Commit Graph

128 Commits

Author SHA1 Message Date
Luca Stefani
630d7ed01f cm: sepolicy: Allow system_server dir read access
Change-Id: Ia6fc26781c1cb576c2feee3e941d7206e7878bb5
2016-07-28 20:21:24 -07:00
Steve Kondik
441752f996 sepolicy: Allow media_rw write to fix camcorder denials
Change-Id: Icc892d8b2c34950431564738b66d8e8baefc62be
2016-07-27 23:58:08 -07:00
Steve Kondik
6905134e76 sepolicy: Revert custom sdcardfs policy in favor of AOSP
* Upstream policy showed up in AOSP this morning. Dropping
   ours in favor of AOSP.

Revert "sepolicy: A few more denials"

This reverts commit 522c421f66.

Revert "sepolicy: More policy for sdcardfs"

This reverts commit 4a24ffeb6a.

Revert "sepolicy: Add sdcardfs support"

This reverts commit ba87877dd0.

Change-Id: I4f066b9bd5d8c899137fcaa12999f2547f9e0ec0
2016-07-26 18:43:41 -07:00
Steve Kondik
522c421f66 sepolicy: A few more denials
* Hopefully the last of the sdcardfs denials

Change-Id: I2a9fbc33696d2517fd2596f64f55656a14d66c2c
2016-07-26 07:53:16 -07:00
Steve Kondik
4a24ffeb6a sepolicy: More policy for sdcardfs
Change-Id: Iddc6f86bd1e4b9942139acf9b7e75279b3865b8a
2016-07-25 22:11:33 -07:00
Steve Kondik
d4a0f0adff sepolicy: Add rule to allow sdcardfs to read package list
* Do not carry forward into N release.

Change-Id: I1f90695c48ac5a19848efafb146eabdff1ca4b6a
2016-07-24 04:28:55 -07:00
Steve Kondik
ba87877dd0 sepolicy: Add sdcardfs support
Change-Id: Ib9486b0ad7ed0e4c53494271e6fd35bcfedba40a
2016-07-24 00:16:22 -07:00
Bruno Martins
6fed2cf409 sepolicy: Allow batterymanager and batteryproperties services to be found
Change-Id: Ia2a1734a74c4bba0bc09f150442aec573d769370
2016-07-23 20:51:04 -07:00
Dan Pasanen
2b8c4b27fe sepolicy: put bash in shell context
* Necessary for being able to execute commands such as 'su'
  from a non-root shell

Change-Id: Icbaaa6ff7447add65441011944bdc5d13b788c86
2016-06-21 12:23:51 -07:00
Deepak Kundra
278fa600d7 persist.dbg/data for radio to control QC prop's
Issue-id:FEIJ-679

Change-Id: Iafe0405fd4a83c8f22e1af7152c1c3a009cd2e71
2016-06-03 19:22:47 -07:00
Pat Erley
ca2061460c sepolicy: Allow uncrypt additional access
Uncrypt may need access to additional selinux contexts for devices
with created storage solutions.

Change-Id: Ie90f130ff6bafdd195379f7d57504b2fce4ef830
2016-05-16 13:29:06 -07:00
Steve Kondik
603ce3ba3e cm: Extend policy for IOP
* IO prefetcher needs to dig into themes and media as well.

Change-Id: I72cd7fca3a7cacf28764023a73c66e4ea8a58be5
2016-05-14 02:42:13 -04:00
Steve Kondik
e49dd26ace cm: Add SE policy for iop service
Change-Id: I14338a03c469cd71a6d5c7fecc71eb2290b2e6c4
2016-05-06 12:38:50 -07:00
Zhao Wei Liew
de1ad36765 cm: Allow LiveDisplay to write to color_enhance
The proper permissions for the color_enhance sysfs node weren't
being set, rendering the color enhancement switch useless.

Set the proper permissions for LiveDisplay to toggle color enhancement.

