Merge "Allow odsign to stop itself." into sc-dev am: 3f1c5d5c14

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/15393139

Change-Id: Ia961ad83d9371b0868019b96a764e7193235a981

prebuilts/api/31.0/private/odsign.te

@@ -54,6 +54,9 @@ domain_auto_trans(odsign, fsverity_init_exec, fsverity_init)
 set_prop(odsign, odsign_prop)
 neverallow { domain -odsign -init } odsign_prop:property_service set;
 
+# Allow odsign to stop itself
+set_prop(odsign, ctl_odsign_prop)
+
 # Neverallows
 neverallow { domain -odsign -init -fsverity_init } odsign_data_file:dir *;
 neverallow { domain -odsign -init -fsverity_init } odsign_data_file:file *;

prebuilts/api/31.0/private/property.te

@@ -37,6 +37,7 @@ system_internal_prop(userspace_reboot_test_prop)
 system_internal_prop(verity_status_prop)
 system_internal_prop(zygote_wrap_prop)
 system_internal_prop(ctl_mediatranscoding_prop)
+system_internal_prop(ctl_odsign_prop)
 
 ###
 ### Neverallow rules

prebuilts/api/31.0/private/property_contexts

@@ -169,6 +169,9 @@ ctl.restart$gsid        u:object_r:ctl_gsid_prop:s0
 # Restrict access to stopping apexd.
 ctl.stop$apexd          u:object_r:ctl_apexd_prop:s0
 
+# Restrict access to stopping odsign
+ctl.stop$odsign         u:object_r:ctl_odsign_prop:s0
+
 # Restrict access to starting media.transcoding.
 ctl.start$media.transcoding  u:object_r:ctl_mediatranscoding_prop:s0
 

private/odsign.te

@@ -54,6 +54,9 @@ domain_auto_trans(odsign, fsverity_init_exec, fsverity_init)
 set_prop(odsign, odsign_prop)
 neverallow { domain -odsign -init } odsign_prop:property_service set;
 
+# Allow odsign to stop itself
+set_prop(odsign, ctl_odsign_prop)
+
 # Neverallows
 neverallow { domain -odsign -init -fsverity_init } odsign_data_file:dir *;
 neverallow { domain -odsign -init -fsverity_init } odsign_data_file:file *;

private/property.te

@@ -37,6 +37,7 @@ system_internal_prop(userspace_reboot_test_prop)
 system_internal_prop(verity_status_prop)
 system_internal_prop(zygote_wrap_prop)
 system_internal_prop(ctl_mediatranscoding_prop)
+system_internal_prop(ctl_odsign_prop)
 
 ###
 ### Neverallow rules

private/property_contexts

@@ -169,6 +169,9 @@ ctl.restart$gsid        u:object_r:ctl_gsid_prop:s0
 # Restrict access to stopping apexd.
 ctl.stop$apexd          u:object_r:ctl_apexd_prop:s0
 
+# Restrict access to stopping odsign
+ctl.stop$odsign         u:object_r:ctl_odsign_prop:s0
+
 # Restrict access to starting media.transcoding.
 ctl.start$media.transcoding  u:object_r:ctl_mediatranscoding_prop:s0