platform_device_qcom_sepoli.../legacy/vendor/common/init.te
Ravi Kumar Siddojigari 880a69cd42 sepolicy : cleanup rule accessing to "sysfs"
As part of security hardening access to sysfs label related
sepolicy rules should be removed.
So cleaning all the  directory  reads  and   sysfs:file access
which were seen in the following .
  hal_bootctl
  hal_gnss_qti
  hal_pasrmanager
  pd_services
  ssr_diag
  ssr_setup
  thermal-engine
  qmuxd
  sensors
  hal_perf_default

Change-Id: I51e98a3f68211357e2bb1455f28a96fc3aad4d88
2019-03-07 18:24:30 +05:30

89 lines
3.5 KiB
Text

# Copyright (c) 2019, The Linux Foundation. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials provided
# with the distribution.
# * Neither the name of The Linux Foundation nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# Adding allow rule for search on /fuse
allow init fuse:dir { search mounton };
allow init self:capability sys_module;
allow init {
adsprpcd_file
cache_file
mnt_vendor_file
storage_file
}:dir mounton;
allow init kmsg_device:chr_file write;
#Allow triggering IPA FWs loading
allow init ipa_dev:chr_file write;
#For insmod to search module key for signature verification
allow init kernel:key search;
#For sdcard
allow init tmpfs:lnk_file create_file_perms;
#Certain domains needs LD_PRELOAD passed from init
#allow it for most domain. Do not honor LD_PRELOAD
#for lmkd
#allow init { domain -lmkd }:process noatsecure;
#For configfs file permission
allow init configfs:dir r_dir_perms;
allow init configfs:file { rw_file_perms link };
allow init configfs:lnk_file create_file_perms;
#Allow init to mount non-hlos partitions in A/B builds
allow init { bt_firmware_file vendor_firmware_file firmware_file } :dir mounton;
# Moved to vendor so need relabelfrom and associate permissions
allow init { bt_firmware_file firmware_file }:filesystem { relabelfrom mount };
#TODO: This should not be needed and needs to be cleaned.
allow { bt_firmware_file firmware_file }self:filesystem associate;
allow init sysfs_boot_adsp:file write;
allow init sysfs_slpi:file write;
allow init sysfs_graphics:file setattr;
#load /vendor/lib/modules/qca_cld3/qca_cld3_wlan.ko
#load /vendor/lib/modules/wil6210.ko
allow init vendor_file:system module_load;
#Needed for restorecon. Init already has these permissions
#for generic block devices, but is unable to access those
#which have a custom lable added by us.
allow init {
custom_ab_block_device
boot_block_device
xbl_block_device
ssd_device
modem_block_device
mdtp_device
}:{ blk_file lnk_file } relabelto;
#Blocked by neverallow vendor_init { file_type fs_type -init_exec }:file entrypoint;
#domain_trans(init, vendor_init_exec, vendor_init);
allow init mnt_vendor_file:lnk_file r_file_perms;