Change-Id: Ic8dba8953b73a497cb01a645834c0e7934092b38
2016-04-30 17:06:13 -07:00
Steve Kondik
7a92949668 cm: Remove garbage from sepolicy
* Not sure how the -- got here but it causes the rules to be invalid.

Change-Id: Ib17217d14f844d7aa27bb554346183e32ff5ae13
2016-04-30 02:32:02 -07:00
Steve Kondik
3fe3faafd0 cm: Add CMAudioService the platform
* Also brings JNI to CMSDK

Change-Id: I599964a1f9200a8d2ecdad0bb8c4d8593e6d7415
2016-04-26 16:41:19 -07:00
Pat Erley
da1a9004f8 sepolicy: Allow recovery to mount on tmpfs
/storage is a tmpfs volume, and is where updater stores its zip
when downloading updates.  Devices with emmc partitions that are
used as 'sdcard' volumes will end up with paths like:

  /storage/UUID/...../update.zip

where UUID is the mount point for the partition and update.zip is
the downloaded update.  With this change, minivold can create the
UUID folder and mount onto it, fixing the application of updates.

Change-Id: I4fa84fd590f5ff0f91e38c49cef0c179728fdf43
2016-04-22 13:09:37 -07:00
Steve Kondik
512d428d2f cm: Moving LiveDisplay to CMSDK
* Also alphabetized the list of feature xmls, you filthy pigs.

Change-Id: I094a46c313be4531c6dd1af1e007a26b2476d60e
2016-04-13 01:37:20 -07:00
Matthias Yzusqui
ef1a479318 cm: sepolicy: allow platform apps to execute render scripts
* Needed by Gallery3D Photo Editor to apply effects like:
  Vignette and Graduated.

Change-Id: I7b07a974fbdb77abbaba1c15a21e918406d2175b
2016-04-05 13:46:19 -07:00
Luis Vidal
6d61d301e5 Add Weather Content Provider [3/5]
Introduce the weather system feature, which will be used to
identify if the Weather Content Provider/Weather services are
available in the device.

Add SELinux entries for the cmweather service

Change-Id: Ibe862903095276f87f23c0d7dae54733eeeb5638
2016-03-31 17:42:56 -07:00
d34d
2cf159cdf9 LLS: Add live lock screen service [3/4]
Change-Id: I9136e9c9c1413c45aa300f0c92fd69b0c409a052
2016-03-30 08:46:20 -07:00
codeworkx
b7c8dec762 cm: sepolicy: allow platform apps to crop user images
Needed for gallery3d when setting contact pics

avc: denied { write } for comm=4173796E635461736B202334
path="/data/data/com.android.settings/cache/CropEditUserPhoto.jpg" dev="mmcblk0p50" ino=65849
scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=file
permissive=0

03-05 13:07:40.741  22060-22207/com.android.gallery3d W/System.err﹕ java.io.IOException: write
failed: EACCES (Permission denied)

Change-Id: Iaa7f75abfd41c86e1a321d5f35b950f9dc7eb930
2016-03-16 15:48:15 -07:00
d34d
e7036e8387 Themes: Refactor themes to CMSDK [3/6]
Change-Id: Ia8f3a5080f2ca2cecc3474058db4970c5661c89c
TICKET: CYNGNOS-2126
2016-03-01 09:57:15 -08:00
AdrianDC
36cb29d509 recovery: Add new rule for sys.usb.ffs.ready
init: avc:  denied  { set } for property=sys.usb.ffs.ready
    scontext=u:r:recovery:s0 tcontext=u:object_r:ffs_prop:s0
    tclass=property_service

Change-Id: Id3441ccc3c6a8915a5fdf50efd8c617d1242868a
2016-02-23 16:28:56 -08:00
FrozenCow
ec0322e31b cm: sepolicy: allow kernel to read storage
This fixes issues where the kernel would need to read and write
files from internal or external storage. More specifically, the
kernel needs these rules for USB mass storage to work correctly.

Change-Id: I8cb0307727bc0c464d5470e55275ad808e748ee0
2016-02-20 14:26:41 -08:00
Pat Erley
15697319ca sepolicy: Allow system server and uncrypt access pipe
System server needs to be able to create a pipe in the cache partition
for uncrypting OTAs. Uncrypt needs to be able to read and write the
pipe.

