Remove access to /proc/net/{tcp,udp}
Remove these files from proc_net_type. Domains that need access must
have permission explicitly granted. Neverallow app access except the
shell domain.
Bug: 114475727
Test: atest CtsLibcoreOjTestCases
Test: netstat, lsof
Test: adb bugreport
Change-Id: I2304e3e98c0d637af78a361569466aa2fbe79fa0
diff --git a/private/compat/26.0/26.0.cil b/private/compat/26.0/26.0.cil
index dd60596..187712e 100644
--- a/private/compat/26.0/26.0.cil
+++ b/private/compat/26.0/26.0.cil
@@ -504,7 +504,7 @@
(typeattributeset proc_modules_26_0 (proc_modules))
(typeattributeset proc_net_26_0
( proc_net
- proc_net_vpn
+ proc_net_tcp_udp
proc_qtaguid_stat))
(typeattributeset proc_overcommit_memory_26_0 (proc_overcommit_memory))
(typeattributeset proc_perf_26_0 (proc_perf))
diff --git a/private/compat/27.0/27.0.cil b/private/compat/27.0/27.0.cil
index 155cf42..f792f3e 100644
--- a/private/compat/27.0/27.0.cil
+++ b/private/compat/27.0/27.0.cil
@@ -1218,7 +1218,7 @@
(typeattributeset proc_modules_27_0 (proc_modules))
(typeattributeset proc_net_27_0
( proc_net
- proc_net_vpn
+ proc_net_tcp_udp
proc_qtaguid_stat))
(typeattributeset proc_overcommit_memory_27_0 (proc_overcommit_memory))
(typeattributeset proc_perf_27_0 (proc_perf))
diff --git a/private/compat/28.0/28.0.cil b/private/compat/28.0/28.0.cil
index 5d47d23..18f5b01 100644
--- a/private/compat/28.0/28.0.cil
+++ b/private/compat/28.0/28.0.cil
@@ -1399,7 +1399,7 @@
(typeattributeset proc_mounts_28_0 (proc_mounts))
(typeattributeset proc_net_28_0
( proc_net
- proc_net_vpn))
+ proc_net_tcp_udp))
(typeattributeset proc_overcommit_memory_28_0 (proc_overcommit_memory))
(typeattributeset proc_page_cluster_28_0 (proc_page_cluster))
(typeattributeset proc_pagetypeinfo_28_0 (proc_pagetypeinfo))
diff --git a/private/dumpstate.te b/private/dumpstate.te
index b3db3d4..d1fbacc 100644
--- a/private/dumpstate.te
+++ b/private/dumpstate.te
@@ -42,3 +42,4 @@
allow dumpstate webview_zygote:process signal;
dontaudit dumpstate perfprofd:binder call;
dontaudit dumpstate update_engine:binder call;
+allow dumpstate proc_net_tcp_udp:file r_file_perms;
diff --git a/private/genfs_contexts b/private/genfs_contexts
index 410e7c6..f87c086 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -17,8 +17,8 @@
genfscon proc /modules u:object_r:proc_modules:s0
genfscon proc /mounts u:object_r:proc_mounts:s0
genfscon proc /net u:object_r:proc_net:s0
-genfscon proc /net/tcp u:object_r:proc_net_vpn:s0
-genfscon proc /net/udp u:object_r:proc_net_vpn:s0
+genfscon proc /net/tcp u:object_r:proc_net_tcp_udp:s0
+genfscon proc /net/udp u:object_r:proc_net_tcp_udp:s0
genfscon proc /net/xt_qtaguid/ctrl u:object_r:proc_qtaguid_ctrl:s0
genfscon proc /net/xt_qtaguid/ u:object_r:proc_qtaguid_stat:s0
genfscon proc /cpuinfo u:object_r:proc_cpuinfo:s0
diff --git a/private/shell.te b/private/shell.te
index 7b52a02..ee5b73c 100644
--- a/private/shell.te
+++ b/private/shell.te
@@ -57,3 +57,6 @@
# Allow shell to use atrace HAL
hal_client_domain(shell, hal_atrace)
+
+# For hostside tests such as CTS listening ports test.
+allow shell proc_net_tcp_udp:file r_file_perms;