Disallow microdroid from running arbitrary domains
Test: atest MicrodroidHostTestCases Test: atest ComposHostTestCases Change-Id: I43bf09d85efa4276e929babd854c49ccedfd8058
This commit is contained in:
parent
7560aed40a
commit
a89d6aa301
1 changed files with 4 additions and 9 deletions
|
@ -15,12 +15,6 @@ allow microdroid_manager vd_device:blk_file r_file_perms;
|
||||||
domain_auto_trans(microdroid_manager, microdroid_app_exec, microdroid_app)
|
domain_auto_trans(microdroid_manager, microdroid_app_exec, microdroid_app)
|
||||||
domain_auto_trans(microdroid_manager, compos_exec, compos)
|
domain_auto_trans(microdroid_manager, compos_exec, compos)
|
||||||
|
|
||||||
# Let microdroid_manager exec other files (e.g. payload command) in the same domain.
|
|
||||||
# TODO(b/189706019) we need to a domain for the app process.
|
|
||||||
allow microdroid_manager system_file:file execute_no_trans;
|
|
||||||
# Until then, allow microdroid_manager to execute the shell or other system executables.
|
|
||||||
allow microdroid_manager {shell_exec toolbox_exec}:file rx_file_perms;
|
|
||||||
|
|
||||||
# Let microdroid_manager kernel-log.
|
# Let microdroid_manager kernel-log.
|
||||||
allow microdroid_manager kmsg_device:chr_file w_file_perms;
|
allow microdroid_manager kmsg_device:chr_file w_file_perms;
|
||||||
|
|
||||||
|
@ -28,11 +22,12 @@ allow microdroid_manager kmsg_device:chr_file w_file_perms;
|
||||||
set_prop(microdroid_manager, vmsecret_keymint_prop);
|
set_prop(microdroid_manager, vmsecret_keymint_prop);
|
||||||
|
|
||||||
# Let microdroid_manager read a config file from /mnt/apk (fusefs)
|
# Let microdroid_manager read a config file from /mnt/apk (fusefs)
|
||||||
# TODO(b/188400186) remove the below two rules
|
# TODO(b/188400186) remove the below rule
|
||||||
userdebug_or_eng(`
|
userdebug_or_eng(`
|
||||||
allow microdroid_manager fuse:dir r_dir_perms;
|
r_dir_file(microdroid_manager, fuse)
|
||||||
allow microdroid_manager fuse:file rx_file_perms;
|
|
||||||
')
|
')
|
||||||
|
|
||||||
# Let microdroid_manager to create a vsock connection back to the host VM
|
# Let microdroid_manager to create a vsock connection back to the host VM
|
||||||
allow microdroid_manager self:vsock_socket { create_socket_perms_no_ioctl };
|
allow microdroid_manager self:vsock_socket { create_socket_perms_no_ioctl };
|
||||||
|
|
||||||
|
neverallow microdroid_manager { file_type fs_type }:file execute_no_trans;
|
||||||
|
|
Loading…
Reference in a new issue