| commit | 6a7a72b07a5da8fcb8e2f4984bbdd3b035aef9ad | [log] [tgz] |
|---|---|---|
| author | Nick Kralevich <nnk@google.com> | Thu Sep 05 09:54:43 2019 -0700 |
| committer | Nick Kralevich <nnk@google.com> | Thu Sep 05 09:54:43 2019 -0700 |
| tree | afed7cecd6e9dfa985e98690ec20d1537ad21c1d | |
| parent | b56a49d979c228400abaae849e9df95d0c834f51 [diff] |
neverallow_macros: add watch* perms In cases where directory read access has been neverallowed via no_rw_dir_perms, also neverallow the various watch* permissions. If read was disallowed by the neverallow assertions, there's an assumption that watch was also intended to not be allowed. Make that assumption explicit. References: * https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=ac5656d8a4cdd93cd2c74355ed12e5617817e0e7 * https://android.googlesource.com/platform/system/sepolicy/+/c4ab8edf7476ac8f247e5f1b2efbe282a693be06 * https://android.googlesource.com/platform/system/sepolicy/+/dddbaaf1e8791f8fffde424aa09a6e135f973771 Test: compiles Change-Id: I8139eaf1165a5090c7b48e45f353170e58ddf1d9
diff --git a/public/neverallow_macros b/public/neverallow_macros index e2b6ed1..59fa441 100644 --- a/public/neverallow_macros +++ b/public/neverallow_macros
@@ -1,7 +1,7 @@ # # Common neverallow permissions define(`no_w_file_perms', `{ append create link unlink relabelfrom rename setattr write }') -define(`no_rw_file_perms', `{ no_w_file_perms open read ioctl lock }') +define(`no_rw_file_perms', `{ no_w_file_perms open read ioctl lock watch watch_mount watch_sb watch_with_perm watch_reads }') define(`no_x_file_perms', `{ execute execute_no_trans }') define(`no_w_dir_perms', `{ add_name create link relabelfrom remove_name rename reparent rmdir setattr write }')