75806ef3c5
Ideally, public should only contain APIs (types / attributes) for
vendor. The other statements like allow/neverallow/typeattributes are
regarded as implementation detail for platform and should be in private.
Bug: 232023812
Test: m selinux_policy
Test: diff <(git diff --staged | grep "^-" | cut -b2- | sort) \
<(git diff --staged | grep "^+" | cut -b2- | sort)
Test: remove comments on plat_sepolicy.cil, replace base_typeattr_*
to base_typeattr and then compare old and new plat_sepolicy.cil
Change-Id: I5e7d2da4465ab0216de6bacdf03077d37f6ffe12
31 lines
858 B
Text
31 lines
858 B
Text
typeattribute tombstoned coredomain;
|
|
|
|
init_daemon_domain(tombstoned)
|
|
|
|
get_prop(tombstoned, tombstone_config_prop)
|
|
|
|
# Write to arbitrary pipes given to us.
|
|
allow tombstoned domain:fd use;
|
|
allow tombstoned domain:fifo_file write;
|
|
|
|
allow tombstoned domain:dir r_dir_perms;
|
|
allow tombstoned domain:file r_file_perms;
|
|
allow tombstoned tombstone_data_file:dir rw_dir_perms;
|
|
allow tombstoned tombstone_data_file:file { create_file_perms link };
|
|
|
|
# Changes for the new stack dumping mechanism. Each trace goes into a
|
|
# separate file, and these files are managed by tombstoned.
|
|
allow tombstoned anr_data_file:dir rw_dir_perms;
|
|
allow tombstoned anr_data_file:file { append create getattr open link unlink };
|
|
|
|
###
|
|
### Neverallow rules
|
|
###
|
|
|
|
neverallow {
|
|
domain
|
|
-init
|
|
-vendor_init
|
|
-dumpstate
|
|
-tombstoned
|
|
} tombstone_config_prop:file no_rw_file_perms;
|