Change-Id: Ie03ee7d637eaecff8fe38bf03dc733b3915cd336
2016-02-09 13:24:46 -08:00
Pat Erley
db4fb0ee6b recovery: Add new rules for recursive wipe
We now use a temporary context when mounting /data, so add permissions
to do that, and add permissions necessary to do the recursive wipe.

Change-Id: Ic925c70f1cf01c8b19a6ac48a9468d6eb9205321
2016-01-28 15:20:51 -08:00
Jani Lusikka
8c780755f2 Grant platform apps access to /mnt/media_rw with sdcard_posix label
Also allow apps to read the contents of mounted OBBs.

See AOSP Change-Id: I66df236eade3ca25a10749dd43d173ff4628cfad
and Change-Id: I49b722b24c1c7d9ab084ebee7c1e349d8d660ffa

Change-Id: I757a2a8831c69d41c0496025a39eaf79ceb0e65f
2016-01-24 14:39:42 -08:00
myfluxi
e8df21c962 sepolicy: Add perfprofd with set_prop macro
Addresses:
avc: denied { write }
for pid=293 comm="perfprofd" name="property_service" dev="tmpfs" ino=9229 scontext=u:r:perfprofd:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0

Change-Id: I5a88722eda4d0751fd9a081c434d385ac1c785ef
2016-01-12 17:21:32 -08:00
Matt Mower
511152cd2c sepolicy: Allow minivold execute_no_trans
After assimilating minivold into /sbin/recovery, we need to allow the
minivold service (a symlink to the recovery binary) to transition from
the recovery to the vold domain.

Change-Id: I112e6d371a8da8fc55a06967852c869105190616
2016-01-02 02:07:18 -08:00
codeworkx
14e765cd71 cm: sepolicy: fix denials for external storage
Change-Id: I784a859671c69370cab0118a88a5fb0190352af9
2016-01-01 17:30:27 +01:00
codeworkx
053b1805da sepolicy: label exfat and ntfs mkfs executables
Change-Id: Ic5e32818bc54993f4e8c2377cbec64f9444f6d8a
2015-12-29 21:51:32 +01:00
dhacker29
076a1ea54a sepolicy: Set the context for fsck.exfat/ntfs to fsck_exec
This matches the policy for fsck.f2fs, although it still needs to run
as fsck_untrusted for public volumes

Change-Id: Ia04e7f8902e53a9926a87f0c99e603611cc39c5d
2015-12-17 15:43:00 -08:00
Ethan Chen
909343f3df SELinux: Use custom ADB over network property
* Use a custom system property to trigger the real one, so we avoid
  running afoul of any SELinux CTS requirements.

Change-Id: If5e7a275f492631a673284408f1e430a12358380
2015-12-16 11:01:50 -08:00
Keith Mok
6bc84be525 sepolicy: Add permission for formatting user/cache partition
If the "formattable" fstab flag is set, init will tries
to format that partition, added the required policy to allow it.

Change-Id: I858b06aa3ff3ce775cf7676b09b9960f2558f7f6
2015-12-16 10:41:51 -08:00
Keith Mok
fcfc13ac6f sepolicy: Add domain for mkfs binaries
The init binary must transition to another domain when calling out to
executables. Create the mkfs domain for mkfs.f2fs such that init can
transition to it when formatting userdata/cache partitions if the
"formattable" flag is set.

Change-Id: I1046782386d171a59b1a3c5441ed265dc0824977
2015-12-16 10:40:28 -08:00
Steve Kondik
e01646719a sepolicy: Allow adb pull of executables without root
* Because we aren't actually jerks, contrary to popular belief.

Change-Id: Ie39cce65ecc6a2861547865ff554b108b8b534fa
2015-11-29 05:28:14 -08:00
Diogo Ferreira
140305db6d sepolicy: qcom: Allow reading PSU sysfs by system_server
BatteryService queries the usb state to check whether the usb type
is HVDCP. This patch adds a rule to allow that.

