Merge "Ensure that only desired processes can access TracingServiceProxy" into sc-dev am: 98f9af8bc1
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/15084877 Change-Id: Ic77df6bb2ee1e65eb650227908135500c6c1efec
This commit is contained in:
commit
1cb70ac72e
8 changed files with 22 additions and 10 deletions
|
@ -27,15 +27,16 @@ set_prop(atrace, debug_prop)
|
|||
allow atrace {
|
||||
service_manager_type
|
||||
-apex_service
|
||||
-incident_service
|
||||
-iorapd_service
|
||||
-netd_service
|
||||
-dnsresolver_service
|
||||
-stats_service
|
||||
-dumpstate_service
|
||||
-incident_service
|
||||
-installd_service
|
||||
-vold_service
|
||||
-iorapd_service
|
||||
-lpdump_service
|
||||
-netd_service
|
||||
-stats_service
|
||||
-tracingproxy_service
|
||||
-vold_service
|
||||
-default_android_service
|
||||
}:service_manager { find };
|
||||
allow atrace servicemanager:service_manager list;
|
||||
|
|
|
@ -161,6 +161,7 @@ allow incidentd {
|
|||
system_server_service
|
||||
app_api_service
|
||||
system_api_service
|
||||
-tracingproxy_service
|
||||
}:service_manager find;
|
||||
|
||||
# Only incidentd can publish the binder service
|
||||
|
|
|
@ -90,6 +90,7 @@ allow system_app {
|
|||
-netd_service
|
||||
-system_suspend_control_internal_service
|
||||
-system_suspend_control_service
|
||||
-tracingproxy_service
|
||||
-virtual_touchpad_service
|
||||
-vold_service
|
||||
-vr_hwc_service
|
||||
|
|
|
@ -116,3 +116,6 @@ neverallow traced {
|
|||
# Only init is allowed to enter the traced domain via exec()
|
||||
neverallow { domain -init } traced:process transition;
|
||||
neverallow * traced:process dyntransition;
|
||||
|
||||
# Limit the processes that can access tracingproxy_service.
|
||||
neverallow { domain -traced -dumpstate -traceur_app -shell -system_server } tracingproxy_service:service_manager find;
|
||||
|
|
|
@ -27,15 +27,16 @@ set_prop(atrace, debug_prop)
|
|||
allow atrace {
|
||||
service_manager_type
|
||||
-apex_service
|
||||
-incident_service
|
||||
-iorapd_service
|
||||
-netd_service
|
||||
-dnsresolver_service
|
||||
-stats_service
|
||||
-dumpstate_service
|
||||
-incident_service
|
||||
-installd_service
|
||||
-vold_service
|
||||
-iorapd_service
|
||||
-lpdump_service
|
||||
-netd_service
|
||||
-stats_service
|
||||
-tracingproxy_service
|
||||
-vold_service
|
||||
-default_android_service
|
||||
}:service_manager { find };
|
||||
allow atrace servicemanager:service_manager list;
|
||||
|
|
|
@ -161,6 +161,7 @@ allow incidentd {
|
|||
system_server_service
|
||||
app_api_service
|
||||
system_api_service
|
||||
-tracingproxy_service
|
||||
}:service_manager find;
|
||||
|
||||
# Only incidentd can publish the binder service
|
||||
|
|
|
@ -90,6 +90,7 @@ allow system_app {
|
|||
-netd_service
|
||||
-system_suspend_control_internal_service
|
||||
-system_suspend_control_service
|
||||
-tracingproxy_service
|
||||
-virtual_touchpad_service
|
||||
-vold_service
|
||||
-vr_hwc_service
|
||||
|
|
|
@ -116,3 +116,6 @@ neverallow traced {
|
|||
# Only init is allowed to enter the traced domain via exec()
|
||||
neverallow { domain -init } traced:process transition;
|
||||
neverallow * traced:process dyntransition;
|
||||
|
||||
# Limit the processes that can access tracingproxy_service.
|
||||
neverallow { domain -traced -dumpstate -traceur_app -shell -system_server } tracingproxy_service:service_manager find;
|
||||
|
|
Loading…
Reference in a new issue