tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

private: Exempt system_app from adbd_config_prop neverallow

Browse source 
* ATV can't use the newer mobile method for ADB over Wi-Fi
  as ethernet is a massive usecase for us, and that implementation
  refuses to play nicely with any interface but Wi-Fi.

* Therefore, to avoid having to carry the crappy intermediate prop
  solutions in device/lineage/atv, relax this, as it's still a
  system namespace and still a limited context that is allowed to
  set the property.

Change-Id: Id87ebae6d0552bb8b9faac3114dca42128eaf5b0
This commit is contained in:
Nolen Johnson 2022-07-17 21:33:52 -04:00 committed by zlewchan
parent 6f0a3fe12b
commit 00206e09fd
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
prebuilts/api/34.0/private/property.te
View file

@ -372,12 +372,13 @@ neverallow {
system_adbd_prop
}:property_service set;
# Let (vendor_)init, adbd, and system_server set service.adb.tcp.port
# Let (vendor_)init, adbd, system_app, and system_server set service.adb.tcp.port
neverallow {
domain
-init
-vendor_init
-adbd
-system_app
-system_server
} {
adbd_config_prop

3
private/property.te
View file

@ -474,12 +474,13 @@ neverallow {
system_adbd_prop
}:property_service set;
# Let (vendor_)init, adbd, and system_server set service.adb.tcp.port
# Let (vendor_)init, adbd, system_app, and system_server set service.adb.tcp.port
neverallow {
domain
-init
-vendor_init
-adbd
-system_app
-system_server
} {
adbd_config_prop