Age | Commit message (Collapse) | Author |
|
This repository was removed from the manifest in
https://android-review.googlesource.com/293506. The files in
this stale manifest are polluting search results.
Test: unneeded. Deleting stale files.
Change-Id: I067c23b991b0da88bb61b179c9e00f6c405f5ad1
|
|
Move from the Android fork of libselinux to the upstream version
which already lives in external/selinux/libselinux.
Test: Angler builds and boots
Bug: 31910164
Change-Id: Ie8617b8dba13555d178b5730fcfa5370c52eb5db
|
|
Test: Builds and boots
Change-Id: I0cb687c9dd94c84b1e12e468ae0857b538757310
|
|
We use the same lookup function for service contexts
that we use for property contexts. However, property
contexts are namespace based and only compare the
prefix. This may lead to service associations with
a wrong label.
This patch introduces a stricter lookup function for
services contexts. Now the service name must match
the key of the service label exactly.
Test: bullhead builds and boots
Bug: 31353148
Change-Id: I16dd276e1e74c0d04af4e067992385be5499b01d
|
|
Fix format string specifier mismatch, and silence unused parameter
warning.
Change-Id: If1e96c567bddc2e1e151fb9f738405966fe5955b
|
|
Change-Id: I211040052cdf230221f3f0ba6f25b063c636b77e
|
|
am: 74735be537 -s ours
Change-Id: I79945a45dc293402010cfd2359d8ba698e662474
|
|
Merged-In: I96ed1249a6032935906e8a0af4668eb42f9b1238
Bug: 24091652
Change-Id: I96ed1249a6032935906e8a0af4668eb42f9b1238
|
|
am: 1fdb726901
Change-Id: Ib8573e1a6e989c8532b6d6a8e54e48c7e16f06d7
|
|
Change-Id: I9a20324163f6b36451e8c5bbbaf3e2ecf0f4ad25
|
|
am: d2ebe5cfa7
* commit 'd2ebe5cfa7b39242bb7c2fb44feecedeef2aa370':
Port libselinux to pcre2
Change-Id: I350e5fe32f4cd198b2316323d7c702972f2ddbab
|
|
am: 9ba0af9eae
* commit '9ba0af9eaef8742b5fec684d4faa7c398b100485':
Fixes (un)signed comparison warning in regex.c
Change-Id: I8204ae2a9086f74865d22dc1c7c482e13f492eaa
|
|
am: c9e48770b5
* commit 'c9e48770b566b694d43949c097c0718e3d1191aa':
Port libselinux to pcre2
Change-Id: I3987f01a388eb6b08bd4074e8d76f31e90bdb846
|
|
am: a9677b666c
* commit 'a9677b666c6ae598291f8b7757bef967b6338335':
Fixes (un)signed comparison warning in regex.c
Change-Id: Iddaba829ee479d299281eaa94c717a56ad6b9fdd
|
|
am: 31f5cd6e3e
* commit '31f5cd6e3ea8ed34a35bf43bf135565301ad7062':
Port libselinux to pcre2
Change-Id: I46ab397b148074f8a004e9c428b8ed6a4ca3baf6
|
|
The warning actually hinted at an unchecked return value.
As of this patch it is checked.
Bug: 28585892
Change-Id: Ibc09903129d3dce4d8a7b98d0313ec743fb937b5
|
|
This patch moves all pcre1/2 dependencies into the new files regex.h
and regex.c implementing the common denominator of features needed
by libselinux. The compiler flag -DUSE_PCRE2 toggles between the
used implementations.
As of this patch, libselinux is still built against PCRE.
