Merge "Ensure that only desired processes can access TracingServiceProxy" into sc-dev
This commit is contained in:
TreeHugger Robot
Android (Google) Code Review
commit
98f9af8bc1
8 changed files with 22 additions and 10 deletions
|
|
@ -27,15 +27,16 @@ set_prop(atrace, debug_prop)
|
||||||
allow atrace {
|
allow atrace {
|
||||||
service_manager_type
|
service_manager_type
|
||||||
-apex_service
|
-apex_service
|
||||||
-incident_service
|
|
||||||
-iorapd_service
|
|
||||||
-netd_service
|
|
||||||
-dnsresolver_service
|
-dnsresolver_service
|
||||||
-stats_service
|
|
||||||
-dumpstate_service
|
-dumpstate_service
|
||||||
|
-incident_service
|
||||||
-installd_service
|
-installd_service
|
||||||
-vold_service
|
-iorapd_service
|
||||||
-lpdump_service
|
-lpdump_service
|
||||||
|
-netd_service
|
||||||
|
-stats_service
|
||||||
|
-tracingproxy_service
|
||||||
|
-vold_service
|
||||||
-default_android_service
|
-default_android_service
|
||||||
}:service_manager { find };
|
}:service_manager { find };
|
||||||
allow atrace servicemanager:service_manager list;
|
allow atrace servicemanager:service_manager list;
|
||||||
|
|
|
||||||
|
|
@ -161,6 +161,7 @@ allow incidentd {
|
||||||
system_server_service
|
system_server_service
|
||||||
app_api_service
|
app_api_service
|
||||||
system_api_service
|
system_api_service
|
||||||
|
-tracingproxy_service
|
||||||
}:service_manager find;
|
}:service_manager find;
|
||||||
|
|
||||||
# Only incidentd can publish the binder service
|
# Only incidentd can publish the binder service
|
||||||
|
|
|
||||||
|
|
@ -90,6 +90,7 @@ allow system_app {
|
||||||
-netd_service
|
-netd_service
|
||||||
-system_suspend_control_internal_service
|
-system_suspend_control_internal_service
|
||||||
-system_suspend_control_service
|
-system_suspend_control_service
|
||||||
|
-tracingproxy_service
|
||||||
-virtual_touchpad_service
|
-virtual_touchpad_service
|
||||||
-vold_service
|
-vold_service
|
||||||
-vr_hwc_service
|
-vr_hwc_service
|
||||||
|
|
|
||||||
|
|
@ -116,3 +116,6 @@ neverallow traced {
|
||||||
# Only init is allowed to enter the traced domain via exec()
|
# Only init is allowed to enter the traced domain via exec()
|
||||||
neverallow { domain -init } traced:process transition;
|
neverallow { domain -init } traced:process transition;
|
||||||
neverallow * traced:process dyntransition;
|
neverallow * traced:process dyntransition;
|
||||||
|
|
||||||
|
# Limit the processes that can access tracingproxy_service.
|
||||||
|
neverallow { domain -traced -dumpstate -traceur_app -shell -system_server } tracingproxy_service:service_manager find;
|
||||||
|
|
|
||||||
|
|
@ -27,15 +27,16 @@ set_prop(atrace, debug_prop)
|
||||||
allow atrace {
|
allow atrace {
|
||||||
service_manager_type
|
service_manager_type
|
||||||
-apex_service
|
-apex_service
|
||||||
-incident_service
|
|
||||||
-iorapd_service
|
|
||||||
-netd_service
|
|
||||||
-dnsresolver_service
|
-dnsresolver_service
|
||||||
-stats_service
|
|
||||||
-dumpstate_service
|
-dumpstate_service
|
||||||
|
-incident_service
|
||||||
-installd_service
|
-installd_service
|
||||||
-vold_service
|
-iorapd_service
|
||||||
-lpdump_service
|
-lpdump_service
|
||||||
|
-netd_service
|
||||||
|
-stats_service
|
||||||
|
-tracingproxy_service
|
||||||
|
-vold_service
|
||||||
-default_android_service
|
-default_android_service
|
||||||
}:service_manager { find };
|
}:service_manager { find };
|
||||||
allow atrace servicemanager:service_manager list;
|
allow atrace servicemanager:service_manager list;
|
||||||
|
|
|
||||||
|
|
@ -161,6 +161,7 @@ allow incidentd {
|
||||||
system_server_service
|
system_server_service
|
||||||
app_api_service
|
app_api_service
|
||||||
system_api_service
|
system_api_service
|
||||||
|
-tracingproxy_service
|
||||||
}:service_manager find;
|
}:service_manager find;
|
||||||
|
|
||||||
# Only incidentd can publish the binder service
|
# Only incidentd can publish the binder service
|
||||||
|
|
|
||||||
|
|
@ -90,6 +90,7 @@ allow system_app {
|
||||||
-netd_service
|
-netd_service
|
||||||
-system_suspend_control_internal_service
|
-system_suspend_control_internal_service
|
||||||
-system_suspend_control_service
|
-system_suspend_control_service
|
||||||
|
-tracingproxy_service
|
||||||
-virtual_touchpad_service
|
-virtual_touchpad_service
|
||||||
-vold_service
|
-vold_service
|
||||||
-vr_hwc_service
|
-vr_hwc_service
|
||||||
|
|
|
||||||
|
|
@ -116,3 +116,6 @@ neverallow traced {
|
||||||
# Only init is allowed to enter the traced domain via exec()
|
# Only init is allowed to enter the traced domain via exec()
|
||||||
neverallow { domain -init } traced:process transition;
|
neverallow { domain -init } traced:process transition;
|
||||||
neverallow * traced:process dyntransition;
|
neverallow * traced:process dyntransition;
|
||||||
|
|
||||||
|
# Limit the processes that can access tracingproxy_service.
|
||||||
|
neverallow { domain -traced -dumpstate -traceur_app -shell -system_server } tracingproxy_service:service_manager find;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue