Merge "sepolicy: allow system server for BINDER_GET_FROZEN_INFO" am: 7be9e9e372

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1426049

Change-Id: I95d9f703df8b5f76b0b64fb0407f8833d9d3c0d2

private/system_server.te

@@ -1012,8 +1012,8 @@ get_prop(system_server, system_lmk_prop)
 
 get_prop(system_server, wifi_config_prop)
 
-# Only system server can access BINDER_FREEZE
+# Only system server can access BINDER_FREEZE and BINDER_GET_FROZEN_INFO
-allowxperm system_server binder_device:chr_file ioctl { BINDER_FREEZE };
+allowxperm system_server binder_device:chr_file ioctl { BINDER_FREEZE BINDER_GET_FROZEN_INFO };
 
 ###
 ### Neverallow rules
@@ -1236,4 +1236,6 @@ neverallow {
 
 # BINDER_FREEZE is used to block ipc transactions to frozen processes, so it
 # can be accessed by system_server only (b/143717177)
-neverallowxperm { domain -system_server } binder_device:chr_file ioctl { BINDER_FREEZE };
+# BINDER_GET_FROZEN_INFO is used by system_server to determine the state of a frozen binder
+# interface
+neverallowxperm { domain -system_server } binder_device:chr_file ioctl { BINDER_FREEZE BINDER_GET_FROZEN_INFO };

public/ioctl_defines

@@ -133,6 +133,7 @@ define(`BC_REPLY', `0x40406301')
 define(`BC_REQUEST_DEATH_NOTIFICATION', `0x400c630e')
 define(`BC_TRANSACTION', `0x40406300')
 define(`BINDER_FREEZE', `0x400c620e')
+define(`BINDER_GET_FROZEN_INFO', `0xc00c620f')
 define(`BINDER_GET_NODE_DEBUG_INFO', `0xc018620b')
 define(`BINDER_GET_NODE_INFO_FOR_REF', `0xc018620c')
 define(`BINDER_SET_CONTEXT_MGR', `0x40046207')