Bug: 24091652
Change-Id: Iafca54db166666f9e681022a529fd7409f1e4848
|
|
am: bdc327b
* commit 'bdc327bd33e9778e1e888f82f8b9bfebae1f5c30':
switch from android_ids to getpwuid
Change-Id: I55c20c1db171678098743054ad7a72ab43141657
|
|
am: 5f62b50
* commit '5f62b5073afe88699bfb2a7a036d1e0ef0d6a6b1':
switch from android_ids to getpwuid
Change-Id: Id0ab82e24d459319730e46daadd537b046a51def
|
|
Change-Id: Ia171c4d01e8882fff807dbfacc9bbfbb6d8ba8ba
Bug: 27999086
Signed-off-by: William Roberts <william.c.roberts@intel.com>
|
|
am: 02c42d4b17
* commit '02c42d4b17fb5b9fa1643e46ef1bfb31771c5194':
Leftovers of the SELinux policy update mechanism
|
|
Remove references to SELinux policy files in /data/security
from libselinux/android.c. In the process all code that is
apparently related to handling an alternate policy and/or
reloading the policy has been removed.
Set O_CLOEXEC mode flag on some open calls on policy files
Bug: 26544104
Change-Id: I573d325b2efaaa86716af64da7d626b23b8f8d89
|
|
am: 0c1a5819e2
* commit '0c1a5819e292891497d6aefcac9a13d9052608e2':
Delete SELinux mount code
|
|
Mounting the SELinux filesystem is now handled by init. Delete
mount code in libselinux.
Change-Id: I6837241a9cc11ab149b6564f0520c7bd076ace0c
|
|
am: f8a650201c
* commit 'f8a650201c548c3498016b61e51d96294666798e':
BACKPORT: libselinux: procattr: return einval for <= 0 pid args.
|
|
getpidcon documentation does not specify that a pid of 0 refers to the
current process, and getcon exists specifically to provide this
functionality, and getpidcon(getpid()) would provide it as well.
Disallow pid values <= 0 that may lead to unintended behavior in
userspace object managers.
(from upstream commit: c7cf5d8aa061b9616bf9d5e91139ce4fb40f532c)
(cherry-picked from commit: 034c53e93a736f8b6f9aac90938ef65ffcaac9da)
Signed-off-by: Daniel Cashman <dcashman@android.com>
AOSP Bug: 200617
Bug: 27111481
Change-Id: I69b00df6413f5c3d566ac76cb4a464c97c167cdf
|
|
am: cdc89940cc
* commit 'cdc89940cc87d795157b4090a7b9ef5ada14e829':
BACKPORT: libselinux: procattr: return einval for <= 0 pid args.
|
|
getpidcon documentation does not specify that a pid of 0 refers to the
current process, and getcon exists specifically to provide this
functionality, and getpidcon(getpid()) would provide it as well.
Disallow pid values <= 0 that may lead to unintended behavior in
userspace object managers.
(from upstream commit: c7cf5d8aa061b9616bf9d5e91139ce4fb40f532c)
Signed-off-by: Daniel Cashman <dcashman@android.com>
AOSP Bug: 200617
Bug: 271114815
Change-Id: If8ce0b9aea8f001f5c42911f2fccb2edfe9ded38
|
|
am: 5ff2a33bf3
* commit '5ff2a33bf370604a6260af338dde06cd67deaba2':
Correct errno value.
|
|
am: 034c53e93a
* commit '034c53e93a736f8b6f9aac90938ef65ffcaac9da':
Correct errno value.
|
|
Returning -{ERRVAL} is a kernel return convention, but userspace errno
assignment and associated functions deal with the positive numbers.
Correct the errno assignment introduced in
commit: 78899de14b476a759f4839eae4879d47e36a624a.
(cherry-pick of commit: 034c53e93a736f8b6f9aac90938ef65ffcaac9da)
AOSP Bug: 200617
Bug: 27111481
Change-Id: I174dac888c06d096d361eab5efcde169f7899726
|
|
Returning -{ERRVAL} is a kernel return convention, but userspace errno
assignment and associated functions deal with the positive numbers.
Correct the errno assignment introduced in
commit: 78899de14b476a759f4839eae4879d47e36a624a.
