Sepolicy: Allow crash_dump to ptrace apexd in userdebug

In userdebug, for better diagnostics, allow crash_dump to "connect to" apexd. Considering apexd is quite powerful, user devices remain restricted. Bug: 118771487 Test: m Change-Id: Id42bd2ad7505cd5578138bfccd8840acba9a334d
2019-03-05 08:36:36 -08:00 · 2019-03-05 08:36:36 -08:00 · efece54e06
commit efece54e06
parent 3fbd303d1c
2 changed files with 4 additions and 2 deletions
--- a/private/crash_dump.te
+++ b/private/crash_dump.te
@ -18,7 +18,7 @@ allow crash_dump {
  -vold
 }:process { ptrace signal sigchld sigstop sigkill };
 userdebug_or_eng(`
-  allow crash_dump { llkd logd vold }:process { ptrace signal sigchld sigstop sigkill };
+  allow crash_dump { apexd llkd logd vold }:process { ptrace signal sigchld sigstop sigkill };
 ')

 ###
@ -29,6 +29,8 @@ userdebug_or_eng(`
 # files, so we avoid adding redundant assertions here

 neverallow crash_dump {
+  apexd
+  userdebug_or_eng(`-apexd')
  bpfloader
  init
  kernel
--- a/public/apexd.te
+++ b/public/apexd.te
@ -9,7 +9,7 @@ set_prop(apexd, apexd_prop)
 neverallow { domain -init -apexd -system_server } apex_service:service_manager find;
 neverallow { domain -init -apexd -system_server } apexd:binder call;

-neverallow domain apexd:process ptrace;
+neverallow { domain userdebug_or_eng(`-crash_dump') } apexd:process ptrace;

 # only apexd can set apexd sysprop
 neverallow { domain -apexd -init } apexd_prop:property_service set;