Merge "dontaudit crosvm reading VM's pipe"
This commit is contained in:
Treehugger Robot
Gerrit Code Review
commit
fa767b0e4a
1 changed files with 6 additions and 1 deletions
|
|
@ -16,7 +16,7 @@ tmpfs_domain(crosvm)
|
|||
# Let crosvm receive file descriptors from VirtualizationService.
|
||||
allow crosvm virtualizationmanager:fd use;
|
||||
|
||||
# Allow sending VirtualizationService the failure reason from the VM via pipe.
|
||||
# Allow sending VirtualizationService the failure reason and console/log from the VM via pipe.
|
||||
allow crosvm virtualizationmanager:fifo_file write;
|
||||
|
||||
# Let crosvm read the composite disk images (virtualizationservice_data_file), APEXes
|
||||
|
|
@ -74,6 +74,11 @@ dontaudit crosvm self:netlink_generic_socket create_socket_perms_no_ioctl;
|
|||
# when the vm is created by the `vm` tool) and handed over to crosvm as FD.
|
||||
allow crosvm shell_data_file:file write;
|
||||
|
||||
# crosvm tries to read serial device, including the write-only pipe from virtualizationmanager (to
|
||||
# forward console/log to the host logcat).
|
||||
# crosvm only needs write permission, so dontaudit read
|
||||
dontaudit crosvm virtualizationmanager:fifo_file read;
|
||||
|
||||
# Don't allow crosvm to open files that it doesn't own.
|
||||
# This is important because a malicious application could try to start a VM with a composite disk
|
||||
# image referring by name to files which it doesn't have permission to open, trying to get crosvm to
|
||||
|
|
|
|||
Loading…
Reference in a new issue