2018-02-01 02:15:13 +01:00
|
|
|
;; new_objects - a collection of types that have been introduced that have no
|
|
|
|
|
;; analogue in older policy. Thus, we do not need to map these types to
|
|
|
|
|
;; previous ones. Add here to pass checkapi tests.
|
|
|
|
|
(typeattribute new_objects)
|
|
|
|
|
(typeattributeset new_objects
|
2018-05-31 00:26:41 +02:00
|
|
|
( activity_task_service
|
|
|
|
|
adb_service
|
2018-09-05 02:13:16 +02:00
|
|
|
app_binding_service
|
2018-03-22 11:41:10 +01:00
|
|
|
atrace
|
2018-01-11 03:11:22 +01:00
|
|
|
binder_calls_stats_service
|
2018-08-28 06:12:13 +02:00
|
|
|
biometric_prompt_service
|
2018-01-25 08:12:39 +01:00
|
|
|
blank_screen
|
2018-02-01 02:15:13 +01:00
|
|
|
blank_screen_exec
|
|
|
|
|
blank_screen_tmpfs
|
|
|
|
|
bootloader_boot_reason_prop
|
2018-04-09 05:07:32 +02:00
|
|
|
bluetooth_a2dp_offload_prop
|
2018-02-01 02:15:13 +01:00
|
|
|
bpfloader
|
|
|
|
|
bpfloader_exec
|
|
|
|
|
cgroup_bpf
|
2018-08-18 03:47:47 +02:00
|
|
|
color_display_service
|
2018-02-01 02:15:13 +01:00
|
|
|
crossprofileapps_service
|
Finer grained permissions for ctl. properties
Currently, permissions for ctl. property apply to each action verb, so
if a domain has permissions for controlling service 'foo', then it can
start, stop, and restart foo.
This change implements finer grainer permissions such that permission
can be given to strictly start a given service, but not stop or
restart it. This new permission scheme is mandatory for the new
control functions, sigstop_on, sigstop_off, interface_start,
interface_stop, interface_restart.
Bug: 78511553
Test: see appropriate successes and failures based on permissions
Merged-In: Ibe0cc0d6028fb0ed7d6bcba626721e0d84cc20fa
Change-Id: Ibe0cc0d6028fb0ed7d6bcba626721e0d84cc20fa
(cherry picked from commit 2208f96e9e6264553fcc8a58b86f4f21a092468c)
2018-05-04 02:00:16 +02:00
|
|
|
ctl_interface_restart_prop
|
|
|
|
|
ctl_interface_start_prop
|
|
|
|
|
ctl_interface_stop_prop
|
|
|
|
|
ctl_sigstop_prop
|
2018-03-30 20:22:54 +02:00
|
|
|
exfat
|
2018-02-01 02:15:13 +01:00
|
|
|
exported2_config_prop
|
|
|
|
|
exported2_default_prop
|
|
|
|
|
exported2_radio_prop
|
|
|
|
|
exported2_system_prop
|
|
|
|
|
exported2_vold_prop
|
|
|
|
|
exported3_default_prop
|
2018-03-27 06:41:47 +02:00
|
|
|
exported3_radio_prop
|
2018-02-01 02:15:13 +01:00
|
|
|
exported3_system_prop
|
2018-06-20 23:08:02 +02:00
|
|
|
exported_audio_prop
|
2018-04-09 05:07:32 +02:00
|
|
|
exported_bluetooth_prop
|
2018-02-01 02:15:13 +01:00
|
|
|
exported_config_prop
|
|
|
|
|
exported_dalvik_prop
|
|
