Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 8c9cf62edb9c1a2b839a7e201526fddd526f7af2
commit8c9cf62edb9c1a2b839a7e201526fddd526f7af2[log] [tgz]
authorHridya Valsaraju <hridya@google.com>Mon Dec 14 22:57:49 2020 -0800
committerHridya Valsaraju <hridya@google.com>Wed Dec 16 10:08:54 2020 -0800
tree7bf1c9f6d91dcef92a0208813723b56447c1c659
parent14a15d900bc505fa3bda02727794d125670ab231 [diff]
Allow coredomain access to only approved categories of vendor heaps

One of the advantages of the DMA-BUF heaps framework over
ION is that each heap is a separate char device and hence
it is possible to create separate sepolicy permissions to restrict
access to each heap.
In the case of ION, allocation in every heap had to be done through
/dev/ion which meant that there was no away to restrict allocations in
a specific heap.

This patch intends to restrict coredomain access to only approved
categories of vendor heaps. Currently, the only identified category
as per partner feedback is the system-secure heap which is defined
as a heap that allocates from protected memory.

Test: Build, video playback works on CF with ION disabled and
without sepolicy denials
Bug: 175697666

Change-Id: I923d2931c631d05d569e97f6e49145ef71324f3b
7 files changed
tree: 7bf1c9f6d91dcef92a0208813723b56447c1c659
  1. apex/
  2. build/
  3. prebuilts/
  4. private/
  5. public/
  6. reqd_mask/
  7. tests/
  8. tools/
  9. vendor/
  10. .gitignore
  11. Android.bp
  12. Android.mk
  13. CleanSpec.mk
  14. compat.mk
  15. contexts_tests.mk
  16. definitions.mk
  17. mac_permissions.mk
  18. METADATA
  19. MODULE_LICENSE_PUBLIC_DOMAIN
  20. NOTICE
  21. OWNERS
  22. policy_version.mk
  23. PREUPLOAD.cfg
  24. README
  25. seapp_contexts.mk
  26. TEST_MAPPING
  27. treble_sepolicy_tests_for_release.mk