Remove ping domain.

ping in Android no longer requires any additional privileges beyond the caller. Drop the ping domain and executable file type entirely. Also add net_domain() to shell domain so that it can create and use network sockets. Change-Id: If51734abe572aecf8f510f1a55782159222e5a67 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

Remove ping domain.
396015c3 · Stephen Smalley · 5f290264 · 396015c3 · 396015c3 · 5f290264
Commit 396015c3 authored 11 years ago by Stephen Smalley
--- a/app.te
+++ b/app.te
@@ -67,7 +67,6 @@ allow appdomain system_data_file:file { execute execute_no_trans open };
 # Execute the shell or other system executables.
 allow appdomain shell_exec:file rx_file_perms;
 allow appdomain system_file:file rx_file_perms;
-allow appdomain ping_exec:file rx_file_perms;
 # Read/write wallpaper file (opened by system).
 allow appdomain wallpaper_file:file { read write };
@@ -268,7 +267,7 @@ neverallow { appdomain -unconfineddomain } { domain -appdomain }:process
    { sigkill sigstop signal };
 # Transition to a non-app domain.
-# Exception for the shell domain, can transition to runas, ping, etc.
+# Exception for the shell domain, can transition to runas, etc.
 neverallow { appdomain -shell -unconfineddomain } ~appdomain:process
    { transition dyntransition };

--- a/file_contexts
+++ b/file_contexts
@@ -142,7 +142,6 @@
 /system/etc/dhcpcd(/.*)? u:object_r:dhcp_system_file:s0
 /system/xbin/su		u:object_r:su_exec:s0
 /system/vendor/bin/gpsd u:object_r:gpsd_exec:s0
-/system/bin/ping    u:object_r:ping_exec:s0
 /system/bin/dnsmasq     u:object_r:dnsmasq_exec:s0
 /system/bin/hostapd     u:object_r:hostapd_exec:s0
 /system/bin/clatd	u:object_r:clatd_exec:s0

--- a/ping.te
+++ b/ping.te
-type ping, domain;
-permissive ping;
-type ping_exec, exec_type, file_type;
-domain_auto_trans(shell, ping_exec, ping)
-domain_auto_trans(dumpstate, ping_exec, ping)
-allow ping self:capability net_raw;
-allow ping self:rawip_socket create_socket_perms;
-allow ping self:udp_socket create_socket_perms;
-allow ping node:rawip_socket node_bind;
-allow ping dnsproxyd_socket:sock_file write;
-allow ping netd:unix_stream_socket connectto;
-allow ping devpts:chr_file rw_file_perms;
-allow ping shell:fd use;
-allow ping dumpstate:fd use;
-allow ping dumpstate:unix_stream_socket { read write };
--- a/shell.te
+++ b/shell.te
@@ -2,6 +2,9 @@
 type shell, domain, shelldomain, mlstrustedsubject;
 type shell_exec, exec_type, file_type;
+# Create and use network sockets.
+net_domain(shell)
 # Run app_process.
 # XXX Transition into its own domain?
 app_domain(shell)

--- a/shell_user.te
+++ b/shell_user.te
@@ -2,6 +2,9 @@
 type shell, domain, shelldomain, mlstrustedsubject;
 type shell_exec, exec_type, file_type;
+# Create and use network sockets.
+net_domain(shell)
 # Run app_process.
 # XXX Transition into its own domain?
 app_domain(shell)