Merge "Disallow most coredomains from accessing vendor_files on Treble." am:...

Merge "Disallow most coredomains from accessing vendor_files on Treble." am: 6168a12e am: ea3942f0 am: 6771dc79 Change-Id: Ic563be5ceca453ec9a7489ca462f240bfd0b03c3

Merge "Disallow most coredomains from accessing vendor_files on Treble." am:...
df809408 · Joel Galenson · android-build-merger · b5b1314b · 6771dc79 · df809408
Commit df809408 authored 7 years ago by Joel Galenson Committed by android-build-merger 7 years ago
--- a/public/domain.te
+++ b/public/domain.te
@@ -1118,3 +1118,16 @@ neverallow ~coredomain coredomain_hwservice:hwservice_manager add;
 # be passthrough only (i.e., run in the process of their clients instead of a
 # separate server process).
 neverallow * same_process_hwservice:hwservice_manager add;
+
+# On TREBLE devices, most coredomains should not access vendor_files.
+full_treble_only(`
+  neverallow {
+    coredomain
+    -halclientdomain
+    -init
+    -ueventd
+    -crash_dump
+    -perfprofd
+    -vendor_init
+  } vendor_file:file { create_file_perms x_file_perms };
+')