusted_v2_app.te
|