tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

make ril.cdma.inecmmode system property internal

Browse source 
so that it cannot reveal a system api that requires
READ_PRIVILEGED_PHONE_STATE

Bug: 183410189
Bug: 197722115
Test: adb shell getprop -Z
Change-Id: I65f4121fc300447af7d516676166bc8b0b53b727
Merged-In: I65f4121fc300447af7d516676166bc8b0b53b727
This commit is contained in:
Nazanin 2021-04-29 21:52:42 -07:00 committed by Beth Thibodeau
parent c5e8db55f9
commit b373dd0df2
4 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
private/app_neverallows.te
View file

@ -46,6 +46,9 @@ neverallow { all_untrusted_apps -mediaprovider } property_type:property_service
# net.dns properties are not a public API. Disallow untrusted apps from reading this property. # net.dns properties are not a public API. Disallow untrusted apps from reading this property.
neverallow { all_untrusted_apps } net_dns_prop:file read; neverallow { all_untrusted_apps } net_dns_prop:file read;
# radio_cdma_ecm_prop properties are not a public API. Disallow untrusted apps from reading this property.
neverallow { all_untrusted_apps } radio_cdma_ecm_prop:file read;
# Shared libraries created by trusted components within an app home # Shared libraries created by trusted components within an app home
# directory can be dlopen()ed. To maintain the W^X property, these files # directory can be dlopen()ed. To maintain the W^X property, these files
# must never be writable to the app. # must never be writable to the app.

1
private/property.te
View file

@ -29,6 +29,7 @@ system_internal_prop(odsign_prop)
system_internal_prop(perf_drop_caches_prop) system_internal_prop(perf_drop_caches_prop)
system_internal_prop(pm_prop) system_internal_prop(pm_prop)
system_internal_prop(profcollectd_node_id_prop) system_internal_prop(profcollectd_node_id_prop)
system_internal_prop(radio_cdma_ecm_prop)
system_internal_prop(rollback_test_prop) system_internal_prop(rollback_test_prop)
system_internal_prop(setupwizard_prop) system_internal_prop(setupwizard_prop)
system_internal_prop(snapuserd_prop) system_internal_prop(snapuserd_prop)

1
private/property_contexts
View file

@ -82,6 +82,7 @@ persist.heapprofd.enable u:object_r:heapprofd_enabled_prop:s0
persist.traced_perf.enable u:object_r:traced_perf_enabled_prop:s0 persist.traced_perf.enable u:object_r:traced_perf_enabled_prop:s0
persist.vendor.debug.wifi. u:object_r:persist_vendor_debug_wifi_prop:s0 persist.vendor.debug.wifi. u:object_r:persist_vendor_debug_wifi_prop:s0
persist.vendor.overlay. u:object_r:overlay_prop:s0 persist.vendor.overlay. u:object_r:overlay_prop:s0
ril.cdma.inecmmode u:object_r:radio_cdma_ecm_prop:s0 exact bool
ro.boot.vendor.overlay. u:object_r:overlay_prop:s0 ro.boot.vendor.overlay. u:object_r:overlay_prop:s0
ro.boottime. u:object_r:boottime_prop:s0 ro.boottime. u:object_r:boottime_prop:s0
ro.serialno u:object_r:serialno_prop:s0 ro.serialno u:object_r:serialno_prop:s0

1
private/radio.te
View file

@ -9,6 +9,7 @@ set_prop(radio, radio_control_prop)
set_prop(radio, radio_prop) set_prop(radio, radio_prop)
set_prop(radio, net_radio_prop) set_prop(radio, net_radio_prop)
set_prop(radio, telephony_status_prop) set_prop(radio, telephony_status_prop)
set_prop(radio, radio_cdma_ecm_prop)
# ctl interface # ctl interface
set_prop(radio, ctl_rildaemon_prop) set_prop(radio, ctl_rildaemon_prop)