Strengthen ptrace neverallow rules Add additional compile time constraints on the ability to ptrace various sensitive domains. llkd: remove some domains which llkd should never ptrace, even on debuggable builds, such as kernel threads and init. crash_dump neverallows: Remove the ptrace neverallow checks because it duplicates other neverallow assertions spread throughout the policy. Test: policy compiles and device boots Change-Id: Ia4240d1ce7143b983bb048e046bb4729d0af5a6e

commit: 095fbea56341cc17a7b2b2936dca470c89709f83 [log] [tgz]
author: Nick Kralevich <nnk@google.com> Thu Sep 13 11:07:14 2018 -0700
committer: Nick Kralevich <nnk@google.com> Fri Sep 14 18:32:20 2018 +0000
tree: e77de83f6b2e1ac6100c5740fc000bef92152e1a
parent: 702fd0afacf27c62e2743a72ebeae4021a5b595c [diff] [blame]
diff --git a/private/llkd.te b/private/llkd.te
index 73e3f58..900d403 100644
--- a/private/llkd.te
+++ b/private/llkd.te

@@ -22,9 +22,12 @@
 userdebug_or_eng(`
   allow llkd {
     domain
+    -kernel
     -keystore
     -init
     -llkd
+    -ueventd
+    -vendor_init
   }:process ptrace;
 ')
commit	095fbea56341cc17a7b2b2936dca470c89709f83	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Thu Sep 13 11:07:14 2018 -0700
committer	Nick Kralevich <nnk@google.com>	Fri Sep 14 18:32:20 2018 +0000
tree	e77de83f6b2e1ac6100c5740fc000bef92152e1a
parent	702fd0afacf27c62e2743a72ebeae4021a5b595c [diff] [blame]