Merge changes from topic "revert-1959735-NUPGEQOUCB" into android12-tests-dev
* changes:
RESTRICT AUTOMERGE Revert "Add policy for command line tool to control MTE boot state."
RESTRICT AUTOMERGE Revert "Move mtectrl to private"
diff --git a/private/domain.te b/private/domain.te
index ad8becc..b91d36d 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -112,26 +112,6 @@
# Allow all processes to check for the existence of the boringssl_self_test_marker files.
allow domain boringssl_self_test_marker:dir search;
-# No domains other than a select few can access the misc_block_device. This
-# block device is reserved for OTA use.
-# Do not assert this rule on userdebug/eng builds, due to some devices using
-# this partition for testing purposes.
-neverallow {
- domain
- userdebug_or_eng(`-domain') # exclude debuggable builds
- -fastbootd
- -hal_bootctl_server
- -init
- -uncrypt
- -update_engine
- -vendor_init
- -vendor_misc_writer
- -vold
- -recovery
- -ueventd
- -mtectrl
-} misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock };
-
# Limit ability to ptrace or read sensitive /proc/pid files of processes
# with other UIDs to these allowlisted domains.
neverallow {
diff --git a/private/file_contexts b/private/file_contexts
index 6730c25..351cd7c 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -304,7 +304,6 @@
/system/bin/lpdumpd u:object_r:lpdumpd_exec:s0
/system/bin/rss_hwm_reset u:object_r:rss_hwm_reset_exec:s0
/system/bin/perfetto u:object_r:perfetto_exec:s0
-/system/bin/mtectrl u:object_r:mtectrl_exec:s0
/system/bin/traced u:object_r:traced_exec:s0
/system/bin/traced_perf u:object_r:traced_perf_exec:s0
/system/bin/traced_probes u:object_r:traced_probes_exec:s0
diff --git a/private/mtectrl.te b/private/mtectrl.te
deleted file mode 100644
index 436dcae..0000000
--- a/private/mtectrl.te
+++ /dev/null
@@ -1,10 +0,0 @@
-# mtectrl is a tool to request MTE (Memory Tagging Extensions) from the bootloader.
-type mtectrl, domain, coredomain;
-type mtectrl_exec, system_file_type, exec_type, file_type;
-
-init_daemon_domain(mtectrl)
-
-# mtectrl communicates the request to the bootloader via the misc partition.
-allow mtectrl misc_block_device:blk_file w_file_perms;
-allow mtectrl block_device:dir r_dir_perms;
-read_fstab(mtectrl)
diff --git a/public/domain.te b/public/domain.te
index 9d0c46d..799a2f1 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -610,6 +610,25 @@
-update_engine
} system_block_device:blk_file { write append };
+# No domains other than a select few can access the misc_block_device. This
+# block device is reserved for OTA use.
+# Do not assert this rule on userdebug/eng builds, due to some devices using
+# this partition for testing purposes.
+neverallow {
+ domain
+ userdebug_or_eng(`-domain') # exclude debuggable builds
+ -fastbootd
+ -hal_bootctl_server
+ -init
+ -uncrypt
+ -update_engine
+ -vendor_init
+ -vendor_misc_writer
+ -vold
+ -recovery
+ -ueventd
+} misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock };
+
# Only (hw|vnd|)servicemanager should be able to register with binder as the context manager
neverallow { domain -servicemanager -hwservicemanager -vndservicemanager } *:binder set_context_mgr;
# The service managers are only allowed to access their own device node