Remove vndservice_manager object classes.

vndservicemanager is a copy of servicemanager, and so has the exact same properties. This should be reflected in the sharing of an object manager in SELinux policy, rather than creating a second one, which is effectively an attempt at namespacing based on object rather than type labels. hwservicemanager, however, provides different and additional functionality that may be reflected in changed permissions, though they currently map to the existing servicemanager permissions. Keep the new hwservice_manager object manager but remove the vndservice_manager one. Bug: 34454312 Bug: 36052864 Test: policy builds and device boots. Change-Id: I9e0c2757be4026101e32ba780f1fa67130cfa14e

Remove vndservice_manager object classes.
2f1c7ba7 · Dan Cashman · 5007c10a · 2f1c7ba7 · 2f1c7ba7 · 2f1c7ba7
Commit 2f1c7ba7 authored 7 years ago by Dan Cashman
--- a/private/access_vectors
+++ b/private/access_vectors
@@ -675,13 +675,6 @@ class hwservice_manager
 	list
 }

-class vndservice_manager
-{
-	add
-	find
-	list
-}
-
 class keystore_key
 {
 	get_state

--- a/private/security_classes
+++ b/private/security_classes
@@ -137,9 +137,6 @@ class service_manager           # userspace
 # hardware service manager      # userspace
 class hwservice_manager

-# vendor service manager        # userspace
-class vndservice_manager
-
 # Keystore Key
 class keystore_key              # userspace


--- a/public/domain.te
+++ b/public/domain.te
@@ -219,7 +219,7 @@ allow domain default_android_hwservice:hwservice_manager { add find };
 allow { domain -domain } hwservice_manager_type:hwservice_manager { add find };
 # Workaround for policy compiler being too aggressive and removing vndservice_manager_type
 # when it's not explicitly used in allow rules
-allow { domain -domain } vndservice_manager_type:vndservice_manager { add find };
+allow { domain -domain } vndservice_manager_type:service_manager { add find };

 ###
 ### neverallow rules
@@ -914,8 +914,17 @@ neverallow {
 } shell_data_file:file open;


-# servicemanager is the only process which handles list request
-neverallow * ~servicemanager:service_manager list;
+# servicemanager and vndservicemanager are the only processes which handle the
+# service_manager list request
+neverallow * ~{
+    servicemanager
+    vndservicemanager
+    }:service_manager list;
+
+# hwservicemanager is the only process which handles hw list requests
+neverallow * ~{
+    hwservicemanager
+    }:hwservice_manager list;

 # only service_manager_types can be added to service_manager
 # TODO - rework this: neverallow * ~service_manager_type:service_manager { add find };

--- a/public/su.te
+++ b/public/su.te
@@ -38,10 +38,10 @@ userdebug_or_eng(`
  dontaudit su property_type:file *;
  dontaudit su service_manager_type:service_manager *;
  dontaudit su hwservice_manager_type:hwservice_manager *;
-  dontaudit su vndservice_manager_type:vndservice_manager *;
+  dontaudit su vndservice_manager_type:service_manager *;
  dontaudit su servicemanager:service_manager list;
  dontaudit su hwservicemanager:hwservice_manager list;
-  dontaudit su vndservicemanager:vndservice_manager list;
+  dontaudit su vndservicemanager:service_manager list;
  dontaudit su keystore:keystore_key *;
  dontaudit su domain:drmservice *;
  dontaudit su unlabeled:filesystem *;