summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-12-12external/libselinux: Delete all filesHEADandroid-n-mr2-preview-2android-n-mr2-preview-1android-n-iot-release-smart-display-r2android-n-iot-release-smart-displayandroid-n-iot-release-polk-at1android-n-iot-release-lg-thinq-wk7android-n-iot-release-ihome-igv1android-n-iot-preview-4nougat-iot-releasen-iot-preview-4mastermainNick Kralevich
This repository was removed from the manifest in https://android-review.googlesource.com/293506. The files in this stale manifest are polluting search results. Test: unneeded. Deleting stale files. Change-Id: I067c23b991b0da88bb61b179c9e00f6c405f5ad1
2016-10-21libselinux: migrate to upstream libselinuxJeff Vander Stoep
Move from the Android fork of libselinux to the upstream version which already lives in external/selinux/libselinux. Test: Angler builds and boots Bug: 31910164 Change-Id: Ie8617b8dba13555d178b5730fcfa5370c52eb5db
2016-10-06Rename autoplay_app to ephemeral_appandroid-n-mr1-preview-2android-n-mr1-preview-1Chad Brubaker
Test: Builds and boots Change-Id: I0cb687c9dd94c84b1e12e468ae0857b538757310
2016-10-03fix lax service context lookupJanis Danisevskis
We use the same lookup function for service contexts that we use for property contexts. However, property contexts are namespace based and only compare the prefix. This may lead to service associations with a wrong label. This patch introduces a stricter lookup function for services contexts. Now the service name must match the key of the service label exactly. Test: bullhead builds and boots Bug: 31353148 Change-Id: I16dd276e1e74c0d04af4e067992385be5499b01d
2016-08-31Fix compiler warningsJanis Danisevskis
Fix format string specifier mismatch, and silence unused parameter warning. Change-Id: If1e96c567bddc2e1e151fb9f738405966fe5955b
2016-08-22resolve merge conflicts of ef6d09c to masterJanis Danisevskis
Change-Id: I211040052cdf230221f3f0ba6f25b063c636b77e
2016-08-19Toggels libselinux to build against PCRE2Janis Danisevskis
am: 74735be537 -s ours Change-Id: I79945a45dc293402010cfd2359d8ba698e662474
2016-08-19Toggels libselinux to build against PCRE2Janis Danisevskis
Merged-In: I96ed1249a6032935906e8a0af4668eb42f9b1238 Bug: 24091652 Change-Id: I96ed1249a6032935906e8a0af4668eb42f9b1238
2016-07-22Convert Android.mk to Android.bpDan Willemsen
am: 1fdb726901 Change-Id: Ib8573e1a6e989c8532b6d6a8e54e48c7e16f06d7
2016-07-19Convert Android.mk to Android.bpDan Willemsen
Change-Id: I9a20324163f6b36451e8c5bbbaf3e2ecf0f4ad25
2016-05-06Port libselinux to pcre2 am: 31f5cd6e3e am: c9e48770b5Janis Danisevskis
am: d2ebe5cfa7 * commit 'd2ebe5cfa7b39242bb7c2fb44feecedeef2aa370': Port libselinux to pcre2 Change-Id: I350e5fe32f4cd198b2316323d7c702972f2ddbab
2016-05-06Fixes (un)signed comparison warning in regex.c am: a9677b666cJanis Danisevskis
am: 9ba0af9eae * commit '9ba0af9eaef8742b5fec684d4faa7c398b100485': Fixes (un)signed comparison warning in regex.c Change-Id: I8204ae2a9086f74865d22dc1c7c482e13f492eaa
2016-05-06Port libselinux to pcre2 am: 31f5cd6e3eJanis Danisevskis
am: c9e48770b5 * commit 'c9e48770b566b694d43949c097c0718e3d1191aa': Port libselinux to pcre2 Change-Id: I3987f01a388eb6b08bd4074e8d76f31e90bdb846
