DO NOT MERGE ANYWHERE Revert "SEPolicy: Changes for new stack dumping scheme."
NOTE: This change is marked dnma because we don't want it on
oc-dr1-dev-plus-aosp or any other downstream branch. Moreover,
oc-dr1-dev-plus-aosp is the only outgoing merger from oc-dr1-dev for
this project.
This reverts commit 11bfcc1e96
.
Bug: 62908344
Test: make
Change-Id: Ide61829cf99f15777c46f657a0e140d594f88243
This commit is contained in:
parent
eb5542a178
commit
034f5840a2
6 changed files with 6 additions and 49 deletions
|
@ -138,26 +138,10 @@ allow appdomain shortcut_manager_icons:file { getattr read };
|
||||||
# Read icon file (opened by system).
|
# Read icon file (opened by system).
|
||||||
allow appdomain icon_file:file { getattr read };
|
allow appdomain icon_file:file { getattr read };
|
||||||
|
|
||||||
# Old stack dumping scheme : append to a global trace file (/data/anr/traces.txt).
|
# Write to /data/anr/traces.txt.
|
||||||
#
|
|
||||||
# TODO: All of these permissions except for anr_data_file:file append can be
|
|
||||||
# withdrawn once we've switched to the new stack dumping mechanism, see b/32064548
|
|
||||||
# and the rules below.
|
|
||||||
allow appdomain anr_data_file:dir search;
|
allow appdomain anr_data_file:dir search;
|
||||||
allow appdomain anr_data_file:file { open append };
|
allow appdomain anr_data_file:file { open append };
|
||||||
|
|
||||||
# New stack dumping scheme : request an output FD from tombstoned via a unix
|
|
||||||
# domain socket.
|
|
||||||
#
|
|
||||||
# Allow apps to connect and write to the tombstoned java trace socket in
|
|
||||||
# order to dump their traces. Also allow them to append traces to pipes
|
|
||||||
# created by dumptrace. (Also see the rules below where they are given
|
|
||||||
# additional permissions to dumpstate pipes for other aspects of bug report
|
|
||||||
# creation).
|
|
||||||
unix_socket_connect(appdomain, tombstoned_java_trace, tombstoned)
|
|
||||||
allow appdomain tombstoned:fd use;
|
|
||||||
allow appdomain dumpstate:fifo_file append;
|
|
||||||
|
|
||||||
# Allow apps to send dump information to dumpstate
|
# Allow apps to send dump information to dumpstate
|
||||||
allow appdomain dumpstate:fd use;
|
allow appdomain dumpstate:fd use;
|
||||||
allow appdomain dumpstate:unix_stream_socket { read write getopt getattr shutdown };
|
allow appdomain dumpstate:unix_stream_socket { read write getopt getattr shutdown };
|
||||||
|
|
|
@ -145,7 +145,6 @@
|
||||||
/dev/socket/rild u:object_r:rild_socket:s0
|
/dev/socket/rild u:object_r:rild_socket:s0
|
||||||
/dev/socket/rild-debug u:object_r:rild_debug_socket:s0
|
/dev/socket/rild-debug u:object_r:rild_debug_socket:s0
|
||||||
/dev/socket/tombstoned_crash u:object_r:tombstoned_crash_socket:s0
|
/dev/socket/tombstoned_crash u:object_r:tombstoned_crash_socket:s0
|
||||||
/dev/socket/tombstoned_java_trace u:object_r:tombstoned_java_trace_socket:s0
|
|
||||||
/dev/socket/tombstoned_intercept u:object_r:tombstoned_intercept_socket:s0
|
/dev/socket/tombstoned_intercept u:object_r:tombstoned_intercept_socket:s0
|
||||||
/dev/socket/uncrypt u:object_r:uncrypt_socket:s0
|
/dev/socket/uncrypt u:object_r:uncrypt_socket:s0
|
||||||
/dev/socket/vold u:object_r:vold_socket:s0
|
/dev/socket/vold u:object_r:vold_socket:s0
|
||||||
|
|
|
@ -330,24 +330,9 @@ allow system_server asec_apk_file:file create_file_perms;
|
||||||
allow system_server asec_public_file:file create_file_perms;
|
allow system_server asec_public_file:file create_file_perms;
|
||||||
|
|
||||||
# Manage /data/anr.
|
# Manage /data/anr.
|
||||||
#
|
|
||||||
# TODO: Some of these permissions can be withdrawn once we've switched to the
|
|
||||||
# new stack dumping mechanism, see b/32064548 and the rules below. In particular,
|
|
||||||
# the system_server should never need to create a new anr_data_file:file or write
|
|
||||||
# to one, but it will still need to read and append to existing files.
|
|
||||||
allow system_server anr_data_file:dir create_dir_perms;
|
allow system_server anr_data_file:dir create_dir_perms;
|
||||||
allow system_server anr_data_file:file create_file_perms;
|
allow system_server anr_data_file:file create_file_perms;
