commit 0b6856f59b3bbe57787c46acb189837c42b139ae
author Treehugger Robot <treehugger-gerrit@google.com> Fri Dec 22 21:47:01 2017 +0000
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Fri Dec 22 21:47:01 2017 +0000
tree 521b9c179f0431f990ea9189807cf331f5b615ef
parent 6168a12ea9194498649a3878d46e3671c518d60f
parent a00b74196e4ee945deddbfa5fa24f3c6728dc80f

Merge "Remove sys/class/leds permissions from dumpstate."

private/system_server.te

diff --git a/private/system_server.te b/private/system_server.te
index 7d7a1a6..46becd0 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -706,13 +706,6 @@
 
 r_dir_file(system_server, rootfs)
 
-### Rules needed when Light HAL runs inside system_server process.
-### These rules should eventually be granted only when needed.
-allow system_server sysfs_leds:lnk_file read;
-allow system_server sysfs_leds:file rw_file_perms;
-allow system_server sysfs_leds:dir r_dir_perms;
-###
-
 # Allow WifiService to start, stop, and read wifi-specific trace events.
 allow system_server debugfs_tracing_instances:dir search;
 allow system_server debugfs_wifi_tracing:dir search;

public/domain.te

diff --git a/public/domain.te b/public/domain.te
index ec0532d..f9b6688 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -1114,3 +1114,16 @@
 # be passthrough only (i.e., run in the process of their clients instead of a
 # separate server process).
 neverallow * same_process_hwservice:hwservice_manager add;
+
+# On TREBLE devices, most coredomains should not access vendor_files.
+full_treble_only(`
+  neverallow {
+    coredomain
+    -halclientdomain
+    -init
+    -ueventd
+    -crash_dump
+    -perfprofd
+    -vendor_init
+  } vendor_file:file { create_file_perms x_file_perms };
+')