2016-05-06Fixes (un)signed comparison warning in regex.cJanis Danisevskis
am: a9677b666c * commit 'a9677b666c6ae598291f8b7757bef967b6338335': Fixes (un)signed comparison warning in regex.c Change-Id: Iddaba829ee479d299281eaa94c717a56ad6b9fdd
2016-05-06Port libselinux to pcre2Janis Danisevskis
am: 31f5cd6e3e * commit '31f5cd6e3ea8ed34a35bf43bf135565301ad7062': Port libselinux to pcre2 Change-Id: I46ab397b148074f8a004e9c428b8ed6a4ca3baf6
2016-05-05Fixes (un)signed comparison warning in regex.candroid-wear-n-preview-3android-wear-n-preview-2android-wear-n-preview-1android-wear-7.1.1_r1android-n-preview-5android-n-preview-4android-n-preview-3android-n-iot-preview-2nougat-mr1-wear-releasen-iot-preview-2Janis Danisevskis
The warning actually hinted at an unchecked return value. As of this patch it is checked. Bug: 28585892 Change-Id: Ibc09903129d3dce4d8a7b98d0313ec743fb937b5
2016-05-05Port libselinux to pcre2Janis Danisevskis
This patch moves all pcre1/2 dependencies into the new files regex.h and regex.c implementing the common denominator of features needed by libselinux. The compiler flag -DUSE_PCRE2 toggles between the used implementations. As of this patch, libselinux is still built against PCRE. Bug: 24091652 Change-Id: Iafca54db166666f9e681022a529fd7409f1e4848
2016-04-10switch from android_ids to getpwuid am: 5f62b50William Roberts
am: bdc327b * commit 'bdc327bd33e9778e1e888f82f8b9bfebae1f5c30': switch from android_ids to getpwuid Change-Id: I55c20c1db171678098743054ad7a72ab43141657
2016-04-10switch from android_ids to getpwuidWilliam Roberts
am: 5f62b50 * commit '5f62b5073afe88699bfb2a7a036d1e0ef0d6a6b1': switch from android_ids to getpwuid Change-Id: Id0ab82e24d459319730e46daadd537b046a51def
2016-04-10switch from android_ids to getpwuidWilliam Roberts
Change-Id: Ia171c4d01e8882fff807dbfacc9bbfbb6d8ba8ba Bug: 27999086 Signed-off-by: William Roberts <william.c.roberts@intel.com>
2016-03-13Leftovers of the SELinux policy update mechanismJanis Danisevskis
am: 02c42d4b17 * commit '02c42d4b17fb5b9fa1643e46ef1bfb31771c5194': Leftovers of the SELinux policy update mechanism
2016-03-11Leftovers of the SELinux policy update mechanismandroid-n-preview-2Janis Danisevskis
Remove references to SELinux policy files in /data/security from libselinux/android.c. In the process all code that is apparently related to handling an alternate policy and/or reloading the policy has been removed. Set O_CLOEXEC mode flag on some open calls on policy files Bug: 26544104 Change-Id: I573d325b2efaaa86716af64da7d626b23b8f8d89
2016-03-04Delete SELinux mount codeNick Kralevich
am: 0c1a5819e2 * commit '0c1a5819e292891497d6aefcac9a13d9052608e2': Delete SELinux mount code
2016-03-03Delete SELinux mount codeandroid-n-preview-1Nick Kralevich
Mounting the SELinux filesystem is now handled by init. Delete mount code in libselinux. Change-Id: I6837241a9cc11ab149b6564f0520c7bd076ace0c
2016-02-29BACKPORT: libselinux: procattr: return einval for <= 0 pid args.dcashman
am: f8a650201c * commit 'f8a650201c548c3498016b61e51d96294666798e': BACKPORT: libselinux: procattr: return einval for <= 0 pid args.