|
|
|
exported_default_prop
|
|
|
|
|
exported_dumpstate_prop
|
|
|
|
|
exported_ffs_prop
|
|
|
|
|
exported_fingerprint_prop
|
|
|
|
|
exported_overlay_prop
|
|
|
|
|
exported_pm_prop
|
|
|
|
|
exported_radio_prop
|
2018-03-16 00:10:37 +01:00
|
|
|
exported_secure_prop
|
2018-02-01 02:15:13 +01:00
|
|
|
exported_system_prop
|
|
|
|
|
exported_system_radio_prop
|
|
|
|
|
exported_vold_prop
|
2018-04-09 05:07:32 +02:00
|
|
|
exported_wifi_prop
|
2018-05-29 19:54:16 +02:00
|
|
|
fastbootd
|
2018-02-07 18:45:39 +01:00
|
|
|
fingerprint_vendor_data_file
|
2018-02-01 02:15:13 +01:00
|
|
|
fs_bpf
|
2018-04-10 23:07:14 +02:00
|
|
|
hal_audiocontrol_hwservice
|
2018-02-01 02:15:13 +01:00
|
|
|
hal_authsecret_hwservice
|
2018-03-29 06:09:23 +02:00
|
|
|
hal_codec2_hwservice
|
2018-02-01 02:15:13 +01:00
|
|
|
hal_confirmationui_hwservice
|
2018-04-10 23:07:14 +02:00
|
|
|
hal_evs_hwservice
|
2018-09-19 19:24:45 +02:00
|
|
|
hal_health_storage_hwservice
|
2018-02-01 02:15:13 +01:00
|
|
|
hal_lowpan_hwservice
|
|
|
|
|
hal_secure_element_hwservice
|
2018-04-09 02:15:08 +02:00
|
|
|
hal_system_suspend_default
|
|
|
|
|
hal_system_suspend_default_exec
|
|
|
|
|
hal_system_suspend_default_tmpfs
|
2018-02-01 02:15:13 +01:00
|
|
|
hal_usb_gadget_hwservice
|
2018-04-10 23:07:14 +02:00
|
|
|
hal_vehicle_hwservice
|
2018-02-07 18:45:39 +01:00
|
|
|
hal_wifi_hostapd_hwservice
|
2018-02-01 02:15:13 +01:00
|
|
|
incident_helper
|
|
|
|
|
incident_helper_exec
|
|
|
|
|
last_boot_reason_prop
|
2018-02-20 20:02:39 +01:00
|
|
|
llkd
|
|
|
|
|
llkd_exec
|
2018-08-08 01:03:47 +02:00
|
|
|
llkd_prop
|
2018-02-20 20:02:39 +01:00
|
|
|
llkd_tmpfs
|
2018-08-30 14:04:55 +02:00
|
|
|
looper_stats_service
|
2018-02-01 02:15:13 +01:00
|
|
|
lowpan_device
|
|
|
|
|
lowpan_prop
|
|
|
|
|
lowpan_service
|
|
|
|
|
mediaextractor_update_service
|
2018-04-20 20:14:49 +02:00
|
|
|
metadata_file
|
2018-06-29 04:10:00 +02:00
|
|
|
mnt_product_file
|
2018-04-11 05:49:45 +02:00
|
|
|
mnt_vendor_file
|
2018-02-01 02:15:13 +01:00
|
|
|
network_watchlist_data_file
|
|
|
|
|
network_watchlist_service
|
2018-06-13 17:02:29 +02:00
|
|
|
overlayfs_file
|
2018-02-01 02:15:13 +01:00
|
|
|
perfetto
|
|
|
|
|
perfetto_exec
|
|
|
|
|
perfetto_tmpfs
|
|
|
|
|
perfetto_traces_data_file
|
|
|
|
|
perfprofd_service
|
|
|
|
|
property_info
|
2018-05-29 19:54:16 +02:00
|
|
|
recovery_socket
|
2018-02-01 02:15:13 +01:00
|
|
|
secure_element
|
2018-03-06 23:26:34 +01:00
|
|
|
secure_element_device
|
2018-02-01 02:15:13 +01:00
|
|
|
secure_element_service
|
|
|
|
|
secure_element_tmpfs
|
|
|
|