AOSP Bug: 200617
Bug: 27111481
Change-Id: Id4ee6545bcc56273ef356ebdb5683c3e38c85430
|
|
am: ae9473b3eb
* commit 'ae9473b3eb92d952fc04d3846b376c412f992553':
Return error on invalid pid_t input to procattr funcs.
|
|
(cherry-pick of commit: https://android-review.googlesource.com/#/c/203372/)
AOSP Bug: 200617
Bug: 27111481
Change-Id: Ib269a35686aa19b4b57697886ae27913842b707a
|
|
am: 78899de14b
* commit '78899de14b476a759f4839eae4879d47e36a624a':
Return error on invalid pid_t input to procattr funcs.
|
|
AOSP Bug: 200617
Bug: 27111481
Change-Id: I94a5ab045adbacdbfcff62ee2a6c99505f00eb97
|
|
am: 640db2f86f
* commit '640db2f86f237868d038b2fedc05aad154b5fe43':
read_spec_entry: fail on non-ascii
|
|
am: de7b594ace
* commit 'de7b594ace8c4b5343885dcec401bee0977ad7b5':
read_spec_entry: fail on non-ascii
|
|
Inserting non-ascii characters into the following files:
* file_contexts
* property_contexts
* service_contexts
can cause a failure on labeling but still result in a successful
build.
Hard error on non-ascii characters with:
<path>: line 229 error due to: Non-ASCII characters found
Signed-off-by: William Roberts <william.c.roberts@intel.com>
(cherry picked from commit de7b594ace8c4b5343885dcec401bee0977ad7b5)
Change-Id: I3ae442e4673490f1815f3cae4eed494a8d68d1dc
|
|
Inserting non-ascii characters into the following files:
* file_contexts
* property_contexts
* service_contexts
can cause a failure on labeling but still result in a successful
build.
Hard error on non-ascii characters with:
<path>: line 229 error due to: Non-ASCII characters found
Change-Id: Iac1c95a90e840e47f46cadca33fcc79cfdbe8618
Signed-off-by: William Roberts <william.c.roberts@intel.com>
|
|
am: 256ae12911
* commit '256ae129117f7d538290cb1968efd36104688aa1':
Move libselinux from libmincrypt to BoringSSL.
|
|
I don't think there was any reason to statically link libmincrypt,
so I'm dynamically linking BoringSSL.
Also remove unnecessary manual additions to the include path.
Change-Id: Id07daa3bd79ca3db7e6141dee70b9bbe6fb89ea1
|
|
am: 589c5ac47e
* commit '589c5ac47ebe87db550dbfd340a126977c3e2db8':
libselinux: stop copying headers
|
|
Copying headers causes problems for dependency tracking, as any module
can include the copied header without depending on the module. Replace
LOCAL_COPY_HEADERS with LOCAL_EXPORT_C_INCLUDE_DIRS.
Change-Id: Ic3343fc6b8978d59d1ef48ebdb9a96470bb27232
|
|
am: 8b78078de4
* commit '8b78078de454d54e5eb9544aa1e5a170f079fbcc':
Create selinux_android_setcon()
|
|
System properties are backed by various property files that are
mmap()'ed into a process's address space. setcon() does not revoke
access to such mmap()'ed regions, so we may leak access to property
files when moving to a more restrictive context.
This commit creates a new selinux_android_setcon() function that
explicitly reinitializes system properties after
calling setcon() to ensure that no leaks occur.
This new function is used in place of setcon() in
selinux_android_setcontext().
Bug 26114086
Change-Id: I631a8d6f3f474f62b2b4ecca3c842a0700486ddd
|
|
am: be5f860eff
* commit 'be5f860effa9aff2afb397703f64de7acf92ad6d':
Correct line count for property and service contexts files
|
|
When a line number is displayed for context errors they are
x2 the correct value, so reset line count for each pass.
Change-Id: I03cc6320b22d52ce989dafe4c8ecd854540d1367
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
|
|
am: 02df2e3082
* commit '02df2e30820051a4b592071946521d5c9f7eb74b':
libselinux: use /proc/thread-self when available
|
|
|