Skip to content
Snippets Groups Projects
Commit 814edf8c authored by Jeffrey Vander Stoep's avatar Jeffrey Vander Stoep Committed by Android (Google) Code Review
Browse files

Merge "Ban core components from accessing vendor data types" into oc-dev

parents 45f699c7 50563c03
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
public/attributes
+ 4
0
View file @ 814edf8c
...@@ -45,6 +45,10 @@ attribute core_data_file_type; ...@@ -45,6 +45,10 @@ attribute core_data_file_type;
# data outside /data/vendor. # data outside /data/vendor.
# TODO(b/34980020): Remove this once there are no violations # TODO(b/34980020): Remove this once there are no violations
attribute coredata_in_vendor_violators; attribute coredata_in_vendor_violators;
# All core domains which violate the requirement of not accessing vendor
# owned data.
# TODO(b/34980020): Remove this once there are no violations
attribute vendordata_in_core_violators;
# All types use for sysfs files. # All types use for sysfs files.
attribute sysfs_type; attribute sysfs_type;
......
public/dhcp.te
+ 0
1
View file @ 814edf8c
type dhcp, domain, domain_deprecated; type dhcp, domain, domain_deprecated;
type dhcp_exec, exec_type, file_type; type dhcp_exec, exec_type, file_type;
type dhcp_data_file, file_type, data_file_type;
net_domain(dhcp) net_domain(dhcp)
......
public/domain.te
+ 19
0
View file @ 814edf8c
...@@ -516,6 +516,25 @@ full_treble_only(` ...@@ -516,6 +516,25 @@ full_treble_only(`
-appdomain -appdomain
-coredata_in_vendor_violators -coredata_in_vendor_violators
} system_data_file:dir ~search; } system_data_file:dir ~search;
# do not allow coredomains to directly access vendor data. Exempt init
# because it is responsible for dir/file creation in init.rc scripts.
# Also exempt halclientdomain to exclude rules for passthrough mode.
neverallow {
coredomain
-halclientdomain
-init
-vendordata_in_core_violators
} {
data_file_type
-core_data_file_type
}:file_class_set ~{ append getattr ioctl read write };
# do not allow coredomain to access vendor data directories.
neverallow {
coredomain
-halclientdomain
-init
-vendordata_in_core_violators
} { data_file_type -core_data_file_type }:dir *;
') ')
# On full TREBLE devices, socket communications between core components and vendor components are # On full TREBLE devices, socket communications between core components and vendor components are
......
public/file.te
+ 2
0
View file @ 814edf8c
...@@ -135,6 +135,8 @@ type ringtone_file, file_type, data_file_type, core_data_file_type, mlstrustedob ...@@ -135,6 +135,8 @@ type ringtone_file, file_type, data_file_type, core_data_file_type, mlstrustedob
type preloads_data_file, file_type, data_file_type, core_data_file_type; type preloads_data_file, file_type, data_file_type, core_data_file_type;
# /data/preloads/media # /data/preloads/media
type preloads_media_file, file_type, data_file_type, core_data_file_type; type preloads_media_file, file_type, data_file_type, core_data_file_type;
# /data/misc/dhcp and /data/misc/dhcp-6.8.2
type dhcp_data_file, file_type, data_file_type, core_data_file_type;
# Mount locations managed by vold # Mount locations managed by vold
type mnt_media_rw_file, file_type; type mnt_media_rw_file, file_type;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment