Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 28377a8a17b254a1a8b926b203d0184a4716366d^! / .
commit28377a8a17b254a1a8b926b203d0184a4716366d[log] [tgz]
authorMartijn Coenen <maco@google.com>Tue Jul 27 13:47:42 2021 +0200
committerMartijn Coenen <maco@google.com>Wed Jul 28 11:52:48 2021 +0000
treea1e654277019e53f5cbe9f52d708fc51d9e0eab3
parent6f9b65aac76c5fd16e9e80d3523c719a71a4d016 [diff]
Allow odsign to stop itself.

Carve out a label for the property, and allow odsign to set it.

Bug: 194334176
Test: no denials
Change-Id: I9dafefabc27c679ed9f36e617e824f44f3b16bbd
Merged-In: I9dafefabc27c679ed9f36e617e824f44f3b16bbd

diff --git a/prebuilts/api/31.0/private/odsign.te b/prebuilts/api/31.0/private/odsign.te
index 0ff3b7b..c6c7808 100644
--- a/prebuilts/api/31.0/private/odsign.te
+++ b/prebuilts/api/31.0/private/odsign.te

@@ -54,6 +54,9 @@
 set_prop(odsign, odsign_prop)
 neverallow { domain -odsign -init } odsign_prop:property_service set;
 
+# Allow odsign to stop itself
+set_prop(odsign, ctl_odsign_prop)
+
 # Neverallows
 neverallow { domain -odsign -init -fsverity_init } odsign_data_file:dir *;
 neverallow { domain -odsign -init -fsverity_init } odsign_data_file:file *;

diff --git a/prebuilts/api/31.0/private/property.te b/prebuilts/api/31.0/private/property.te
index 6c0b521..29f4f1a 100644
--- a/prebuilts/api/31.0/private/property.te
+++ b/prebuilts/api/31.0/private/property.te

@@ -37,6 +37,7 @@
 system_internal_prop(verity_status_prop)
 system_internal_prop(zygote_wrap_prop)
 system_internal_prop(ctl_mediatranscoding_prop)
+system_internal_prop(ctl_odsign_prop)
 
 ###
 ### Neverallow rules

diff --git a/prebuilts/api/31.0/private/property_contexts b/prebuilts/api/31.0/private/property_contexts
index 4947677..7ce64c3 100644
--- a/prebuilts/api/31.0/private/property_contexts
+++ b/prebuilts/api/31.0/private/property_contexts

@@ -169,6 +169,9 @@
 # Restrict access to stopping apexd.
 ctl.stop$apexd          u:object_r:ctl_apexd_prop:s0
 
+# Restrict access to stopping odsign
+ctl.stop$odsign         u:object_r:ctl_odsign_prop:s0
+
 # Restrict access to starting media.transcoding.
 ctl.start$media.transcoding  u:object_r:ctl_mediatranscoding_prop:s0
 

diff --git a/private/odsign.te b/private/odsign.te
index 0ff3b7b..c6c7808 100644
--- a/private/odsign.te
+++ b/private/odsign.te

@@ -54,6 +54,9 @@
 set_prop(odsign, odsign_prop)
 neverallow { domain -odsign -init } odsign_prop:property_service set;
 
+# Allow odsign to stop itself
+set_prop(odsign, ctl_odsign_prop)
+
 # Neverallows
 neverallow { domain -odsign -init -fsverity_init } odsign_data_file:dir *;
 neverallow { domain -odsign -init -fsverity_init } odsign_data_file:file *;

diff --git a/private/property.te b/private/property.te
index 6c0b521..29f4f1a 100644
--- a/private/property.te
+++ b/private/property.te

@@ -37,6 +37,7 @@
 system_internal_prop(verity_status_prop)
 system_internal_prop(zygote_wrap_prop)
 system_internal_prop(ctl_mediatranscoding_prop)
+system_internal_prop(ctl_odsign_prop)
 
 ###
 ### Neverallow rules

diff --git a/private/property_contexts b/private/property_contexts
index 4947677..7ce64c3 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -169,6 +169,9 @@
 # Restrict access to stopping apexd.
 ctl.stop$apexd          u:object_r:ctl_apexd_prop:s0
 
+# Restrict access to stopping odsign
+ctl.stop$odsign         u:object_r:ctl_odsign_prop:s0
+
 # Restrict access to starting media.transcoding.
 ctl.start$media.transcoding  u:object_r:ctl_mediatranscoding_prop:s0