From 3e113edf0225bbe54a0f98353dd22de855ee2657 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Mon, 2 Mar 2015 20:10:48 -0800
Subject: [PATCH] neverallow ueventd to set properties

Add a compile time assertion that no SELinux rules exist which
allow ueventd to set properties, or even connect to the property
socket.

See https://android-review.googlesource.com/#/c/133120/6/init/devices.cpp@941
for details.

Change-Id: Ia9e932a3d94443d70644b14f36c74df4be7e9e32
---
 ueventd.te | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/ueventd.te b/ueventd.te
index 2e61e8852..23c93ad85 100644
--- a/ueventd.te
+++ b/ueventd.te
@@ -23,3 +23,14 @@ allow ueventd efs_file:file r_file_perms;
 
 # Use setfscreatecon() to label /dev directories and files.
 allow ueventd self:process setfscreate;
+
+#####
+##### neverallow rules
+#####
+
+# ueventd must never set properties, otherwise deadlocks may occur.
+# https://android-review.googlesource.com/#/c/133120/6/init/devices.cpp@941
+# No writing to the property socket, connecting to init, or setting properties.
+neverallow ueventd property_socket:sock_file write;
+neverallow ueventd init:unix_stream_socket connectto;
+neverallow ueventd property_type:property_service set;