2016-02-29BACKPORT: libselinux: procattr: return einval for <= 0 pid args.android-cts-7.0_r9android-cts-7.0_r8android-cts-7.0_r7android-cts-7.0_r6android-cts-7.0_r5android-cts-7.0_r4android-cts-7.0_r33android-cts-7.0_r32android-cts-7.0_r31android-cts-7.0_r30android-cts-7.0_r3android-cts-7.0_r29android-cts-7.0_r28android-cts-7.0_r27android-cts-7.0_r26android-cts-7.0_r25android-cts-7.0_r24android-cts-7.0_r23android-cts-7.0_r22android-cts-7.0_r21android-cts-7.0_r20android-cts-7.0_r2android-cts-7.0_r19android-cts-7.0_r18android-cts-7.0_r17android-cts-7.0_r16android-cts-7.0_r15android-cts-7.0_r14android-cts-7.0_r13android-cts-7.0_r12android-cts-7.0_r11android-cts-7.0_r10android-cts-7.0_r1android-7.0.0_r9android-7.0.0_r8android-7.0.0_r7android-7.0.0_r6android-7.0.0_r5android-7.0.0_r4android-7.0.0_r36android-7.0.0_r35android-7.0.0_r34android-7.0.0_r33android-7.0.0_r32android-7.0.0_r31android-7.0.0_r30android-7.0.0_r3android-7.0.0_r29android-7.0.0_r28android-7.0.0_r27android-7.0.0_r24android-7.0.0_r21android-7.0.0_r19android-7.0.0_r17android-7.0.0_r15android-7.0.0_r14android-7.0.0_r13android-7.0.0_r12android-7.0.0_r11android-7.0.0_r10android-7.0.0_r1nougat-releasenougat-mr0.5-releasenougat-devnougat-cts-releasenougat-bugfix-releasedcashman
getpidcon documentation does not specify that a pid of 0 refers to the current process, and getcon exists specifically to provide this functionality, and getpidcon(getpid()) would provide it as well. Disallow pid values <= 0 that may lead to unintended behavior in userspace object managers. (from upstream commit: c7cf5d8aa061b9616bf9d5e91139ce4fb40f532c) (cherry-picked from commit: 034c53e93a736f8b6f9aac90938ef65ffcaac9da) Signed-off-by: Daniel Cashman <dcashman@android.com> AOSP Bug: 200617 Bug: 27111481 Change-Id: I69b00df6413f5c3d566ac76cb4a464c97c167cdf
2016-02-29BACKPORT: libselinux: procattr: return einval for <= 0 pid args.dcashman
am: cdc89940cc * commit 'cdc89940cc87d795157b4090a7b9ef5ada14e829': BACKPORT: libselinux: procattr: return einval for <= 0 pid args.
2016-02-29BACKPORT: libselinux: procattr: return einval for <= 0 pid args.dcashman
getpidcon documentation does not specify that a pid of 0 refers to the current process, and getcon exists specifically to provide this functionality, and getpidcon(getpid()) would provide it as well. Disallow pid values <= 0 that may lead to unintended behavior in userspace object managers. (from upstream commit: c7cf5d8aa061b9616bf9d5e91139ce4fb40f532c) Signed-off-by: Daniel Cashman <dcashman@android.com> AOSP Bug: 200617 Bug: 271114815 Change-Id: If8ce0b9aea8f001f5c42911f2fccb2edfe9ded38
2016-02-23Correct errno value.dcashman
am: 5ff2a33bf3 * commit '5ff2a33bf370604a6260af338dde06cd67deaba2': Correct errno value.
2016-02-23Correct errno value.dcashman
am: 034c53e93a * commit '034c53e93a736f8b6f9aac90938ef65ffcaac9da': Correct errno value.
2016-02-23Correct errno value.dcashman
Returning -{ERRVAL} is a kernel return convention, but userspace errno assignment and associated functions deal with the positive numbers. Correct the errno assignment introduced in commit: 78899de14b476a759f4839eae4879d47e36a624a. (cherry-pick of commit: 034c53e93a736f8b6f9aac90938ef65ffcaac9da) AOSP Bug: 200617 Bug: 27111481 Change-Id: I174dac888c06d096d361eab5efcde169f7899726
2016-02-23Correct errno value.dcashman
Returning -{ERRVAL} is a kernel return convention, but userspace errno assignment and associated functions deal with the positive numbers. Correct the errno assignment introduced in commit: 78899de14b476a759f4839eae4879d47e36a624a. AOSP Bug: 200617 Bug: 27111481 Change-Id: Id4ee6545bcc56273ef356ebdb5683c3e38c85430
2016-02-23Return error on invalid pid_t input to procattr funcs.dcashman
am: ae9473b3eb * commit 'ae9473b3eb92d952fc04d3846b376c412f992553': Return error on invalid pid_t input to procattr funcs.
2016-02-23Return error on invalid pid_t input to procattr funcs.dcashman
(cherry-pick of commit: https://android-review.googlesource.com/#/c/203372/) AOSP Bug: 200617 Bug: 27111481 Change-Id: Ib269a35686aa19b4b57697886ae27913842b707a
2016-02-23Return error on invalid pid_t input to procattr funcs.dcashman
am: 78899de14b * commit '78899de14b476a759f4839eae4879d47e36a624a': Return error on invalid pid_t input to procattr funcs.
