35a1451430
Modify many "neverallow domain" rules to be "neverallow *" rules instead. This will catch more SELinux policy bugs where a label is assigned an irrelevant rule, as well as catch situations where a domain attribute is not assigned to a process. Change-Id: I5b83a2504c13b384f9dff616a70ca733b648ccdf
22 lines
759 B
Text
22 lines
759 B
Text
# sgdisk called from vold
|
|
type sgdisk, domain, domain_deprecated;
|
|
type sgdisk_exec, exec_type, file_type;
|
|
|
|
# Allowed to read/write low-level partition tables
|
|
allow sgdisk block_device:dir search;
|
|
allow sgdisk vold_device:blk_file rw_file_perms;
|
|
|
|
# Inherit and use pty created by android_fork_execvp()
|
|
allow sgdisk devpts:chr_file { read write ioctl getattr };
|
|
|
|
# Allow stdin/out back to vold
|
|
allow sgdisk vold:fd use;
|
|
allow sgdisk vold:fifo_file { read write getattr };
|
|
|
|
# Used to probe kernel to reload partition tables
|
|
allow sgdisk self:capability sys_admin;
|
|
|
|
# Only allow entry from vold
|
|
neverallow { domain -vold } sgdisk:process transition;
|
|
neverallow * sgdisk:process dyntransition;
|
|
neverallow sgdisk { file_type fs_type -sgdisk_exec }:file entrypoint;
|