public · 64ade65d17bffd1f341653ecdcc7419edcf1215c · Werner Sembach / AndroidSystemSEPolicy

Jaekyun Seok authored 7 years ago

The feature of compatible property has its own neverallow rules and it
is enforced on devices launchig with Android P.

This CL changes hal_nfc to hal_nfc_server in neverallow rules because
sepolicy-analyze doesn't recognize it. Additionally one more neverallow
rule is added to restrict reading nfc_prop.

Bug: 72013705
Bug: 72678352
Test: 'run cts -m CtsSecurityHostTestCases' on walleye with
ro.product.first_api_level=28

Change-Id: I753cc81f7ca0e4ad6a2434b2a047052678f57671

64ade65d

History

64ade65d 7 years ago

History

Name	Last commit	Last update
..
adbd.te
app.te
asan_extract.te
attributes
audioserver.te
blkid.te
blkid_untrusted.te
bluetooth.te
bootanim.te
bootstat.te
bufferhubd.te
cameraserver.te
charger.te
clatd.te
cppreopts.te
crash_dump.te
device.te
dex2oat.te
dhcp.te
display_service_server.te
dnsmasq.te
domain.te
drmserver.te
dumpstate.te
e2fs.te
ephemeral_app.te
file.te
fingerprintd.te
fsck.te
fsck_untrusted.te
gatekeeperd.te
global_macros
hal_allocator.te
hal_audio.te
hal_authsecret.te
hal_bluetooth.te
hal_bootctl.te
hal_broadcastradio.te
hal_camera.te
hal_cas.te
hal_configstore.te
hal_confirmationui.te
hal_contexthub.te
hal_drm.te
hal_dumpstate.te
hal_fingerprint.te
hal_gatekeeper.te
hal_gnss.te
hal_graphics_allocator.te
hal_graphics_composer.te
hal_health.te
hal_ir.te
hal_keymaster.te
hal_light.te
hal_lowpan.te
hal_memtrack.te
hal_neuralnetworks.te
hal_neverallows.te
hal_nfc.te
hal_oemlock.te
hal_power.te
hal_secure_element.te
hal_sensors.te
hal_telephony.te
hal_tetheroffload.te
hal_thermal.te
hal_tv_cec.te
hal_tv_input.te
hal_usb.te
hal_usb_gadget.te
hal_vibrator.te
hal_vr.te
hal_weaver.te
hal_wifi.te
hal_wifi_offload.te
hal_wifi_supplicant.te
healthd.te
hwservice.te
hwservicemanager.te
idmap.te
incident.te
incident_helper.te
incidentd.te
init.te
inputflinger.te
install_recovery.te
installd.te
ioctl_defines
ioctl_macros
isolated_app.te
kernel.te
keystore.te
lmkd.te
logd.te
logpersist.te
mdnsd.te
mediacodec.te
mediadrmserver.te
mediaextractor.te
mediametrics.te