Rename untrusted_app_visible_*' to include 'violators'.
Bug: 110887137
Test: Flash new system policy onto a device with vendor policy that uses
untrusted_app_visible_* attributes, and check that old and new attributes
are applied to exactly same types.
Change-Id: Ibee0ec645878fcc8c93cd0fbd169a8d45129d79e
Merged-In: Ibee0ec645878fcc8c93cd0fbd169a8d45129d79e
(cherry picked from commit 7abca51d19)
This commit is contained in:
Tri Vo
parent
7ed266c678
commit
7f8b6cc66c
3 changed files with 17 additions and 7 deletions
|
|
@ -189,7 +189,7 @@ neverallow all_untrusted_apps {
|
|||
-hal_omx_hwservice
|
||||
-hal_cas_hwservice
|
||||
-hal_neuralnetworks_hwservice
|
||||
-untrusted_app_visible_hwservice
|
||||
-untrusted_app_visible_hwservice_violators
|
||||
}:hwservice_manager find;
|
||||
|
||||
# Make sure that the following services are never accessible by untrusted_apps
|
||||
|
|
@ -259,7 +259,7 @@ full_treble_only(`
|
|||
-hal_neuralnetworks_server
|
||||
-hal_omx_server
|
||||
-binder_in_vendor_violators # TODO(b/35870313): Remove once all violations are gone
|
||||
-untrusted_app_visible_halserver
|
||||
-untrusted_app_visible_halserver_violators
|
||||
}:binder { call transfer };
|
||||
')
|
||||
|
||||
|
|
|
|||
|
|
@ -40,3 +40,13 @@
|
|||
; Unfortunately, we can't currently express this in module policy language:
|
||||
; typeattribute { appdomain -isolated_app } hal_neuralnetworks_client;
|
||||
(typeattributeset hal_neuralnetworks_client ((and (appdomain) ((not (isolated_app))))))
|
||||
|
||||
; TODO(b/112056006): move these to mapping files when/if we implement 'versioned' attributes.
|
||||
; Rename untrusted_app_visible_* to untrusted_app_visible_*_violators.
|
||||
; Unfortunately, we can't currently express this in module policy language:
|
||||
; typeattribute untrusted_app_visible_hwservice untrusted_app_visible_hwservice_violators;
|
||||
; typeattribute untrusted_app_visible_halserver untrusted_app_visible_halserver_violators;
|
||||
(typeattribute untrusted_app_visible_hwservice)
|
||||
(typeattributeset untrusted_app_visible_hwservice_violators (untrusted_app_visible_hwservice))
|
||||
(typeattribute untrusted_app_visible_halserver)
|
||||
(typeattributeset untrusted_app_visible_halserver_violators (untrusted_app_visible_halserver))
|
||||
|
|
|
|||
|
|
@ -191,19 +191,19 @@ expandattribute system_writes_vendor_properties_violators false;
|
|||
# version, requiring all hwservices that are labeled with this
|
||||
# attribute to be submitted to AOSP in order to maintain their
|
||||
# app-visibility.
|
||||
attribute untrusted_app_visible_hwservice;
|
||||
expandattribute untrusted_app_visible_hwservice false;
|
||||
attribute untrusted_app_visible_hwservice_violators;
|
||||
expandattribute untrusted_app_visible_hwservice_violators false;
|
||||
|
||||
# halserver domains that are accessible to untrusted applications. These
|
||||
# domains are typically those hosting hwservices attributed by the
|
||||
# untrusted_app_visible_hwservice.
|
||||
# untrusted_app_visible_hwservice_violators.
|
||||
# WARNING: Use of this attribute should be avoided unless absolutely necessary.
|
||||
# It is a temporary allowance to aid the transition to treble and will be
|
||||
# removed in the future platform version, requiring all halserver domains that
|
||||
# are labeled with this attribute to be submitted to AOSP in order to maintain
|
||||
# their app-visibility.
|
||||
attribute untrusted_app_visible_halserver;
|
||||
expandattribute untrusted_app_visible_halserver false;
|
||||
attribute untrusted_app_visible_halserver_violators;
|
||||
expandattribute untrusted_app_visible_halserver_violators false;
|
||||
|
||||
# PDX services
|
||||
attribute pdx_endpoint_dir_type;
|
||||
|
|
|
|||
Loading…
Reference in a new issue