|
||||||
|
|
||||||
# New stack dumping scheme : request an output FD from tombstoned via a unix
|
|
||||||
# domain socket.
|
|
||||||
#
|
|
||||||
# Allow system_server to connect and write to the tombstoned java trace socket in
|
|
||||||
# order to dump its traces. Also allow the system server to write its traces to
|
|
||||||
# dumpstate during bugreport capture.
|
|
||||||
unix_socket_connect(system_server, tombstoned_java_trace, tombstoned)
|
|
||||||
allow system_server tombstoned:fd use;
|
|
||||||
allow system_server dumpstate:fifo_file append;
|
|
||||||
|
|
||||||
# Read /data/misc/incidents - only read. The fd will be sent over binder,
|
# Read /data/misc/incidents - only read. The fd will be sent over binder,
|
||||||
# with no DAC access to it, for dropbox to read.
|
# with no DAC access to it, for dropbox to read.
|
||||||
allow system_server incident_data_file:file read;
|
allow system_server incident_data_file:file read;
|
||||||
|
|
|
@ -780,19 +780,14 @@ neverallow {
|
||||||
# Processes that can't exec crash_dump
|
# Processes that can't exec crash_dump
|
||||||
-mediacodec
|
-mediacodec
|
||||||
-mediaextractor
|
-mediaextractor
|
||||||
} tombstoned_crash_socket:unix_stream_socket connectto;
|
} tombstoned:unix_stream_socket connectto;
|
||||||
|
|
||||||
neverallow {
|
neverallow {
|
||||||
domain
|
domain
|
||||||
-crash_dump
|
-crash_dump
|
||||||
-mediacodec
|
-mediacodec
|
||||||
-mediaextractor
|
-mediaextractor
|
||||||
} tombstoned_crash_socket:sock_file write;
|
} tombstoned_crash_socket:sock_file write;
|
||||||
|
|
||||||
# Never allow anyone except dumpstate or the system server to connect or write to
|
|
||||||
# the tombstoned intercept socket.
|
|
||||||
neverallow { domain -dumpstate -system_server } tombstoned_intercept_socket:sock_file write;
|
neverallow { domain -dumpstate -system_server } tombstoned_intercept_socket:sock_file write;
|
||||||
neverallow { domain -dumpstate -system_server } tombstoned_intercept_socket:unix_stream_socket connectto;
|
|
||||||
|
|
||||||
# Android does not support System V IPCs.
|
# Android does not support System V IPCs.
|
||||||
#
|
#
|
||||||
|
|
|
@ -272,7 +272,6 @@ type rild_debug_socket, file_type;
|
||||||
type system_wpa_socket, file_type, coredomain_socket;
|
type system_wpa_socket, file_type, coredomain_socket;
|
||||||
type system_ndebug_socket, file_type, coredomain_socket, mlstrustedobject;
|
type system_ndebug_socket, file_type, coredomain_socket, mlstrustedobject;
|
||||||
type tombstoned_crash_socket, file_type, coredomain_socket, mlstrustedobject;
|
type tombstoned_crash_socket, file_type, coredomain_socket, mlstrustedobject;
|
||||||
type tombstoned_java_trace_socket, file_type, mlstrustedobject;
|
|
||||||
type tombstoned_intercept_socket, file_type, coredomain_socket;
|
type tombstoned_intercept_socket, file_type, coredomain_socket;
|
||||||
type uncrypt_socket, file_type, coredomain_socket;
|
type uncrypt_socket, file_type, coredomain_socket;
|
||||||
type vold_socket, file_type, coredomain_socket;
|
type vold_socket, file_type, coredomain_socket;
|
||||||
|
|
|
@ -10,13 +10,8 @@ allow tombstoned domain:dir r_dir_perms;
|
||||||
allow tombstoned domain:file r_file_perms;
|
allow tombstoned domain:file r_file_perms;
|
||||||
allow tombstoned tombstone_data_file:dir rw_dir_perms;
|
allow tombstoned tombstone_data_file:dir rw_dir_perms;
|
||||||
allow tombstoned tombstone_data_file:file create_file_perms;
|
allow tombstoned tombstone_data_file:file create_file_perms;
|
||||||
|
allow tombstoned anr_data_file:file { getattr append };
|
||||||
|
|
||||||
# TODO: Remove append / write permissions. They were temporarily
|
# TODO: Find out why this is happening.
|
||||||
# granted due to a bug which appears to have been fixed.
|
allow tombstoned anr_data_file:file write;
|
||||||
allow tombstoned anr_data_file:file { append write };
|
auditallow tombstoned anr_data_file:file write;
|
||||||
auditallow tombstoned anr_data_file:file { append write };
|
|
||||||
|
|
||||||
# Changes for the new stack dumping mechanism. Each trace goes into a
|
|
||||||
# separate file, and these files are managed by tombstoned.
|
|
||||||
allow tombstoned anr_data_file:dir rw_dir_perms;
|
|
||||||
allow tombstoned anr_data_file:file { getattr open create };
|
|
||||||
|
|
Loading…
Reference in a new issue