From 116a20fdb6d9033e82e0c2fd421e054cfbc8c3b3 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Wed, 5 Feb 2014 16:36:25 -0800
Subject: [PATCH] debuggerd: Allow "debug.db.uid" usage

Allow the use of debug.db.uid on userdebug / eng builds.
Setting this property allows debuggerd to suspend a process
if it detects a crash.

Make debug.db.uid only accessible to the su domain. This should
not be used on a user build.

Only support reading user input on userdebug / eng builds.

Steps to reproduce with the "crasher" program:

  adb root
  adb shell setprop debug.db.uid 20000
  mmm system/core/debuggerd
  adb sync
  adb shell crasher

Addresses the following denials:

<5>[  580.637442] type=1400 audit(1392412124.612:149): avc:  denied  { read } for  pid=182 comm="debuggerd" name="input" dev="tmpfs" ino=5665 scontext=u:r:debuggerd:s0 tcontext=u:object_r:input_device:s0 tclass=dir
<5>[  580.637589] type=1400 audit(1392412124.612:150): avc:  denied  { open } for  pid=182 comm="debuggerd" name="input" dev="tmpfs" ino=5665 scontext=u:r:debuggerd:s0 tcontext=u:object_r:input_device:s0 tclass=dir
<5>[  580.637706] type=1400 audit(1392412124.612:151): avc:  denied  { read write } for  pid=182 comm="debuggerd" name="event5" dev="tmpfs" ino=6723 scontext=u:r:debuggerd:s0 tcontext=u:object_r:input_device:s0 tclass=chr_file
<5>[  580.637823] type=1400 audit(1392412124.612:152): avc:  denied  { open } for  pid=182 comm="debuggerd" name="event5" dev="tmpfs" ino=6723 scontext=u:r:debuggerd:s0 tcontext=u:object_r:input_device:s0 tclass=chr_file
<5>[  580.637958] type=1400 audit(1392412124.612:153): avc:  denied  { ioctl } for  pid=182 comm="debuggerd" path="/dev/input/event5" dev="tmpfs" ino=6723 scontext=u:r:debuggerd:s0 tcontext=u:object_r:input_device:s0 tclass=chr_file

Bug: 12532622
Change-Id: I63486edb73efb1ca12e9eb1994ac9e389251a3f1
---
 debuggerd.te      | 5 +++++
 property.te       | 1 +
 property_contexts | 1 +
 su.te             | 1 +
 4 files changed, 8 insertions(+)

diff --git a/debuggerd.te b/debuggerd.te
index 738dac2b5..32bc185f0 100644
--- a/debuggerd.te
+++ b/debuggerd.te
@@ -24,5 +24,10 @@ allow debuggerd system_data_file:file open;
 # Connect to system_server via /data/system/ndebugsocket.
 unix_socket_connect(debuggerd, system_ndebug, system_server)
 
+userdebug_or_eng(`
+  allow debuggerd input_device:dir r_dir_perms;
+  allow debuggerd input_device:chr_file rw_file_perms;
+')
+
 # logd access
 read_logd(debuggerd)
diff --git a/property.te b/property.te
index 55888d115..9c6233c9e 100644
--- a/property.te
+++ b/property.te
@@ -1,6 +1,7 @@
 type default_prop, property_type;
 type shell_prop, property_type;
 type debug_prop, property_type;
+type debuggerd_prop, property_type;
 type radio_prop, property_type;
 type system_prop, property_type;
 type vold_prop, property_type;
diff --git a/property_contexts b/property_contexts
index 75c927f58..eb23a6d27 100644
--- a/property_contexts
+++ b/property_contexts
@@ -27,6 +27,7 @@ dhcp.                   u:object_r:system_prop:s0
 bluetooth.              u:object_r:bluetooth_prop:s0
 
 debug.                  u:object_r:debug_prop:s0
+debug.db.               u:object_r:debuggerd_prop:s0
 log.                    u:object_r:shell_prop:s0
 service.adb.root        u:object_r:shell_prop:s0
 service.adb.tcp.port    u:object_r:shell_prop:s0
diff --git a/su.te b/su.te
index 7b6899a21..1317fb2a2 100644
--- a/su.te
+++ b/su.te
@@ -16,6 +16,7 @@ userdebug_or_eng(`
   allow su self:process execmem;
   tmpfs_domain(su)
   allow su su_tmpfs:file execute;
+  allow su debuggerd_prop:property_service set;
 
   # su is also permissive to permit setenforce.
   permissive su;
-- 
GitLab