SELinux rule for ro.device_owner and persist.logd.security
They are introduced for the device owner process logging feature. That is, for enterprise-owned devices with device owner app provisioned, the device owner may choose to turn on additional device-wide logging for auditing and intrusion detection purposes. Logging includes histories of app process startup, commands issued over ADB and lockscreen unlocking attempts. These logs will available to the device owner for analysis, potentially shipped to a remote server if it chooses to. ro.device_owner will be a master switch to turn off logging, if the device has no device owner provisioned. persist.logd.security is a switch that device owner can toggle (via DevicePoliyManager) to enable/disable logging. Writing to both properties should be only allowed by the system server. Bug: 22860162 Change-Id: Iabfe2347b094914813b9d6e0c808877c25ccd038
This commit is contained in:
Rubin Xu
parent
eed6bbdc43
commit
0c8286fe74
5 changed files with 13 additions and 0 deletions
3
adbd.te
3
adbd.te
|
|
@ -49,6 +49,9 @@ set_prop(adbd, shell_prop)
|
|||
set_prop(adbd, powerctl_prop)
|
||||
set_prop(adbd, ffs_prop)
|
||||
|
||||
# Access device logging gating property
|
||||
get_prop(adbd, device_logging_prop)
|
||||
|
||||
# Run /system/bin/bu
|
||||
allow adbd system_file:file rx_file_perms;
|
||||
|
||||
|
|
|
|||
3
logd.te
3
logd.te
|
|
@ -18,6 +18,9 @@ userdebug_or_eng(`
|
|||
allow logd pstorefs:dir search;
|
||||
allow logd pstorefs:file r_file_perms;
|
||||
|
||||
# Access device logging gating property
|
||||
get_prop(logd, device_logging_prop)
|
||||
|
||||
r_dir_file(logd, domain)
|
||||
|
||||
allow logd kernel:system syslog_mod;
|
||||
|
|
|
|||
|
|
@ -31,5 +31,6 @@ type powerctl_prop, property_type, core_property_type;
|
|||
type nfc_prop, property_type, core_property_type;
|
||||
type dalvik_prop, property_type, core_property_type;
|
||||
type config_prop, property_type, core_property_type;
|
||||
type device_logging_prop, property_type;
|
||||
|
||||
allow property_type tmpfs:filesystem associate;
|
||||
|
|
|
|||
|
|
@ -39,12 +39,17 @@ service.adb.tcp.port u:object_r:shell_prop:s0
|
|||
persist.audio. u:object_r:audio_prop:s0
|
||||
persist.debug. u:object_r:persist_debug_prop:s0
|
||||
persist.logd. u:object_r:logd_prop:s0
|
||||
persist.logd.security u:object_r:device_logging_prop:s0
|
||||
persist.log.tag u:object_r:logd_prop:s0
|
||||
persist.sys. u:object_r:system_prop:s0
|
||||
persist.service. u:object_r:system_prop:s0
|
||||
persist.service.bdroid. u:object_r:bluetooth_prop:s0
|
||||
persist.security. u:object_r:system_prop:s0
|
||||
|
||||
# Boolean property set by system server upon boot indicating
|
||||
# if device owner is provisioned.
|
||||
ro.device_owner u:object_r:device_logging_prop:s0
|
||||
|
||||
# selinux non-persistent properties
|
||||
selinux.restorecon_recursive u:object_r:restorecon_prop:s0
|
||||
selinux. u:object_r:security_prop:s0
|
||||
|
|
|
|||
|
|
@ -288,6 +288,7 @@ set_prop(system_server, system_radio_prop)
|
|||
set_prop(system_server, debug_prop)
|
||||
set_prop(system_server, powerctl_prop)
|
||||
set_prop(system_server, fingerprint_prop)
|
||||
set_prop(system_server, device_logging_prop)
|
||||
|
||||
# ctl interface
|
||||
set_prop(system_server, ctl_default_prop)
|
||||
|
|
|
|||
Loading…
Reference in a new issue