From 1d0bb522217f6b4e5ade5221434681490910fabd Mon Sep 17 00:00:00 2001 From: Nick Kralevich <nnk@google.com> Date: Mon, 15 May 2017 12:04:46 -0700 Subject: [PATCH] DO NOT MERGE: domain.te: Drop appdomain transition neverallow assertion Commit c5266df925169b959977d3fa03b4b369253db837 (Android 7.1) introduced a new neverallow rule which required that the only way you could become an appdomain was to have been spawned from zygote or run-as. # Only domains spawned from zygote and runas may have the appdomain attribute. neverallow { domain -runas -zygote } { appdomain -shell userdebug_or_eng(`-su') }:process { transition dyntransition }; This change was backported to Android 7.0 in commit eedacf8341aaa127411f246a653c618d9dde4f5e as part of the relaxation of another neverallow rule. As a general rule, the introduction of new neverallow rules in older Android releases causes pain and unscheduled engineering work for our partners. As a result, we try to avoid making such changes. Partially revert eedacf8341aaa127411f246a653c618d9dde4f5e, specifically the part that introduced a new neverallow rule. This revert is intended for Android 7.0 ONLY, and should not be applied to newer Android releases. Bug: 37418998 Change-Id: I4c2eb30000b230d22d8dbc3b1309a5b63f9f95c9 --- domain.te | 5 ----- 1 file changed, 5 deletions(-) diff --git a/domain.te b/domain.te index a853b3a3d..2fae728dd 100644 --- a/domain.te +++ b/domain.te @@ -483,11 +483,6 @@ neverallow { -zygote } shell:process { transition dyntransition }; -# Only domains spawned from zygote and runas may have the appdomain attribute. -neverallow { domain -runas -zygote } { - appdomain -shell userdebug_or_eng(`-su') -bluetooth -}:process { transition dyntransition }; - # Minimize read access to shell- or app-writable symlinks. # This is to prevent malicious symlink attacks. neverallow { -- GitLab