crash_dump: disallow ptrace of TCB components

Remove permissions and add neverallow assertion. (cherry picked from commit f1554f1588eab05eca7eb7ccba41d5955a563837) Bug: 110107376 Test: kill -6 <components excluded from ptrace> Change-Id: I2dc872f5c02749fbaf8ca6bc7e3e38404151442c

crash_dump: disallow ptrace of TCB components
08aa7159 · Jeff Vander Stoep · Nick Kralevich · ed16534e · 08aa7159 · 08aa7159
Commit 08aa7159 authored 6 years ago by Jeff Vander Stoep Committed by Nick Kralevich 6 years ago
--- a/private/crash_dump.te
+++ b/private/crash_dump.te
 typeattribute crash_dump coredomain;
+
+allow crash_dump {
+  domain
+  -bpfloader
+  -crash_dump
+  -init
+  -kernel
+  -keystore
+  -logd
+  -ueventd
+  -vendor_init
+  -vold
+}:process { ptrace signal sigchld sigstop sigkill };
+
+neverallow crash_dump {
+  bpfloader
+  init
+  kernel
+  keystore
+  logd
+  userdebug_or_eng(`-logd')
+  ueventd
+  vendor_init
+  vold
+}:process { ptrace signal sigstop sigkill };
--- a/public/crash_dump.te
+++ b/public/crash_dump.te
 type crash_dump, domain;
 type crash_dump_exec, exec_type, file_type;

-allow crash_dump {
-  domain
-  -init
-  -crash_dump
-  -keystore
-  -logd
-}:process { ptrace signal sigchld sigstop sigkill };
-
 # crash_dump might inherit CAP_SYS_PTRACE from a privileged process,
 # which will result in an audit log even when it's allowed to trace.
 dontaudit crash_dump self:global_capability_class_set { sys_ptrace };