Note unconstrained_vsock_violators. We may need other solutions in order to constrain how vsock connections can be opened up. However, right now what connections can be made to is unrestricted, which prevents us from strengthening security around these settings. Mark current users of vsock as violators, in order to raise awareness and track issues. For VM users - generic Android APIs for connected to VMs, either those already in AVF or others should be used. For other verticals - we may leave these open indefinitely or talk elsewhere. For virtual devices and VMs, we may need a new way to get host connections or modify the sepolicy around this case. Bug: 347661724 Test: build Change-Id: I4b195af3bb3881a3443b7981845c94aef6a05d99

commit: 2fb2fc10dc754114217ff2b1c49f98b4c82ae5f3 [log] [tgz]
author: Steven Moreland <[email protected]> Thu Jan 16 00:32:52 2025 +0000
committer: Steven Moreland <[email protected]> Thu Jan 16 00:32:52 2025 +0000
tree: ee5951119305a9144abee2cc3e8b84017696c731
parent: 05763d5d96f1799663cb7c7da828dbe1b1be39fe [diff]
diff --git a/emulator/sepolicy/hal_vehicle_default.te b/emulator/sepolicy/hal_vehicle_default.te
index 194f0c9..426e320 100644
--- a/emulator/sepolicy/hal_vehicle_default.te
+++ b/emulator/sepolicy/hal_vehicle_default.te

@@ -1,3 +1,6 @@
+starting_at_board_api(202504, `
+typeattribute hal_vehicle_default unconstrained_vsock_violators;
+')
 allow hal_vehicle_default self:vsock_socket { connect create read write };
 
 # For communication between VHAL and the host
commit	2fb2fc10dc754114217ff2b1c49f98b4c82ae5f3	[log] [tgz]
author	Steven Moreland <[email protected]>	Thu Jan 16 00:32:52 2025 +0000
committer	Steven Moreland <[email protected]>	Thu Jan 16 00:32:52 2025 +0000
tree	ee5951119305a9144abee2cc3e8b84017696c731
parent	05763d5d96f1799663cb7c7da828dbe1b1be39fe [diff]