Merge "Move mtectrl to private"
This commit is contained in:
commit
6003019fa8
5 changed files with 21 additions and 22 deletions
|
@ -41,7 +41,6 @@
|
|||
hal_wifi_supplicant_service
|
||||
locale_service
|
||||
mdns_service
|
||||
mtectrl
|
||||
nearby_service
|
||||
proc_watermark_boost_factor
|
||||
proc_watermark_scale_factor
|
||||
|
|
|
@ -112,6 +112,26 @@ allow domain linkerconfig_file:file r_file_perms;
|
|||
# Allow all processes to check for the existence of the boringssl_self_test_marker files.
|
||||
allow domain boringssl_self_test_marker:dir search;
|
||||
|
||||
# No domains other than a select few can access the misc_block_device. This
|
||||
# block device is reserved for OTA use.
|
||||
# Do not assert this rule on userdebug/eng builds, due to some devices using
|
||||
# this partition for testing purposes.
|
||||
neverallow {
|
||||
domain
|
||||
userdebug_or_eng(`-domain') # exclude debuggable builds
|
||||
-fastbootd
|
||||
-hal_bootctl_server
|
||||
-init
|
||||
-uncrypt
|
||||
-update_engine
|
||||
-vendor_init
|
||||
-vendor_misc_writer
|
||||
-vold
|
||||
-recovery
|
||||
-ueventd
|
||||
-mtectrl
|
||||
} misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock };
|
||||
|
||||
# Limit ability to ptrace or read sensitive /proc/pid files of processes
|
||||
# with other UIDs to these allowlisted domains.
|
||||
neverallow {
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
# mtectrl is a tool to request MTE (Memory Tagging Extensions) from the bootloader.
|
||||
type mtectrl, domain, coredomain;
|
||||
type mtectrl_exec, system_file_type, exec_type, file_type;
|
||||
|
||||
init_daemon_domain(mtectrl)
|
||||
|
|
|
@ -611,26 +611,6 @@ neverallow {
|
|||
-update_engine
|
||||
} system_block_device:blk_file { write append };
|
||||
|
||||
# No domains other than a select few can access the misc_block_device. This
|
||||
# block device is reserved for OTA use.
|
||||
# Do not assert this rule on userdebug/eng builds, due to some devices using
|
||||
# this partition for testing purposes.
|
||||
neverallow {
|
||||
domain
|
||||
userdebug_or_eng(`-domain') # exclude debuggable builds
|
||||
-fastbootd
|
||||
-hal_bootctl_server
|
||||
-init
|
||||
-uncrypt
|
||||
-update_engine
|
||||
-vendor_init
|
||||
-vendor_misc_writer
|
||||
-vold
|
||||
-recovery
|
||||
-ueventd
|
||||
-mtectrl
|
||||
} misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock };
|
||||
|
||||
# Only (hw|vnd|)servicemanager should be able to register with binder as the context manager
|
||||
neverallow { domain -servicemanager -hwservicemanager -vndservicemanager } *:binder set_context_mgr;
|
||||
# The service managers are only allowed to access their own device node
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
type mtectrl, domain, coredomain;
|
Loading…
Reference in a new issue