Move mtectrl to private
Because mtectrl is a system internal domain, and we don't need to expose the type to vendor. Bug: 206895651 Test: build and boot Change-Id: Idb5c4a4c6f175e338722971944bf08ba99835476 Merged-In: Idb5c4a4c6f175e338722971944bf08ba99835476
This commit is contained in:
parent
949e1d0a76
commit
feae699152
5 changed files with 21 additions and 22 deletions
|
@ -86,7 +86,6 @@
|
|||
memtrackproxy_service
|
||||
mm_events_config_prop
|
||||
music_recognition_service
|
||||
mtectrl
|
||||
nfc_logs_data_file
|
||||
odrefresh
|
||||
odrefresh_exec
|
||||
|
|
|
@ -112,6 +112,26 @@ allow domain linkerconfig_file:file r_file_perms;
|
|||
# Allow all processes to check for the existence of the boringssl_self_test_marker files.
|
||||
allow domain boringssl_self_test_marker:dir search;
|
||||
|
||||
# No domains other than a select few can access the misc_block_device. This
|
||||
# block device is reserved for OTA use.
|
||||
# Do not assert this rule on userdebug/eng builds, due to some devices using
|
||||
# this partition for testing purposes.
|
||||
neverallow {
|
||||
domain
|
||||
userdebug_or_eng(`-domain') # exclude debuggable builds
|
||||
-fastbootd
|
||||
-hal_bootctl_server
|
||||
-init
|
||||
-uncrypt
|
||||
-update_engine
|
||||
-vendor_init
|
||||
-vendor_misc_writer
|
||||
-vold
|
||||
-recovery
|
||||
-ueventd
|
||||
-mtectrl
|
||||
} misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock };
|
||||
|
||||
# Limit ability to ptrace or read sensitive /proc/pid files of processes
|
||||
# with other UIDs to these allowlisted domains.
|
||||
neverallow {
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
# mtectrl is a tool to request MTE (Memory Tagging Extensions) from the bootloader.
|
||||
type mtectrl, domain, coredomain;
|
||||
type mtectrl_exec, system_file_type, exec_type, file_type;
|
||||
|
||||
init_daemon_domain(mtectrl)
|
||||
|
|
|
@ -610,26 +610,6 @@ neverallow {
|
|||
-update_engine
|
||||
} system_block_device:blk_file { write append };
|
||||
|
||||
# No domains other than a select few can access the misc_block_device. This
|
||||
# block device is reserved for OTA use.
|
||||
# Do not assert this rule on userdebug/eng builds, due to some devices using
|
||||
# this partition for testing purposes.
|
||||
neverallow {
|
||||
domain
|
||||
userdebug_or_eng(`-domain') # exclude debuggable builds
|
||||
-fastbootd
|
||||
-hal_bootctl_server
|
||||
-init
|
||||
-uncrypt
|
||||
-update_engine
|
||||
-vendor_init
|
||||
-vendor_misc_writer
|
||||
-vold
|
||||
-recovery
|
||||
-ueventd
|
||||
-mtectrl
|
||||
} misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock };
|
||||
|
||||
# Only (hw|vnd|)servicemanager should be able to register with binder as the context manager
|
||||
neverallow { domain -servicemanager -hwservicemanager -vndservicemanager } *:binder set_context_mgr;
|
||||
# The service managers are only allowed to access their own device node
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
type mtectrl, domain, coredomain;
|
Loading…
Reference in a new issue