b99676eece
Temporary attribute (checked against in CTS) to point out vendor
processes that run /system executables. These are currently only down to
2-3 of them that are related to telephony on sailfish
Bug: 36463595
Test: Build succeeds for sailfish
Test: ./cts-tradefed run cts -m CtsSecurityHostTestCases -t \
android.security.cts.SELinuxHostTest#testNoExemptionsForVendorExecutingCore \
--skip-device-info --skip-preconditions --skip-connectivity-check \
--abi arm64-v8a
Change-Id: I9eb40ad259aefba73869d6a1b40186d33fa475dd
Signed-off-by: Sandeep Patil <sspatil@google.com>
259 lines
7.4 KiB
Text
259 lines
7.4 KiB
Text
######################################
|
|
# Attribute declarations
|
|
#
|
|
|
|
# All types used for devices.
|
|
# On change, update CHECK_FC_ASSERT_ATTRS
|
|
# in tools/checkfc.c
|
|
attribute dev_type;
|
|
|
|
# All types used for processes.
|
|
attribute domain;
|
|
|
|
# Temporary attribute used for migrating permissions out of domain.
|
|
# Motivation: Domain is overly permissive. Start removing permissions
|
|
# from domain and assign them to the domain_deprecated attribute.
|
|
# Domain_deprecated and domain can initially be assigned to all
|
|
# domains. The goal is to not assign domain_deprecated to new domains
|
|
# and to start removing domain_deprecated where it's not required or
|
|
# reassigning the appropriate permissions to the inheriting domain
|
|
# when necessary.
|
|
attribute domain_deprecated;
|
|
|
|
# All types used for filesystems.
|
|
# On change, update CHECK_FC_ASSERT_ATTRS
|
|
# definition in tools/checkfc.c.
|
|
attribute fs_type;
|
|
|
|
# All types used for context= mounts.
|
|
attribute contextmount_type;
|
|
|
|
# All types used for files that can exist on a labeled fs.
|
|
# Do not use for pseudo file types.
|
|
# On change, update CHECK_FC_ASSERT_ATTRS
|
|
# definition in tools/checkfc.c.
|
|
attribute file_type;
|
|
|
|
# All types used for domain entry points.
|
|
attribute exec_type;
|
|
|
|
# All types used for /data files.
|
|
attribute data_file_type;
|
|
# All types in /data, not in /data/vendor
|
|
attribute core_data_file_type;
|
|
# All types in /vendor
|
|
attribute vendor_file_type;
|
|
|
|
# All types use for sysfs files.
|
|
attribute sysfs_type;
|
|
|
|
# All types use for debugfs files.
|
|
attribute debugfs_type;
|
|
|
|
# Attribute used for all sdcards
|
|
attribute sdcard_type;
|
|
|
|
# All types used for nodes/hosts.
|
|
attribute node_type;
|
|
|
|
# All types used for network interfaces.
|
|
attribute netif_type;
|
|
|
|
# All types used for network ports.
|
|
attribute port_type;
|
|
|
|
# All types used for property service
|
|
# On change, update CHECK_PC_ASSERT_ATTRS
|
|
# definition in tools/checkfc.c.
|
|
attribute property_type;
|
|
|
|
# All properties defined in core SELinux policy. Should not be
|
|
# used by device specific properties
|
|
attribute core_property_type;
|
|
|
|
# All properties used to configure log filtering.
|
|
attribute log_property_type;
|
|
|
|
# All service_manager types created by system_server
|
|
attribute system_server_service;
|
|
|
|
# services which should be available to all but isolated apps
|
|
attribute app_api_service;
|
|
|
|
# services which should be available to all ephemeral apps
|
|
attribute ephemeral_app_api_service;
|
|
|
|
# services which export only system_api
|
|
attribute system_api_service;
|
|
|
|
# All types used for services managed by servicemanager.
|
|
# On change, update CHECK_SC_ASSERT_ATTRS
|
|
# definition in tools/checkfc.c.
|
|
attribute service_manager_type;
|
|
|
|
# All types used for services managed by hwservicemanager
|
|
attribute hwservice_manager_type;
|
|
|
|
# All types used for services managed by vndservicemanager
|
|
attribute vndservice_manager_type;
|
|
|
|
|
|
# All domains that can override MLS restrictions.
|
|
# i.e. processes that can read up and write down.
|
|
attribute mlstrustedsubject;
|
|
|
|
# All types that can override MLS restrictions.
|
|
# i.e. files that can be read by lower and written by higher
|
|
attribute mlstrustedobject;
|
|
|
|
# All domains used for apps.
|
|
attribute appdomain;
|
|
|
|
# All third party apps.
|
|
attribute untrusted_app_all;
|
|
|
|
# All domains used for apps with network access.
|
|
attribute netdomain;
|
|
|
|
# All domains used for apps with bluetooth access.
|
|
attribute bluetoothdomain;
|
|
|
|
# All domains used for binder service domains.
|
|
attribute binderservicedomain;
