Allow keystore to read and write keystore.crash_count system property.
Additionally, remove the obsolete permission which allows keystore to
register callbacks with statsd. There's no direct communication between
keystore and statsd now.
Ignore-AOSP-First: No mergepath to AOSP.
Bug: 188590587
Test: statsd TestDrive script.
Merged-In: I31d202751ba78bb547822020260a7e366cb8826e
Change-Id: I31d202751ba78bb547822020260a7e366cb8826e
diff --git a/prebuilts/api/31.0/private/keystore.te b/prebuilts/api/31.0/private/keystore.te
index 3fccf59..8842224 100644
--- a/prebuilts/api/31.0/private/keystore.te
+++ b/prebuilts/api/31.0/private/keystore.te
@@ -20,10 +20,6 @@
# Allow keystore to write to statsd.
unix_socket_send(keystore, statsdw, statsd)
-# Allow keystore to register callbacks with statsd.
-allow keystore stats_service:service_manager find;
-binder_call(keystore, statsd);
-
# Keystore need access to the keystore_key context files to load the keystore key backend.
allow keystore keystore2_key_contexts_file:file r_file_perms;
@@ -33,3 +29,8 @@
# can call keystore methods on those references.
allow keystore vold:binder transfer;
allow keystore wait_for_keymaster:binder transfer;
+
+# Only keystore can set keystore.crash_count system property. Since init is allowed to set any
+# system property, an exception is added for init as well.
+set_prop(keystore, keystore_crash_prop)
+neverallow { domain -keystore -init } keystore_crash_prop:property_service set;
diff --git a/prebuilts/api/31.0/private/property.te b/prebuilts/api/31.0/private/property.te
index 01d4fd9..4f67251 100644
--- a/prebuilts/api/31.0/private/property.te
+++ b/prebuilts/api/31.0/private/property.te
@@ -15,6 +15,7 @@
system_internal_prop(init_perf_lsm_hooks_prop)
system_internal_prop(init_service_status_private_prop)
system_internal_prop(init_svc_debug_prop)
+system_internal_prop(keystore_crash_prop)
system_internal_prop(keystore_listen_prop)
system_internal_prop(last_boot_reason_prop)
system_internal_prop(localization_prop)
diff --git a/prebuilts/api/31.0/private/property_contexts b/prebuilts/api/31.0/private/property_contexts
index 0799e57..5ecb87f 100644
--- a/prebuilts/api/31.0/private/property_contexts
+++ b/prebuilts/api/31.0/private/property_contexts
@@ -1146,6 +1146,9 @@
# Broadcast boot stages, which keystore listens to
keystore.boot_level u:object_r:keystore_listen_prop:s0 exact int
+# Property that tracks keystore crash counts during a boot cycle.
+keystore.crash_count u:object_r:keystore_crash_prop:s0 exact int
+
partition.system.verified u:object_r:verity_status_prop:s0 exact string
partition.system_ext.verified u:object_r:verity_status_prop:s0 exact string
partition.product.verified u:object_r:verity_status_prop:s0 exact string
diff --git a/private/keystore.te b/private/keystore.te
index 0e57045..838712f 100644
--- a/private/keystore.te
+++ b/private/keystore.te
@@ -20,10 +20,6 @@
# Allow keystore to write to statsd.
unix_socket_send(keystore, statsdw, statsd)
-# Allow keystore to register callbacks with statsd.
-allow keystore stats_service:service_manager find;
-binder_call(keystore, statsd);
-
# Keystore need access to the keystore_key context files to load the keystore key backend.
allow keystore keystore2_key_contexts_file:file r_file_perms;
@@ -32,3 +28,8 @@
# Keystore needs to transfer binder references to vold so that it
# can call keystore methods on those references.
allow keystore vold:binder transfer;
+
+# Only keystore can set keystore.crash_count system property. Since init is allowed to set any
+# system property, an exception is added for init as well.
+set_prop(keystore, keystore_crash_prop)
+neverallow { domain -keystore -init } keystore_crash_prop:property_service set;
diff --git a/private/property.te b/private/property.te
index d6ddbdf..49d18ee 100644
--- a/private/property.te
+++ b/private/property.te
@@ -16,6 +16,7 @@
system_internal_prop(init_perf_lsm_hooks_prop)
system_internal_prop(init_service_status_private_prop)
system_internal_prop(init_svc_debug_prop)
+system_internal_prop(keystore_crash_prop)
system_internal_prop(keystore_listen_prop)
system_internal_prop(last_boot_reason_prop)
system_internal_prop(localization_prop)
diff --git a/private/property_contexts b/private/property_contexts
index 593274f..8741fbe 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -1153,6 +1153,9 @@
# Broadcast boot stages, which keystore listens to
keystore.boot_level u:object_r:keystore_listen_prop:s0 exact int
+# Property that tracks keystore crash counts during a boot cycle.
+keystore.crash_count u:object_r:keystore_crash_prop:s0 exact int
+
partition.system.verified u:object_r:verity_status_prop:s0 exact string
partition.system_ext.verified u:object_r:verity_status_prop:s0 exact string
partition.product.verified u:object_r:verity_status_prop:s0 exact string