Temporarily revert the SELinux policy for persist.netd.stable_secret.

This change did not make it into core sepolicy in time for O.
The revert allows devices to define these selinux policies in
vendor-specific sepolicy instead of core sepolicy. It is
necessary because:

1. It is too late to change property_contexts in O.
2. Adding the netd_stable_secret prop to vendor sepolicy results
   in a duplicate definition error at compile time.
3. Defining a new vendor-specific context (such as
   net_stable_secret_vendor_prop) and applying it to
   persist.netd.stable_secret results in the device not booting
   due to attempting to apply two different contexts to the same
   property.

Lack of the sepolicy no longer breaks wifi connectivity now that
IpManager no longer considers failure to set the stable secret to
be a fatal error.

Once all interested devices have adopted the vendor sepolicy,
this policy can safely be reinstated by reverting said vendor
sepolicies in internal master.

This reverts commit abb1ba6532.

Bug: 17613910
Test: bullhead builds, boots, connects to wifi
Change-Id: Idffcf78491171c54bca9f93cb920eab9b1c47709
This commit is contained in:
Lorenzo Colitti 2017-07-11 02:35:35 +09:00
parent 64cad7bb94
commit 9fa11b771b
3 changed files with 0 additions and 11 deletions

View file

@ -50,7 +50,6 @@ persist.logd.logpersistd u:object_r:logpersistd_logging_prop:s0
logd.logpersistd u:object_r:logpersistd_logging_prop:s0
persist.log.tag u:object_r:log_tag_prop:s0
persist.mmc. u:object_r:mmc_prop:s0
persist.netd.stable_secret u:object_r:netd_stable_secret_prop:s0
persist.sys. u:object_r:system_prop:s0
persist.sys.safemode u:object_r:safemode_prop:s0
ro.sys.safemode u:object_r:safemode_prop:s0

View file

@ -62,7 +62,6 @@ allow netd dnsmasq:process signal;
allow netd clatd:process signal;
set_prop(netd, ctl_mdnsd_prop)
set_prop(netd, netd_stable_secret_prop)
# Allow netd to publish a binder service and make binder calls.
binder_use(netd)
@ -109,11 +108,3 @@ neverallow netd { app_data_file system_data_file }:dir_file_class_set write;
neverallow { domain -system_server -dumpstate -netd } netd_service:service_manager find;
neverallow { domain -system_server -dumpstate } netd:binder call;
neverallow netd { domain -system_server -servicemanager userdebug_or_eng(`-su') }:binder call;
# persist.netd.stable_secret contains RFC 7217 secret key which should never be
# leaked to other processes. Make sure it never leaks.
neverallow { domain -netd -init } netd_stable_secret_prop:file r_file_perms;
# We want to ensure that no other process ever tries tampering with persist.netd.stable_secret,
# the RFC 7217 secret key managed by netd. Doing so could compromise user privacy.
neverallow { domain -netd -init } netd_stable_secret_prop:property_service set;

View file

@ -30,7 +30,6 @@ type log_tag_prop, property_type, log_property_type;
type mmc_prop, property_type;
type net_dns_prop, property_type;
type net_radio_prop, property_type, core_property_type;
type netd_stable_secret_prop, property_type;
type nfc_prop, property_type, core_property_type;
type overlay_prop, property_type;
type pan_result_prop, property_type, core_property_type;