Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 2208f96e9e6264553fcc8a58b86f4f21a092468c^! / . / private / compat
commit2208f96e9e6264553fcc8a58b86f4f21a092468c[log] [tgz]
authorTom Cherry <tomcherry@google.com>Thu May 03 17:00:16 2018 -0700
committerTom Cherry <tomcherry@google.com>Tue May 22 09:13:16 2018 -0700
tree4d1ef24602bb81320fb9734b040bb72070ad034f
parente5cc744d18ad7369140dfde6004b81640fcb24c9 [diff]
Finer grained permissions for ctl. properties

Currently, permissions for ctl. property apply to each action verb, so
if a domain has permissions for controlling service 'foo', then it can
start, stop, and restart foo.

This change implements finer grainer permissions such that permission
can be given to strictly start a given service, but not stop or
restart it.  This new permission scheme is mandatory for the new
control functions, sigstop_on, sigstop_off, interface_start,
interface_stop, interface_restart.

Bug: 78511553
Test: see appropriate successes and failures based on permissions

Change-Id: Ibe0cc0d6028fb0ed7d6bcba626721e0d84cc20fa

diff --git a/private/compat/26.0/26.0.cil b/private/compat/26.0/26.0.cil
index 06befe0..0478a56 100644
--- a/private/compat/26.0/26.0.cil
+++ b/private/compat/26.0/26.0.cil

@@ -118,7 +118,7 @@
 (typeattributeset ctl_bootanim_prop_26_0 (ctl_bootanim_prop))
 (typeattributeset ctl_bugreport_prop_26_0 (ctl_bugreport_prop))
 (typeattributeset ctl_console_prop_26_0 (ctl_console_prop))
-(typeattributeset ctl_default_prop_26_0 (ctl_default_prop))
+(typeattributeset ctl_default_prop_26_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop))
 (typeattributeset ctl_dumpstate_prop_26_0 (ctl_dumpstate_prop))
 (typeattributeset ctl_fuse_prop_26_0 (ctl_fuse_prop))
 (typeattributeset ctl_mdnsd_prop_26_0 (ctl_mdnsd_prop))

diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index 9b28ab4..c8edf9f 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil

@@ -16,6 +16,10 @@
     broadcastradio_service
     cgroup_bpf
     crossprofileapps_service
+    ctl_interface_restart_prop
+    ctl_interface_start_prop
+    ctl_interface_stop_prop
+    ctl_sigstop_prop
     e2fs
     e2fs_exec
     exfat

diff --git a/private/compat/27.0/27.0.cil b/private/compat/27.0/27.0.cil
index 52760f7..dbe3e88 100644
--- a/private/compat/27.0/27.0.cil
+++ b/private/compat/27.0/27.0.cil

@@ -822,7 +822,7 @@
 (typeattributeset ctl_bootanim_prop_27_0 (ctl_bootanim_prop))
 (typeattributeset ctl_bugreport_prop_27_0 (ctl_bugreport_prop))
 (typeattributeset ctl_console_prop_27_0 (ctl_console_prop))
-(typeattributeset ctl_default_prop_27_0 (ctl_default_prop))
+(typeattributeset ctl_default_prop_27_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop))
 (typeattributeset ctl_dumpstate_prop_27_0 (ctl_dumpstate_prop))
 (typeattributeset ctl_fuse_prop_27_0 (ctl_fuse_prop))
 (typeattributeset ctl_mdnsd_prop_27_0 (ctl_mdnsd_prop))

diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index 5a6509e..6106748 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil

@@ -14,6 +14,10 @@
     bpfloader_exec
     cgroup_bpf
     crossprofileapps_service
+    ctl_interface_restart_prop
+    ctl_interface_start_prop
+    ctl_interface_stop_prop
+    ctl_sigstop_prop
     exfat
     exported2_config_prop
     exported2_default_prop