Commits

Show all
Author Commit Message Labels Comments Date
Stephen Smalley
Revert "Do not allow access to device:chr_file for system" This was needed for 4.1.2. This reverts commit 273a52a55a3e2ada23cb99aa98c46a750284cdc5.
Branches
seandroid-4.1
Stephen Smalley
Revert "Delete legacy devices and label mdns and gps sockets." These devices were needed for 4.1.2. This reverts commit faee59ac4bd596fb4369cc31f7e2770a33b25d66. Conflicts: file.te
Branches
seandroid-4.1
Stephen Smalley
Revert "Remove another device-specific device node and type." These definitions were needed in 4.1.2. This reverts commit e345ef42f93a3cf210fdd11c67da7a4932838887.
Branches
seandroid-4.1
Stephen Smalley
Revert "Increase policy version to 26." This depends on Linux >= 3.0, which is not the case for all of the device kernels for 4.1.2. This reverts commit 98d16f6403308d100d2565055a651e4715f76e4e.
Branches
seandroid-4.1
Stephen Smalley
Restore /dev/eac - used by the emulator. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
3 branches
Stephen Smalley
keystore daemon can be used by third party apps running in any level. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
3 branches
Robert Craig
Exempt bluetooth domain from property_service set. Also add policy to tee dir access. Change-Id: I9ad6fad2df5b75c4713dd7ccb85ea829ca88bb0b Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Branches
3 branches
Robert Craig
Label another node with uinput_device. Change-Id: I3a140de2b38725ddb48a3be03d4b5bb9f066d839 Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Branches
3 branches
Stephen Smalley
Label /dev/video4[0-9] nodes as camera_device. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
3 branches
Stephen Smalley
Add a disableAudioCapture boolean to disable audio capture. disableAudio completely disables access to the sound card, while disableAudioCapture disables capture but allows playback. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
3 branches
Robert Craig
Introduce new uinput_device domain. uinput_device domain should be used to label the avrc bluetooth profile node. This patch also relabels /dev/input/uinput as such. Change-Id: I6d00bb7055452a828a2faf39f743d770c9ae9e57 Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Branches
3 branches
Stephen Smalley
Add disableAudio boolean to disable audio access. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
3 branches
Stephen Smalley
Wrap more rules under the disableBluetooth boolean. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
3 branches
Stephen Smalley
Invert camera and bluetooth booleans. Invert the policy booleans for disabling the camera and bluetooth. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
3 branches
Stephen Smalley
Introduce booleans for disabling camera and bluetooth. This requires that the corresponding device nodes are properly labeled, which may require device-specific file_contexts entries. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
3 branches
Stephen Smalley
Split shell domain into separate domains for adb shell vs init-spawned shell. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
6 branches
William Roberts
Introduce untrustedappdomain attribute Introduce attribute untrustedappdomain and macro untrustedapp_domain(domain) to enable new domains off of a common set. For instance, OEMs may have apps that are essentially 3rd party apps, as they are not signed with the platform keys, but may make use of platform extensions that should not be allowed to market applications. The existing approach would require a large copy/paste of the existing …
Branches
6 branches
Stephen Smalley
Remove another device-specific device node and type. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
6 branches
Stephen Smalley
Delete legacy devices and label mdns and gps sockets. Delete legacy device-specific /dev nodes and types from older devices; these can be re-added under the device-specific directories if desired. Label the mdns and gps sockets with their own types rather than leaving them in device type. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
6 branches
Stephen Smalley
Revert "Allow logwrapper to be used by all daemons spawned by init" This reverts commit 29bee5942f1079a4ea9fff97c032b7e52fc5f5c0.
Branches
6 branches
William Roberts
Allow logwrapper to be used by all daemons spawned by init Change-Id: Id093f9fffd0d95c13de80a04ab891efd895ee42d Signed-off-by: William Roberts <w.roberts@sta.samsung.com> Conflicts: file_contexts
Branches
6 branches
Stephen Smalley
Allow file types to be associated with the rootfs. This is now possible due to the kernel change to support setting security contexts on rootfs inodes. Change-Id: I2a9aac1508eceabb92c3ae8eb5c63a16b28dda6f Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
6 branches
Robert Craig
Various updates to policy. * New dnsmasq domain * New audio socket, data file domains * Allow file transfers with bluetooth Change-Id: I0e9c2a77ba4896676b57c9f9681d936c21aab23a Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
Branches
6 branches
Stephen Smalley
Merge branch 'master' into seandroid Conflicts: te_macros tools/check_seapp.c
Branches
6 branches
Stephen Smalley
Label all files under /sys/qemu_trace with sysfs_writable. Change-Id: I261c7751da3778ee9241ec6b5476e8d9f96ba5ed Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
6 branches
Geremy Condra
Merge "Add non_system_app_set"
Stephen Smalley
Add further assertions. Change-Id: Ie55e71ded0364f06148dc2a7fb82a7ec2586cd84 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
6 branches
Stephen Smalley
Drop domain write access to sysfs for the emulator. 3.4 goldfish kernel supports sysfs labeling so we no longer need this. Change-Id: I77514a8f3102ac8be957c57d95e7de7d5901f69d Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
6 branches
Stephen Smalley
Remove sys_nice capability from domains. Remove sys_nice capability from domains; this does not appear to be necessary and should not be possible in particular for app domains. If we encounter specific instances where it should be granted, we can add it back on a per-domain basis. Change-Id: I9669db80a04a90a22241b2fbc5236a28dcde8c6e Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
6 branches
Stephen Smalley
Add further neverallow assertions. Change-Id: I96aeb9eca595306de5f468a01b1405a999fe757f Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Branches
6 branches
  1. Prev
  2. Next