Also adjust permissions on /dev/hw_random to allow prng_seeder group
read access.
Manual testing protocol:
* Verify prng_seeder daemon is running and has the
correct label and uid/gid.
* Verify prng_seeder socket present and has correct
label and permissions
* Verify no SELinux denials
* strace a libcrypto process and verify it reads seeding
data from prng_seeder (e.g. strace bssl rand -hex 1024)
* strace seeder daemon to observe incoming connections
(e.g. strace -f -p `pgrep prng_seeder`)
* Kill daemon, observe that init restarts it
* strace again and observe clients now seed from new instance
Bug: 243933553
Test: Manual - see above
Change-Id: I4d526844b232fc2a1fa5ffd701ca5bc5c09e7e96
Introduces new APIs which can be used to simplify application of fdsan
to native_handle_t usage, and applies fdsan protection to
native_handle_clone() by default.
Bug: 244214188
Test: validated alongside sensor service change to use the new APIs
Change-Id: I3be16a09c336bcbe880bdb542d5da2969c2c34d3
It's useful to have a group that shares a numeric id with Linux and
macOS. "root" doesn't count because group 0 is actually called "wheel"
on the BSDs, and macOS has "daemon" and "kmem" as its groups 1 and 2.
This lets us have toybox tar tests that have the same results on all
supported OSes without special handling.
Test: treehugger
Change-Id: I4704d6f9ada84f3065831a099b34d1c20c4c6b03
A suppplementary group to mark which app can write to the security log
buffer. Granted via android.permission.WRITE_SECURITY_LOG and checked by
logd.
Bug: 232283779
Test: manual
Change-Id: I3ad66031ab1c9eef26db0f3e8968659dfa2855cb
Method is needed for further use in statsd mapping process.
Bug: 217695033
Test: atest installd_service_test
Change-Id: I508a58da5f8d2e32264002db515425134d18aece
Ignore-AOSP-First: code is not in AOSP yet
Bug: 220320098
Test: presubmit
Change-Id: I310feb08a903c2ee9cd544e3b9751c2e02ce5951
Merged-In: I310feb08a903c2ee9cd544e3b9751c2e02ce5951
(cherry picked from commit 6e124aac7c)
Every app will now have a corresponding supplemental process associated
with it. We need an utility method to map one to the other.
Implementation details: supplemental process uid will be between range
20k-30k. As such, it will be a 10k offset from app id. See ag/16621743.
Bug: 211763739
Test: atest installd_service_test
Ignore-AOSP-First: Feature is being developed in internal branch
Change-Id: I2b6d6b086985bcb24c837eaa95a937d429d6a583
Merged-In: I2b6d6b086985bcb24c837eaa95a937d429d6a583
(cherry picked from commit 1c7acfdb67)
This functionality is now handled in mainline and has been removed from
netd in Android T.
Test: builds & boots
Change-Id: Ic435eee0d89bda30d733efbc655692c697bbe9e8
Previously, each file/dir in a filesystem had to have exactly one
matching entry in the canned fs_config file. With this change, the
config file can have multiple entries for the same path. e.g.
/lib/libfoo.so 1000 1000 0644
/lib/libfoo.so 1000 2000 0644 capabilities=0x30
In this case, the last matching entry is chosen and used. This is to
make it possible to customize system-provided (and thus generic)
fs_config file with a user-provided (and thus context-specific) one.
Bug: 209971551
Test: m
Change-Id: I43902fed08db1b4968d02c75fac0a47976fff72a
This re-writes the file using C++, in preparation for a follow-up
change.
Also, removes debugging code that is no longer used.
Bug: 209971551
Test: m
Change-Id: I82a793cfdd7abd10024e304df7bd4ae323ffeabf
Add AID_READTRACEFS and mount tracefs with gid=AID_READTRACEFS
Bug: 209513178
Test: adb shell ls -l /sys/kernel/tracing/events
Change-Id: Ibbfdf8a4b771bd7520ecbaaf15a1153d6bf0e599
We've had two use-after-frees in the last month from this nonsense...
Bug: http://b/204925347
Test: treehugger
Change-Id: I5e1485253224e38ca51a7a077dbe65d19e39f817
A lot of things had moved out of system/core/ without their TEST_MAPPING
entries having gone with them, reducing the amount of presubmit coverage
for those things.
In order to reduce the likelihood of that happening again, I've pushed
all that remained in the system/core/ TEST_MAPPING down into the
individual subdirectories.
Test: treehugger
Change-Id: Ib75d65f9200fa64ae1552471da6fbe5b7023cf94
Revert "Add systrace tag for system property"
Revert "Add systrace tag for system property"
Revert "Adding system property tracing"
Revert submission 1403568-sysprop_trace
Reason for revert: makes property get/set non-reentrant
Reverted Changes:
I6f85f3f52:Add systrace tag for system property
Id2b93acb2:Adding system property tracing
Id78992d23:Add systrace tag for system property
I1ba9fc7bd:Add systrace tag for system property
Ignore-AOSP-First: b/193050299#comment17
Bug: 193050299
Change-Id: I9305003531c6a86194d55dc72c613337d213b53d
Merged-In: I9305003531c6a86194d55dc72c613337d213b53d
Test: build and boot a device
(cherry picked from commit 18e0f65cbf)
Revert submission revert-1660531-max-boot-level-crypto-KFMCEDKSIV
Reason for revert: topic:vold-use-keystore2 has landed fixing the bug
Reverted changes:
Ibf63734a: Revert "Set earlyBootEnded before apex starts"
Id02f63a7: Revert "Expose AID_KEYSTORE"
Ibcedeff4: Revert "Cryptographic security for MAX_BOOT_LEVEL"
Restored changes:
Ia3b968afc:Set earlyBootEnded before apex starts
Ia69891291:Expose AID_KEYSTORE
I12530cd13:Cryptographic security for MAX_BOOT_LEVEL
Reverted-SHA1: a801eabe11
Original commit message:
Keystore uses this as the user ID for keys that it creates for its
own use.
Bug: 176450483
Test: atest com.android.tests.odsign.OnDeviceSigningHostTest#verifyArtUpgradeSignsFiles
Change-Id: I0e2baa8807281ec9e5cc0a9ff8daff191285a600
Revert "Cryptographic security for MAX_BOOT_LEVEL"
Revert submission 1660531-max-boot-level-crypto
Reason for revert: broken test com.android.tests.odsign.OnDeviceSigningHostTest#verifyArtUpgradeSignsFiles on aosp-master on aosp_cf_x86_64_phone-userdebug at 7261517
Reverted Changes:
Ia3b968afc:Set earlyBootEnded before apex starts
Ia69891291:Expose AID_KEYSTORE
I12530cd13:Cryptographic security for MAX_BOOT_LEVEL
Bug: 184635938
Change-Id: Id02f63a794544d650abb95c8e7f201eea03391eb
Test: forrest run for the broken test
Keystore uses this as the user ID for keys that it creates for its
own use.
Bug: 176450483
Test: keystore2_test
Change-Id: Ia698912917cd209eebcfc007a8badce7a39159d6
