tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/private/crash_dump.te
Nick Kralevich 095fbea563 Strengthen ptrace neverallow rules 
Add additional compile time constraints on the ability to ptrace various
sensitive domains.

llkd: remove some domains which llkd should never ptrace, even on
debuggable builds, such as kernel threads and init.

crash_dump neverallows: Remove the ptrace neverallow checks because
it duplicates other neverallow assertions spread throughout the policy.

Test: policy compiles and device boots
Change-Id: Ia4240d1ce7143b983bb048e046bb4729d0af5a6e
2018-09-14 18:32:20 +00:00

41 lines
739 B
Text
Raw Blame History

typeattribute crash_dump coredomain;
allow crash_dump {
domain
-bpfloader
-crash_dump
-init
-kernel
-keystore
-llkd
-logd
-ueventd
-vendor_init
-vold
}:process { ptrace signal sigchld sigstop sigkill };
userdebug_or_eng(`
allow crash_dump { llkd logd }:process { ptrace signal sigchld sigstop sigkill };
')
###
### neverallow assertions
###
# ptrace neverallow assertions are spread throughout the other policy
# files, so we avoid adding redundant assertions here
neverallow crash_dump {
bpfloader
init
kernel
keystore
llkd
userdebug_or_eng(`-llkd')
logd
userdebug_or_eng(`-logd')
ueventd
vendor_init
vold
}:process { signal sigstop sigkill };
neverallow crash_dump self:process ptrace;
Reference in a new issue View git blame Copy permalink