Commits

Stephen Smalley  committed 94eef69 Merge with conflicts

Merge branch 'seandroid' into seandroid-4.4

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

Conflicts:
surfaceflinger.te

  • Participants
  • Parent commits bb4d00f, 5b692be
  • Branches seandroid-4.4

Comments (0)

Files changed (8)

 # ndk-gdb invokes adb pull of app_process, linker, and libc.so.
 allow adbd zygote_exec:file r_file_perms;
 allow adbd system_file:file r_file_perms;
-
-allow adbd cgroup:dir ra_dir_perms;
 allow appdomain dumpstate:unix_stream_socket { read write getopt getattr };
 allow appdomain shell_data_file:file { write getattr };
 
-dontaudit appdomain shell_data_file:dir search;
-
 # Write to /proc/net/xt_qtaguid/ctrl file.
 allow appdomain qtaguid_proc:file rw_file_perms;
 # Everybody can read the xt_qtaguid resource tracking misc dev.
 binder_call(bootanim, surfaceflinger)
 
 allow bootanim gpu_device:chr_file rw_file_perms;
-
-dontaudit bootanim shell_data_file:dir search;
-dontaudit bootanim property_socket:sock_file write;

File mediaserver.te

 # Needed on some devices for playing audio on paired BT device,
 # but seems appropriate for all devices.
 unix_socket_connect(mediaserver, bluetooth, bluetooth)
+
+# Connect to tee service.
+allow mediaserver tee:unix_stream_socket connectto;
 type ctl_default_prop, property_type;
 type ctl_dumpstate_prop, property_type;
 type ctl_rildaemon_prop, property_type;
+type ctl_bugreport_prop, property_type;
 type audio_prop, property_type;
 type security_prop, property_type;
 type bluetooth_prop, property_type;

File property_contexts

 # ctl properties
 ctl.dumpstate           u:object_r:ctl_dumpstate_prop:s0
 ctl.ril-daemon          u:object_r:ctl_rildaemon_prop:s0
+ctl.bugreport           u:object_r:ctl_bugreport_prop:s0
 ctl.                    u:object_r:ctl_default_prop:s0

File surfaceflinger.te

 
 # Perform Binder IPC.
 binder_use(surfaceflinger)
-binder_call(surfaceflinger, system_server)
-binder_call(surfaceflinger, nfc)
-binder_call(surfaceflinger, mediaserver)
+binder_call(surfaceflinger, binderservicedomain)
+binder_call(surfaceflinger, appdomain)
 binder_service(surfaceflinger)
 
+# Binder IPC to bu, presently runs in adbd domain.
+binder_call(surfaceflinger, adbd)
+
+# Read /proc/pid files for Binder clients.
+r_dir_file(surfaceflinger, binderservicedomain)
+r_dir_file(surfaceflinger, appdomain)
+
 # Access the GPU.
 allow surfaceflinger gpu_device:chr_file rw_file_perms;
 
 allow surfaceflinger tee:unix_stream_socket connectto;
 allow surfaceflinger tee_device:chr_file rw_file_perms;
 
-dontaudit surfaceflinger shell_data_file:dir search;
+###
+### Neverallow rules
+###
+### surfaceflinger should NEVER do any of this
+
+# Do not allow accessing SDcard files as unsafe ejection could
+# cause the kernel to kill the process.
+#neverallow surfaceflinger sdcard_type:file rw_file_perms;

File system_app.te

 allow system_app debug_prop:property_service set;
 allow system_app radio_prop:property_service set;
 allow system_app system_prop:property_service set;
+allow system_app ctl_bugreport_prop:property_service set;
+
+# Create /data/anr/traces.txt.
+allow system_app anr_data_file:dir ra_dir_perms;
+allow system_app anr_data_file:file create_file_perms;