|
slice_service
|
|
|
|
|
stats
|
|
|
|
|
stats_data_file
|
|
|
|
|
stats_exec
|
|
|
|
|
stats_service
|
|
|
|
|
statscompanion_service
|
|
|
|
|
statsd
|
|
|
|
|
statsd_exec
|
|
|
|
|
statsd_tmpfs
|
2018-04-20 20:07:22 +02:00
|
|
|
statsdw
|
|
|
|
|
statsdw_socket
|
2018-02-01 02:15:13 +01:00
|
|
|
storaged_data_file
|
2018-08-17 20:07:09 +02:00
|
|
|
super_block_device
|
2018-02-01 02:15:13 +01:00
|
|
|
system_boot_reason_prop
|
2018-07-25 02:04:18 +02:00
|
|
|
system_lmk_prop
|
2018-04-09 02:15:08 +02:00
|
|
|
system_suspend_hwservice
|
2018-02-01 02:15:13 +01:00
|
|
|
system_update_service
|
2015-10-25 01:20:18 +02:00
|
|
|
test_boot_reason_prop
|
2018-06-25 16:36:51 +02:00
|
|
|
time_prop
|
2018-05-30 15:44:47 +02:00
|
|
|
timedetector_service
|
2018-06-19 12:36:23 +02:00
|
|
|
timezonedetector_service
|
2018-02-01 02:15:13 +01:00
|
|
|
tombstone_wifi_data_file
|
|
|
|
|
trace_data_file
|
|
|
|
|
traced
|
|
|
|
|
traced_consumer_socket
|
2018-04-20 20:09:45 +02:00
|
|
|
traced_enabled_prop
|
2018-02-01 02:15:13 +01:00
|
|
|
traced_exec
|
|
|
|
|
traced_probes
|
|
|
|
|
traced_probes_exec
|
|
|
|
|
traced_probes_tmpfs
|
|
|
|
|
traced_producer_socket
|
|
|
|
|
traced_tmpfs
|
|
|
|
|
traceur_app
|
|
|
|
|
traceur_app_tmpfs
|
2018-04-03 20:22:38 +02:00
|
|
|
untrusted_app_all_devpts
|
2018-02-01 02:15:13 +01:00
|
|
|
update_engine_log_data_file
|
2018-07-22 08:21:08 +02:00
|
|
|
uri_grants_service
|
2018-02-01 02:15:13 +01:00
|
|
|
usbd
|
|
|
|
|
usbd_exec
|
|
|
|
|
usbd_tmpfs
|
|
|
|
|
vendor_default_prop
|
|
|
|
|
vendor_init
|
2018-03-30 03:21:31 +02:00
|
|
|
vendor_security_patch_level_prop
|
2018-02-01 02:15:13 +01:00
|
|
|
vendor_shell
|
|
|
|
|
vold_metadata_file
|
|
|
|
|
vold_prepare_subdirs
|
|
|
|
|
vold_prepare_subdirs_exec
|
|
|
|
|
vold_service
|
2018-07-14 02:17:01 +02:00
|
|
|
vrflinger_vsync_service
|
2018-05-09 00:45:38 +02:00
|
|
|
wait_for_keymaster
|
|
|
|
|
wait_for_keymaster_exec
|
|
|
|
|
wait_for_keymaster_tmpfs
|
2018-08-02 00:48:20 +02:00
|
|
|
watchdogd_tmpfs
|
2018-02-01 02:15:13 +01:00
|
|
|
wm_trace_data_file
|
|
|
|
|
wpantund
|
|
|
|
|
wpantund_exec
|
|
|
|
|
wpantund_service
|
|
|
|
|
wpantund_tmpfs))
|
|
|
|
|
|
2018-04-03 20:22:38 +02:00
|
|
|
;; private_objects - a collection of types that were labeled differently in
|
|
|
|
|
;; older policy, but that should not remain accessible to vendor policy.
|
|
|
|
|
;; Thus, these types are also not mapped, but recorded for checkapi tests
|
|
|
|
|
(typeattribute priv_objects)
|
|
|
|
|
(typeattributeset priv_objects (untrusted_app_27_tmpfs))
|
