Merge "Ensure that only desired processes can access TracingServiceProxy" into sc-dev am: 98f9af8bc1

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/15084877

Change-Id: Ic77df6bb2ee1e65eb650227908135500c6c1efec
This commit is contained in:
TreeHugger Robot 2021-06-24 22:13:12 +00:00 committed by Automerger Merge Worker
commit 1cb70ac72e
8 changed files with 22 additions and 10 deletions

View file

@ -27,15 +27,16 @@ set_prop(atrace, debug_prop)
allow atrace {
service_manager_type
-apex_service
-incident_service
-iorapd_service
-netd_service
-dnsresolver_service
-stats_service
-dumpstate_service
-incident_service
-installd_service
-vold_service
-iorapd_service
-lpdump_service
-netd_service
-stats_service
-tracingproxy_service
-vold_service
-default_android_service
}:service_manager { find };
allow atrace servicemanager:service_manager list;

View file

@ -161,6 +161,7 @@ allow incidentd {
system_server_service
app_api_service
system_api_service
-tracingproxy_service
}:service_manager find;
# Only incidentd can publish the binder service

View file

@ -90,6 +90,7 @@ allow system_app {
-netd_service
-system_suspend_control_internal_service
-system_suspend_control_service
-tracingproxy_service
-virtual_touchpad_service
-vold_service
-vr_hwc_service

View file

@ -116,3 +116,6 @@ neverallow traced {
# Only init is allowed to enter the traced domain via exec()
neverallow { domain -init } traced:process transition;
neverallow * traced:process dyntransition;
# Limit the processes that can access tracingproxy_service.
neverallow { domain -traced -dumpstate -traceur_app -shell -system_server } tracingproxy_service:service_manager find;

View file

@ -27,15 +27,16 @@ set_prop(atrace, debug_prop)
allow atrace {
service_manager_type
-apex_service
-incident_service
-iorapd_service
-netd_service
-dnsresolver_service
-stats_service
-dumpstate_service
-incident_service
-installd_service
-vold_service
-iorapd_service
-lpdump_service
-netd_service
-stats_service
-tracingproxy_service
-vold_service
-default_android_service
}:service_manager { find };
allow atrace servicemanager:service_manager list;

View file

@ -161,6 +161,7 @@ allow incidentd {
system_server_service
app_api_service
system_api_service
-tracingproxy_service
}:service_manager find;
# Only incidentd can publish the binder service

View file

@ -90,6 +90,7 @@ allow system_app {
-netd_service
-system_suspend_control_internal_service
-system_suspend_control_service
-tracingproxy_service
-virtual_touchpad_service
-vold_service
-vr_hwc_service

View file

@ -116,3 +116,6 @@ neverallow traced {
# Only init is allowed to enter the traced domain via exec()
neverallow { domain -init } traced:process transition;
neverallow * traced:process dyntransition;
# Limit the processes that can access tracingproxy_service.
neverallow { domain -traced -dumpstate -traceur_app -shell -system_server } tracingproxy_service:service_manager find;