platform_system_sepolicy/private/tombstoned.te

typeattribute tombstoned coredomain;

init_daemon_domain(tombstoned)

get_prop(tombstoned, tombstone_config_prop)

neverallow {
    domain
    -init
    -vendor_init
    -dumpstate
    -tombstoned
} tombstone_config_prop:file no_rw_file_perms;
Vendor domains must not use Binder On PRODUCT_FULL_TREBLE devices, non-vendor domains (except vendor apps) are not permitted to use Binder. This commit thus: * groups non-vendor domains using the new "coredomain" attribute, * adds neverallow rules restricting Binder use to coredomain and appdomain only, and * temporarily exempts the domains which are currently violating this rule from this restriction. These domains are grouped using the new "binder_in_vendor_violators" attribute. The attribute is needed because the types corresponding to violators are not exposed to the public policy where the neverallow rules are. Test: mmm system/sepolicy Test: Device boots, no new denials Test: In Chrome, navigate to ip6.me, play a YouTube video Test: YouTube: play a video Test: Netflix: play a movie Test: Google Camera: take a photo, take an HDR+ photo, record video with sound, record slow motion video with sound. Confirm videos play back fine and with sound. Bug: 35870313 Change-Id: I0cd1a80b60bcbde358ce0f7a47b90f4435a45c95 2017-03-23 22:27:32 +01:00			`typeattribute tombstoned coredomain;`

Introduce crash_dump debugging helper. Replace the global debuggerd with a per-process debugging helper that gets exec'ed by the process that crashed. Bug: http://b/30705528 Test: crasher/crasher64, `debuggerd <pid>`, `kill -ABRT <pid>` Change-Id: Iad1b7478f7a4e2690720db4b066417d8b66834ed 2016-10-19 23:39:30 +02:00			`init_daemon_domain(tombstoned)`
Add tombstone_config_prop and move related prop tombstoned.max_tombstone_coun becomes tombstone_config_prop to remove exported*_default_prop Bug: 155844385 Test: tombstoned is running and logcat shows no denials Change-Id: I57bebb5766d790dc52d40a6d106f480e0e34fa4e 2020-07-07 06:35:34 +02:00
			`get_prop(tombstoned, tombstone_config_prop)`

			`neverallow {`
Fix broken neverallow rules neverallow rules with allowlist should look like: neverallow { domain -allow1 -allow2 } ... Bug: 181744894 Test: m selinux_policy Test: pcregrep -M -r "neverallow\s+{(\s#.\s)\s+-" . Change-Id: Ibab72ccc1fbacb99b62fe127b4122e1ac22b938a 2021-03-10 02:42:23 +01:00			`domain`
Add tombstone_config_prop and move related prop tombstoned.max_tombstone_coun becomes tombstone_config_prop to remove exported*_default_prop Bug: 155844385 Test: tombstoned is running and logcat shows no denials Change-Id: I57bebb5766d790dc52d40a6d106f480e0e34fa4e 2020-07-07 06:35:34 +02:00			`-init`
			`-vendor_init`
			`-dumpstate`
			`-tombstoned`
			`} tombstone_config_prop:file no_rw_file_perms;`