From 0f5ad4e593c8e87845fd0d90f5276bf0f47b45f0 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Fri, 17 Nov 2017 11:16:22 -0800
Subject: [PATCH] Allow AOSP processes to read pm_prop

Exclude vendor processes.

Bug: 69309298
Test: cts-tradefed run cts -m CtsCompilationTestCases
    completed in 33s. 5 passed, 0 failed
Test: runtest frameworks-services -c \
    com.android.server.pm.dex.DexoptOptionsTests \
    --install=".*FrameworksServicesTests.apk"
    OK (5 tests)

Change-Id: Ic02caf373e2214b4b931a724ca8d4f4effbc0741
---
 private/coredomain.te | 1 +
 public/domain.te      | 4 ++++
 2 files changed, 5 insertions(+)
 create mode 100644 private/coredomain.te

diff --git a/private/coredomain.te b/private/coredomain.te
new file mode 100644
index 000000000..0ca491365
--- /dev/null
+++ b/private/coredomain.te
@@ -0,0 +1 @@
+get_prop(coredomain, pm_prop)
diff --git a/public/domain.te b/public/domain.te
index d283006e3..6852d9d11 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -450,6 +450,10 @@ neverallow * hidl_base_hwservice:hwservice_manager find;
 neverallow { domain -init } default_prop:property_service set;
 neverallow { domain -init } mmc_prop:property_service set;
 
+# Only core domains are allowed to access package_manager properties
+neverallow { domain -init -system_server } pm_prop:property_service set;
+neverallow { domain -coredomain } pm_prop:file no_rw_file_perms;
+
 # Do not allow reading device's serial number from system properties except form
 # a few whitelisted domains.
 neverallow {
-- 
GitLab