Merge "Add extraneous neverallow rule to enforce attribute inclusion." into oc-dev
am: b5aeaf6dfa
Change-Id: Ib0ac9cf10c7cb9fd2462e0036307e2552d19b93b
This commit is contained in:
Dan Cashman
android-build-merger
commit
2f2fd36539
2 changed files with 10 additions and 0 deletions
|
|
@ -499,6 +499,7 @@ neverallow {
|
|||
-recovery
|
||||
-ueventd
|
||||
} misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock };
|
||||
neverallow hal_bootctl unlabeled:service_manager list; #TODO: b/62658302
|
||||
|
||||
# Only (hw|vnd|)servicemanager should be able to register with binder as the context manager
|
||||
neverallow { domain -servicemanager -hwservicemanager -vndservicemanager } *:binder set_context_mgr;
|
||||
|
|
@ -557,6 +558,7 @@ full_treble_only(`
|
|||
-appdomain
|
||||
-binder_in_vendor_violators # TODO(b/35870313): Remove once all violations are gone
|
||||
} servicemanager:binder { call transfer };
|
||||
neverallow binder_in_vendor_violators unlabeled:service_manager list ; #TODO: b/62658302
|
||||
')
|
||||
|
||||
# On full TREBLE devices, only vendor components, shell, and su can use VendorBinder.
|
||||
|
|
@ -615,6 +617,7 @@ full_treble_only(`
|
|||
-incidentd # TODO(b/35870313): Remove incidentd from this list once vendor domains no longer declare Binder services
|
||||
-tombstoned # TODO(b/36604251): Remove tombstoned from this list once mediacodec (OMX HAL) no longer declares Binder services
|
||||
});
|
||||
neverallow socket_between_core_and_vendor_violators unlabeled:service_manager list ; #TODO: b/62658302
|
||||
|
||||
# Vendor domains (except netdomain) are not permitted to initiate communications to netd sockets
|
||||
neverallow_establish_socket_comms({
|
||||
|
|
@ -646,6 +649,10 @@ full_treble_only(`
|
|||
-pdx_endpoint_socket_type # used by VR layer
|
||||
-pdx_channel_socket_type # used by VR layer
|
||||
}:sock_file ~{ append getattr ioctl read write };
|
||||
neverallow {
|
||||
pdx_endpoint_socket_type
|
||||
pdx_channel_socket_type
|
||||
} unlabeled:service_manager list; #TODO: b/62658302
|
||||
|
||||
# Core domains are not permitted to create/open sockets owned by vendor domains
|
||||
neverallow {
|
||||
|
|
@ -730,6 +737,7 @@ full_treble_only(`
|
|||
-crash_dump_exec
|
||||
-netutils_wrapper_exec
|
||||
}:file { entrypoint execute execute_no_trans };
|
||||
neverallow vendor_executes_system_violators unlabeled:service_manager list; #TODO: b/62658302
|
||||
')
|
||||
|
||||
# Only authorized processes should be writing to files in /data/dalvik-cache
|
||||
|
|
|
|||
|
|
@ -550,6 +550,7 @@ define(`use_drmservice', `
|
|||
define(`add_service', `
|
||||
allow $1 $2:service_manager { add find };
|
||||
neverallow { domain -$1 } $2:service_manager add;
|
||||
neverallow $1 unlabeled:service_manager add; #TODO: b/62658302
|
||||
')
|
||||
|
||||
###########################################
|
||||
|
|
@ -561,6 +562,7 @@ define(`add_hwservice', `
|
|||
allow $1 $2:hwservice_manager { add find };
|
||||
allow $1 hidl_base_hwservice:hwservice_manager add;
|
||||
neverallow { domain -$1 } $2:hwservice_manager add;
|
||||
neverallow $1 unlabeled:hwservice_manager add; #TODO: b/62658302
|
||||
')
|
||||
|
||||
##########################################
|
||||
|
|
|
|||
Loading…
Reference in a new issue