6a28b68d54
Commit 7688161
"hal_*_(client|server) => hal(client|server)domain"
added neverallow rules on hal_*_client attributes while simultaneously
expanding these attribute which causes them to fail CTS neverallow
tests. Remove these neverallow rules as they do not impose specific
security properties that we want to enforce.
Modify Other neverallow failures which were imposed on hal_foo
attributes and should have been enforced on hal_foo_server attributes
instead.
Bug: 69566734
Test: cts-tradefed run cts -m CtsSecurityHostTestCases -t \
android.cts.security.SELinuxNeverallowRulesTest
CtsSecurityHostTestCases completed in 7s. 627 passed, 1 failed
remaining failure appears to be caused by b/68133473
Test: build taimen-user/userdebug
Change-Id: I619e71529e078235ed30dc06c60e6e448310fdbc
32 lines
1.3 KiB
Text
32 lines
1.3 KiB
Text
# HwBinder IPC from clients to server and callbacks
|
|
binder_call(hal_camera_client, hal_camera_server)
|
|
binder_call(hal_camera_server, hal_camera_client)
|
|
|
|
add_hwservice(hal_camera_server, hal_camera_hwservice)
|
|
allow hal_camera_client hal_camera_hwservice:hwservice_manager find;
|
|
|
|
allow hal_camera video_device:dir r_dir_perms;
|
|
allow hal_camera video_device:chr_file rw_file_perms;
|
|
allow hal_camera camera_device:chr_file rw_file_perms;
|
|
allow hal_camera ion_device:chr_file rw_file_perms;
|
|
# Both the client and the server need to use the graphics allocator
|
|
allow { hal_camera_client hal_camera_server } hal_graphics_allocator:fd use;
|
|
|
|
# Allow hal_camera to use fd from app,gralloc,and ashmem HAL
|
|
allow hal_camera { appdomain -isolated_app }:fd use;
|
|
allow hal_camera surfaceflinger:fd use;
|
|
allow hal_camera hal_allocator_server:fd use;
|
|
|
|
###
|
|
### neverallow rules
|
|
###
|
|
|
|
# hal_camera should never execute any executable without a
|
|
# domain transition
|
|
neverallow hal_camera_server { file_type fs_type }:file execute_no_trans;
|
|
|
|
# hal_camera should never need network access. Disallow network sockets.
|
|
neverallow hal_camera_server domain:{ tcp_socket udp_socket rawip_socket } *;
|
|
|
|
# Only camera HAL may directly access the camera hardware
|
|
neverallow { halserverdomain -hal_camera_server } camera_device:chr_file *;
|