For more context check BatteryService#Led#isHvdcpPresent.

Change-Id: Ifacf13dde4b1df81c92bf5d92196e504e61dd402
2015-11-27 05:25:43 -08:00
Steve Kondik
aeec0ac261 sepolicy: Allow recovery to create links in the rootfs
* Needed to support vold and other new code.

Change-Id: I25a0b1cc6461eced7112dd4b3974a71423f7957b
2015-11-26 02:19:44 -08:00
Steve Kondik
48149d05a1 sepolicy: Rule for CM's perfd extension
Manual apply and refactor of cm-12.1 patch:
e04329df88211264e7a9c8f1d6b87a16d8d5639b

Use the unix_socket_connect macro and switch to the new
perfd domain.

Change-Id: Ibb83220b32bad7805653140751c978e629f87ffb
2015-11-23 15:11:18 -08:00
codeworkx
01490eface sepolicy: fix denial for sudaemon
fixes root access for apps

Change-Id: Iff443bf4cbea817917da72bbfc58f9fe42acceb5
2015-11-22 09:57:08 -08:00
Dan Pasanen
a90b69e921 sepolicy: add persist_block_device type
* This is likely defined in several device trees, but not all
  remove it from your device trees if we're going to write rules
  for it here.

Change-Id: I1dda04647d36db52525a3d57b485860dfe3eeb30
2015-11-17 08:38:43 -08:00
Steve Kondik
2c3b5d353e sepolicy: Remove some denials
* Allow apps to run the "df" command to look at disk usage.
 * Allow thermal engine to check/set battery limits.

Change-Id: I67c863a82a94007e7a5e8ccfde9c095b7277ab84
2015-11-16 19:46:00 -08:00
Steve Kondik
7d3eca93f4 sepolicy: Add policy for thermal engine changes
* Cyngn devices will need this.

Change-Id: I1e7528e92d0d4ed8c4029667d7ef3cf9081a6575
2015-11-14 23:58:46 +01:00
myfluxi
98df019cb4 sepolicy: qcom: Remove duplicate entry
We have this in qcom/sepolicy/common already.

Change-Id: Ibe6ada531f77d3ec00ff61081d21b3d36a1fe7a7
2015-11-10 17:28:12 +01:00
myfluxi
8501771607 sepolicy: Make superuser_device and sudaemon mlstrustedobjects
Address:
avc: denied { write } for pid=8782 comm="su" name="su-daemon" dev="tmpfs" ino=9462
scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:superuser_device:s0
tclass=sock_file permissive=0

avc: denied { connectto } for pid=6666 comm="su" path="/dev/socket/su-daemon/su-daemon"
scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:r:sudaemon:s0
tclass=unix_stream_socket permissive=0

And thus fix su.

Change-Id: I666277067c5ff9f2a985c243075c63fd87090b27
2015-11-05 23:53:50 +01:00
Steve Kondik
aeea5ad7a3 perf: Moving PerformanceManager to CMSDK
* Devices will need to update their configurations!

Change-Id: I22cf4ec96656b98f515cf28fef95443cf6adb397
2015-11-03 18:55:49 -08:00
Steve Kondik
714a761061 cm: Remove duplicate SEPolicy items
* These are handled by the master SEPolicy now due to neverallow
   exceptions which occur on non-production builds.

Change-Id: Id50d9e41e1c8b0b1f26df7921def9e7a201f49d9
2015-10-31 02:08:33 -07:00
Dan Pasanen
9ca9d95a76 sepolicy: remove sudaemon type declaration
* this is already defined in external/sepolicy

Change-Id: I541b5de5bb6057f4fa3d88b6e9b9425b65f9963e
2015-10-17 09:22:14 -05:00
Adnan Begovic
c3d3969971 vendor/cm: Fix up service contexts for sepolicy.
Change-Id: Ibb04e967bd027c6d1118b8b471ec328c3b034d9d
2015-10-16 13:20:33 -07:00