Neverallow unexpected domains to access bluetooth_prop and wifi_prop
And this CL will remove unnecessary vendor-init exceptions for nfc_prop
and radio_prop as well.
Bug: 77633703
Test: succeeded building and tested with Pixels
Change-Id: I468b8fd907c6408f51419cfb58eb2b8da29118ae
Merged-In: I468b8fd907c6408f51419cfb58eb2b8da29118ae
(cherry picked from commit 41e42d63fe)
This commit is contained in:
Jaekyun Seok
parent
8ace003930
commit
dce86b3cc6
1 changed files with 65 additions and 4 deletions
|
|
@ -154,7 +154,6 @@ compatible_property_only(`
|
|||
-coredomain
|
||||
-appdomain
|
||||
-hal_nfc_server
|
||||
-vendor_init
|
||||
} {
|
||||
nfc_prop
|
||||
}:property_service set;
|
||||
|
|
@ -167,11 +166,57 @@ compatible_property_only(`
|
|||
-vendor_init
|
||||
} {
|
||||
exported_radio_prop
|
||||
exported2_radio_prop
|
||||
exported3_radio_prop
|
||||
}:property_service set;
|
||||
|
||||
neverallow {
|
||||
domain
|
||||
-coredomain
|
||||
-appdomain
|
||||
-hal_telephony_server
|
||||
} {
|
||||
exported2_radio_prop
|
||||
radio_prop
|
||||
}:property_service set;
|
||||
|
||||
neverallow {
|
||||
domain
|
||||
-coredomain
|
||||
-bluetooth
|
||||
-hal_bluetooth
|
||||
} {
|
||||
bluetooth_prop
|
||||
}:property_service set;
|
||||
|
||||
neverallow {
|
||||
domain
|
||||
-coredomain
|
||||
-bluetooth
|
||||
-hal_bluetooth
|
||||
-vendor_init
|
||||
} {
|
||||
exported_bluetooth_prop
|
||||
}:property_service set;
|
||||
|
||||
neverallow {
|
||||
domain
|
||||
-coredomain
|
||||
-hal_wifi
|
||||
-wificond
|
||||
} {
|
||||
wifi_prop
|
||||
}:property_service set;
|
||||
|
||||
neverallow {
|
||||
domain
|
||||
-coredomain
|
||||
-hal_wifi
|
||||
-wificond
|
||||
-vendor_init
|
||||
} {
|
||||
exported_wifi_prop
|
||||
}:property_service set;
|
||||
|
||||
# Prevent properties from being read
|
||||
neverallow {
|
||||
domain
|
||||
|
|
@ -200,7 +245,6 @@ compatible_property_only(`
|
|||
-coredomain
|
||||
-appdomain
|
||||
-hal_nfc_server
|
||||
-vendor_init
|
||||
} {
|
||||
nfc_prop
|
||||
}:file no_rw_file_perms;
|
||||
|
|
@ -210,8 +254,25 @@ compatible_property_only(`
|
|||
-coredomain
|
||||
-appdomain
|
||||
-hal_telephony_server
|
||||
-vendor_init
|
||||
} {
|
||||
radio_prop
|
||||
}:file no_rw_file_perms;
|
||||
|
||||
neverallow {
|
||||
domain
|
||||
-coredomain
|
||||
-bluetooth
|
||||
-hal_bluetooth
|
||||
} {
|
||||
bluetooth_prop
|
||||
}:file no_rw_file_perms;
|
||||
|
||||
neverallow {
|
||||
domain
|
||||
-coredomain
|
||||
-hal_wifi
|
||||
-wificond
|
||||
} {
|
||||
wifi_prop
|
||||
}:file no_rw_file_perms;
|
||||
')
|
||||
|
|
|
|||
Loading…
Reference in a new issue