tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Audit use of watch and watch_reads on apk_data_file

Browse source 
This can be used as a side channel observe when an application
is launched.

Ignore-AOSP-First: Security fix
Bug: 231587164
Test: boot device, install/uninstall apps. Observe no new denials.
Test: Run researcher provided PoC. Observe audit messages.
Change-Id: I8434d9e3093ddc3109ac67d0870b7f664fb6f08e
This commit is contained in:
Jeff Vander Stoep 2023-03-27 10:03:46 +02:00
parent d1a81929df
commit 3fbb177016
1 changed files with 9 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
private/app.te
View file

@ -424,8 +424,15 @@ allow appdomain shared_relro_file:dir search;
allow appdomain shared_relro_file:file r_file_perms;
# Allow apps to read/execute installed binaries
allow appdomain apk_data_file:dir r_dir_perms;
allow appdomain apk_data_file:file rx_file_perms;
allow appdomain apk_data_file:dir { open getattr read search ioctl lock };
allow appdomain apk_data_file:file { getattr open read ioctl lock map x_file_perms };
# Allow watch & watch_reads for now, but audit to see if they're actually used.
allow appdomain apk_data_file:dir { watch watch_reads };
allow appdomain apk_data_file:file { watch watch_reads };
userdebug_or_eng(`
auditallow appdomain apk_data_file:dir { watch watch_reads };
auditallow appdomain apk_data_file:file { watch watch_reads };
')
# /data/resource-cache
allow appdomain resourcecache_data_file:file r_file_perms;