|
|
|
|
# update_engine related domains that need to apply an update and run
|
|
# postinstall. This includes the background daemon and the sideload tool from
|
|
# recovery for A/B devices.
|
|
attribute update_engine_common;
|
|
|
|
# All core domains (as opposed to vendor/device-specific domains)
|
|
attribute coredomain;
|
|
|
|
# All socket devices owned by core domain components
|
|
attribute coredomain_socket;
|
|
|
|
# All vendor domains which violate the requirement of not using Binder
|
|
# TODO(b/35870313): Remove this once there are no violations
|
|
attribute binder_in_vendor_violators;
|
|
|
|
# All vendor domains which violate the requirement of not using sockets for
|
|
# communicating with core components
|
|
# TODO(b/36577153): Remove this once there are no violations
|
|
attribute socket_between_core_and_vendor_violators;
|
|
|
|
# All vendor domains which violate the requirement of not executing
|
|
# system processes
|
|
# TODO(b/36463595)
|
|
attribute vendor_executes_system_violators;
|
|
|
|
# All HAL servers
|
|
attribute halserverdomain;
|
|
# All HAL clients
|
|
attribute halclientdomain;
|
|
|
|
# HALs
|
|
attribute hal_allocator;
|
|
attribute hal_allocator_client;
|
|
attribute hal_allocator_server;
|
|
attribute hal_audio;
|
|
attribute hal_audio_client;
|
|
attribute hal_audio_server;
|
|
attribute hal_bluetooth;
|
|
attribute hal_bluetooth_client;
|
|
attribute hal_bluetooth_server;
|
|
attribute hal_bootctl;
|
|
attribute hal_bootctl_client;
|
|
attribute hal_bootctl_server;
|
|
attribute hal_camera;
|
|
attribute hal_camera_client;
|
|
attribute hal_camera_server;
|
|
attribute hal_configstore;
|
|
attribute hal_configstore_client;
|
|
attribute hal_configstore_server;
|
|
attribute hal_contexthub;
|
|
attribute hal_contexthub_client;
|
|
attribute hal_contexthub_server;
|
|
attribute hal_drm;
|
|
attribute hal_drm_client;
|
|
attribute hal_drm_server;
|
|
attribute hal_dumpstate;
|
|
attribute hal_dumpstate_client;
|
|
attribute hal_dumpstate_server;
|
|
attribute hal_fingerprint;
|
|
attribute hal_fingerprint_client;
|
|
attribute hal_fingerprint_server;
|
|
attribute hal_gatekeeper;
|
|
attribute hal_gatekeeper_client;
|
|
attribute hal_gatekeeper_server;
|
|
attribute hal_gnss;
|
|
attribute hal_gnss_client;
|
|
attribute hal_gnss_server;
|
|
attribute hal_graphics_allocator;
|
|
attribute hal_graphics_allocator_client;
|
|
attribute hal_graphics_allocator_server;
|
|
attribute hal_graphics_composer;
|
|
attribute hal_graphics_composer_client;
|
|
attribute hal_graphics_composer_server;
|
|
attribute hal_health;
|
|
attribute hal_health_client;
|
|
attribute hal_health_server;
|
|
attribute hal_ir;
|
|
attribute hal_ir_client;
|
|
attribute hal_ir_server;
|
|
attribute hal_keymaster;
|
|
attribute hal_keymaster_client;
|
|
attribute hal_keymaster_server;
|
|
attribute hal_light;
|
|
attribute hal_light_client;
|
|
attribute hal_light_server;
|
|
attribute hal_memtrack;
|
|
attribute hal_memtrack_client;
|
|
attribute hal_memtrack_server;
|
|
attribute hal_nfc;
|
|
attribute hal_nfc_client;
|
|
attribute hal_nfc_server;
|
|
attribute hal_power;
|
|
attribute hal_power_client;
|
|
attribute hal_power_server;
|
|
attribute hal_sensors;
|
|
attribute hal_sensors_client;
|
|
attribute hal_sensors_server;
|
|
attribute hal_telephony;
|
|
attribute hal_telephony_client;
|
|
attribute hal_telephony_server;
|
|
attribute hal_thermal;
|
|
attribute hal_thermal_client;
|
|
attribute hal_thermal_server;
|
|
attribute hal_tv_cec;
|
|
attribute hal_tv_cec_client;
|
|
attribute hal_tv_cec_server;
|
|
attribute hal_tv_input;
|
|
attribute hal_tv_input_client;
|
|
attribute hal_tv_input_server;
|
|
attribute hal_usb;
|
|
attribute hal_usb_client;
|
|
attribute hal_usb_server;
|
|
attribute hal_vibrator;
|
|
attribute hal_vibrator_client;
|
|
attribute hal_vibrator_server;
|
|
attribute hal_vr;
|
|
attribute hal_vr_client;
|
|
attribute hal_vr_server;
|
|
attribute hal_wifi;
|
|
attribute hal_wifi_client;
|
|
attribute hal_wifi_server;
|
|
attribute hal_wifi_keystore;
|
|
attribute hal_wifi_keystore_client;
|
|
attribute hal_wifi_keystore_server;
|
|
attribute hal_wifi_supplicant;
|
|
attribute hal_wifi_supplicant_client;
|
|
attribute hal_wifi_supplicant_server;
|
|
|
|
# HwBinder services offered across the core-vendor boundary
|
|
#
|
|
# We annotate server domains with x_server to loosen the coupling between
|
|
# system and vendor images. For example, it should be possible to move a service
|
|
# from one core domain to another, without having to update the vendor image
|
|
# which contains clients of this service.
|
|
|
|
attribute wifi_keystore_service_server;
|