commit 7be9e9e372c70a5518f729a0cdcb0d39a28be377
author Marco Ballesio <balejs@google.com> Thu Sep 17 15:54:46 2020 +0000
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Thu Sep 17 15:54:46 2020 +0000
tree 047eca2df86fac80594fa6a91c352be3742a1a48
parent e0e91016e93b8da6661b1a725aaae859fd6f7576
parent 9e7e3fd55fa16a42b0cb8f255a20dd5aaf58b098

Merge "sepolicy: allow system server for BINDER_GET_FROZEN_INFO"

private/system_server.te

diff --git a/private/system_server.te b/private/system_server.te
index bd57ad8..6042fff 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -1012,8 +1012,8 @@
 
 get_prop(system_server, wifi_config_prop)
 
-# Only system server can access BINDER_FREEZE
-allowxperm system_server binder_device:chr_file ioctl { BINDER_FREEZE };
+# Only system server can access BINDER_FREEZE and BINDER_GET_FROZEN_INFO
+allowxperm system_server binder_device:chr_file ioctl { BINDER_FREEZE BINDER_GET_FROZEN_INFO };
 
 ###
 ### Neverallow rules
@@ -1236,4 +1236,6 @@
 
 # BINDER_FREEZE is used to block ipc transactions to frozen processes, so it
 # can be accessed by system_server only (b/143717177)
-neverallowxperm { domain -system_server } binder_device:chr_file ioctl { BINDER_FREEZE };
+# BINDER_GET_FROZEN_INFO is used by system_server to determine the state of a frozen binder
+# interface
+neverallowxperm { domain -system_server } binder_device:chr_file ioctl { BINDER_FREEZE BINDER_GET_FROZEN_INFO };

public/ioctl_defines

diff --git a/public/ioctl_defines b/public/ioctl_defines
index 8b28beb..5187162 100644
--- a/public/ioctl_defines
+++ b/public/ioctl_defines
@@ -133,6 +133,7 @@
 define(`BC_REQUEST_DEATH_NOTIFICATION', `0x400c630e')
 define(`BC_TRANSACTION', `0x40406300')
 define(`BINDER_FREEZE', `0x400c620e')
+define(`BINDER_GET_FROZEN_INFO', `0xc00c620f')
 define(`BINDER_GET_NODE_DEBUG_INFO', `0xc018620b')
 define(`BINDER_GET_NODE_INFO_FOR_REF', `0xc018620c')
 define(`BINDER_SET_CONTEXT_MGR', `0x40046207')