Merge "Allow vendor_init without compatible_property to write most properties" am: 873d6ad6fa am: d9957e5439

am: 4f809e771e

Change-Id: I5615b53ea29de37cfc3fae897d56fe967f76600c
This commit is contained in:
Tom Cherry 2018-01-23 21:09:51 +00:00 committed by android-build-merger
commit 590dda5175
2 changed files with 17 additions and 2 deletions

View file

@ -506,10 +506,12 @@ neverallow * hidl_base_hwservice:hwservice_manager find;
# Require that domains explicitly label unknown properties, and do not allow
# anyone but init to modify unknown properties.
neverallow { domain -init } default_prop:property_service set;
neverallow { domain -init } mmc_prop:property_service set;
neverallow { domain -init -vendor_init } default_prop:property_service set;
neverallow { domain -init -vendor_init } mmc_prop:property_service set;
compatible_property_only(`
neverallow { domain -init } default_prop:property_service set;
neverallow { domain -init } mmc_prop:property_service set;
neverallow { domain -init -vendor_init } exported_default_prop:property_service set;
neverallow { domain -init -vendor_init } exported2_default_prop:property_service set;
neverallow { domain -init -vendor_init } exported3_default_prop:property_service set;

View file

@ -218,6 +218,19 @@ allow vendor_init serialno_prop:file { getattr open read };
# Vendor init can perform operations on trusted and security Extended Attributes
allow vendor_init self:global_capability_class_set sys_admin;
not_compatible_property(`
set_prop(vendor_init, {
property_type
-restorecon_prop
-netd_stable_secret_prop
-firstboot_prop
-pm_prop
-system_boot_reason_prop
-bootloader_boot_reason_prop
-last_boot_reason_prop
})
')
set_prop(vendor_init, debug_prop)
set_prop(vendor_init, exported_config_prop)
set_prop(vendor_init, exported_dalvik_prop)