2016-02-22Return error on invalid pid_t input to procattr funcs.dcashman
AOSP Bug: 200617 Bug: 27111481 Change-Id: I94a5ab045adbacdbfcff62ee2a6c99505f00eb97
2016-02-09read_spec_entry: fail on non-asciiWilliam Roberts
am: 640db2f86f * commit '640db2f86f237868d038b2fedc05aad154b5fe43': read_spec_entry: fail on non-ascii
2016-02-09read_spec_entry: fail on non-asciiWilliam Roberts
am: de7b594ace * commit 'de7b594ace8c4b5343885dcec401bee0977ad7b5': read_spec_entry: fail on non-ascii
2016-02-09read_spec_entry: fail on non-asciiWilliam Roberts
Inserting non-ascii characters into the following files: * file_contexts * property_contexts * service_contexts can cause a failure on labeling but still result in a successful build. Hard error on non-ascii characters with: <path>: line 229 error due to: Non-ASCII characters found Signed-off-by: William Roberts <william.c.roberts@intel.com> (cherry picked from commit de7b594ace8c4b5343885dcec401bee0977ad7b5) Change-Id: I3ae442e4673490f1815f3cae4eed494a8d68d1dc
2016-02-09read_spec_entry: fail on non-asciibrillo-m10-releasebrillo-m10-devWilliam Roberts
Inserting non-ascii characters into the following files: * file_contexts * property_contexts * service_contexts can cause a failure on labeling but still result in a successful build. Hard error on non-ascii characters with: <path>: line 229 error due to: Non-ASCII characters found Change-Id: Iac1c95a90e840e47f46cadca33fcc79cfdbe8618 Signed-off-by: William Roberts <william.c.roberts@intel.com>
2016-02-05Move libselinux from libmincrypt to BoringSSL.Elliott Hughes
am: 256ae12911 * commit '256ae129117f7d538290cb1968efd36104688aa1': Move libselinux from libmincrypt to BoringSSL.
2016-02-04Move libselinux from libmincrypt to BoringSSL.Elliott Hughes
I don't think there was any reason to statically link libmincrypt, so I'm dynamically linking BoringSSL. Also remove unnecessary manual additions to the include path. Change-Id: Id07daa3bd79ca3db7e6141dee70b9bbe6fb89ea1
2016-01-08libselinux: stop copying headersColin Cross
am: 589c5ac47e * commit '589c5ac47ebe87db550dbfd340a126977c3e2db8': libselinux: stop copying headers
2015-12-21libselinux: stop copying headersbrillo-m9-releasebrillo-m9-devColin Cross
Copying headers causes problems for dependency tracking, as any module can include the copied header without depending on the module. Replace LOCAL_COPY_HEADERS with LOCAL_EXPORT_C_INCLUDE_DIRS. Change-Id: Ic3343fc6b8978d59d1ef48ebdb9a96470bb27232
2015-12-17Create selinux_android_setcon()Tom Cherry
am: 8b78078de4 * commit '8b78078de454d54e5eb9544aa1e5a170f079fbcc': Create selinux_android_setcon()
2015-12-16Create selinux_android_setcon()Tom Cherry
System properties are backed by various property files that are mmap()'ed into a process's address space. setcon() does not revoke access to such mmap()'ed regions, so we may leak access to property files when moving to a more restrictive context. This commit creates a new selinux_android_setcon() function that explicitly reinitializes system properties after calling setcon() to ensure that no leaks occur. This new function is used in place of setcon() in selinux_android_setcontext(). Bug 26114086 Change-Id: I631a8d6f3f474f62b2b4ecca3c842a0700486ddd
2015-11-23Correct line count for property and service contexts filesRichard Haines
am: be5f860eff * commit 'be5f860effa9aff2afb397703f64de7acf92ad6d': Correct line count for property and service contexts files
2015-11-22Correct line count for property and service contexts filesbrillo-m8-releasebrillo-m8-devRichard Haines
When a line number is displayed for context errors they are x2 the correct value, so reset line count for each pass. Change-Id: I03cc6320b22d52ce989dafe4c8ecd854540d1367 Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2015-11-18Merge "libselinux: use /proc/thread-self when available"Jeffrey Vander Stoep
am: 02df2e3082 * commit '02df2e30820051a4b592071946521d5c9f7eb74b': libselinux: use /proc/thread-self when available
2015-11-17Merge "libselinux: use /proc/thread-self when available"Jeffrey Vander Stoep
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-09 13:48:15 +0000