Ensure that only desired processes can access TracingServiceProxy This change adds a neverallow rule in traced.te to limit the processes that can find tracingproxy_service, the context for TracingServiceProxy. I wanted to avoid moving the tracingproxy_service definition to public, so there were a few services that are exempted from this neverallow rule. Bug: 191391382 Test: Manually verified that with this change, along with the other change in this topic, I see no errors when taking a bugreport while a Traceur trace is running. Change-Id: I8658df0db92ae9cf4fefe2eebb4d6d9a5349ea89

commit: a60d7f28f2e6f482500bbe7e3b6863e44d663dd0 [log] [tgz]
author: Carmen Jackson <carmenjackson@google.com> Wed Jun 23 16:53:45 2021 -0700
committer: Carmen Jackson <carmenjackson@google.com> Thu Jun 24 08:24:20 2021 +0000
tree: c8d4a22a136cad83c9db73409fc307a5e3fd658d
parent: 635853a710b624fa99a257d371618741e4b96799 [diff] [blame]
diff --git a/private/atrace.te b/private/atrace.te
index d4aed40..d9e351c 100644
--- a/private/atrace.te
+++ b/private/atrace.te

@@ -27,15 +27,16 @@
 allow atrace {
   service_manager_type
   -apex_service
-  -incident_service
-  -iorapd_service
-  -netd_service
   -dnsresolver_service
-  -stats_service
   -dumpstate_service
+  -incident_service
   -installd_service
-  -vold_service
+  -iorapd_service
   -lpdump_service
+  -netd_service
+  -stats_service
+  -tracingproxy_service
+  -vold_service
   -default_android_service
 }:service_manager { find };
 allow atrace servicemanager:service_manager list;
commit	a60d7f28f2e6f482500bbe7e3b6863e44d663dd0	[log] [tgz]
author	Carmen Jackson <carmenjackson@google.com>	Wed Jun 23 16:53:45 2021 -0700
committer	Carmen Jackson <carmenjackson@google.com>	Thu Jun 24 08:24:20 2021 +0000
tree	c8d4a22a136cad83c9db73409fc307a5e3fd658d
parent	635853a710b624fa99a257d371618741e4b96799 [diff] [blame]