Something went wrong on our end
-
Nick Kralevich authoredsystem/core commit 6a70ded7bfa8914aaa3dc25630ff2713ae893f80 (later amended by 107e29ac1b1c297a0d4ee35c4978e79f47013e2c indicated that logd doesn't want it's memory accessible by anyone else. Unfortunately, setting DUMPABLE isn't sufficient against a root level process such with ptrace. Only one such process exists, "debuggerd". Block debuggerd from accessing logd's memory on user builds. Userdebug and eng builds are unaffected. Add a neverallow rule (compile time assertion + CTS test) to prevent regressions. Bug: 32450474 Test: Policy compiles. Change-Id: Ie90850cd91846a43adaa0871d239f894a0c94d38
Nick Kralevich authoredsystem/core commit 6a70ded7bfa8914aaa3dc25630ff2713ae893f80 (later amended by 107e29ac1b1c297a0d4ee35c4978e79f47013e2c indicated that logd doesn't want it's memory accessible by anyone else. Unfortunately, setting DUMPABLE isn't sufficient against a root level process such with ptrace. Only one such process exists, "debuggerd". Block debuggerd from accessing logd's memory on user builds. Userdebug and eng builds are unaffected. Add a neverallow rule (compile time assertion + CTS test) to prevent regressions. Bug: 32450474 Test: Policy compiles. Change-Id: Ie90850cd91846a43adaa0871d239f894a0c94d38