Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bedbb890 authored by Bram Bonné's avatar Bram Bonné
Browse files

Allow app's targetSDK to overwrite SELINUX_LATEST_CHANGES SDK 

The previous behavior capped the maximum target SDK level for apps to
the current platform target SDK in SELinux policy. This prevented
developing and testing newer SELinux policies in AOSP.

In addition to allowing higher targetSDKs specified by the app to be
considered in SELinux policies, this change adds a test to enforce that
behavior for future target SDK versions.

Bug: 190375530
Test: atest com.android.server.pm.SELinuxMMACTest
Test: atest CtsSelinuxTargetSdkCurrentTestCases
Test: atest CtsSelinuxTargetSdk29TestCases
Test: atest CtsSelinuxTargetSdk28TestCases
Test: atest CtsSelinuxTargetSdk27TestCases

Change-Id: Iee40e5ffd677038157ab7349a38eb34934458e25
parent 868b5830

services/core/java/com/android/server/pm/SELinuxMMAC.java

+3 −3
Original line number Diff line number Diff line
@@ -79,7 +79,7 @@ public final class SELinuxMMAC { 


    /**

     * Allows opt-in to the latest targetSdkVersion enforced changes without changing target SDK.

     * Turning this change off for an app targeting the latest SDK is a no-op.

     * Turning this change off for an app targeting >= the latest SDK is a no-op.

     *

     * <p>Has no effect for apps using shared user id.

     *
@@ -92,7 +92,7 @@ public final class SELinuxMMAC { 
    /**

     * This change gates apps access to untrusted_app_R-targetSDK SELinux domain. Allows opt-in

     * to R targetSdkVersion enforced changes without changing target SDK. Turning this change

     * off for an app targeting S is a no-op.

     * off for an app targeting >= S is a no-op.

     *

     * <p>Has no effect for apps using shared user id.

     *
@@ -364,7 +364,7 @@ public final class SELinuxMMAC { 
        }

        final ApplicationInfo appInfo = pkg.toAppInfoWithoutState();

        if (compatibility.isChangeEnabledInternal(SELINUX_LATEST_CHANGES, appInfo)) {

            return android.os.Build.VERSION_CODES.S;

            return Math.max(android.os.Build.VERSION_CODES.S, pkg.getTargetSdkVersion());

        } else if (compatibility.isChangeEnabledInternal(SELINUX_R_CHANGES, appInfo)) {

            return Math.max(android.os.Build.VERSION_CODES.R, pkg.getTargetSdkVersion());

        }

services/tests/servicestests/src/com/android/server/pm/SELinuxMMACTest.java

+10 −0
Original line number Diff line number Diff line
@@ -90,6 +90,16 @@ public class SELinuxMMACTest { 
                is("default:targetSdkVersion=" + LATEST_OPT_IN_VERSION));

    }



    @Test

    public void getSeInfoTargetingCurDevelopment() {

        AndroidPackage pkg = makePackage(Build.VERSION_CODES.CUR_DEVELOPMENT);

        when(mMockCompatibility.isChangeEnabledInternal(eq(SELinuxMMAC.SELINUX_LATEST_CHANGES),

                argThat(argument -> argument.packageName.equals(pkg.getPackageName()))))

                .thenReturn(true);

        assertThat(SELinuxMMAC.getSeInfo(pkg, null, mMockCompatibility),

                is("default:targetSdkVersion=" + Build.VERSION_CODES.CUR_DEVELOPMENT));

    }



    @Test

    public void getSeInfoNoOptInButAlreadyR() {

        AndroidPackage pkg = makePackage(R_OPT_IN_VERSION);