Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / ebc3a1a34ce914654fcc4edf9a2d26bf5fa76260
commitebc3a1a34ce914654fcc4edf9a2d26bf5fa76260[log] [tgz]
authorNick Kralevich <nnk@google.com>Tue Oct 09 14:22:47 2018 -0700
committerNick Kralevich <nnk@google.com>Wed Oct 10 13:02:57 2018 +0000
tree5e6daeea4e94e3c517b9dea377263bbdadb7a2e0
parentcacea25ed0fe4850d50d12640c7ee47ae1e2ef7a [diff]
Move to ioctl whitelisting for plain files / directories

Remove kernel attack surface associated with ioctls on plain files. In
particular, we want to ensure that the ioctls FS_IOC_ENABLE_VERITY and
FS_IOC_MEASURE_VERITY are not exposed outside a whitelisted set of
entities. However, it's straight forward enough to turn on ioctl
whitelisting for everything, so we choose to do so.

Test: policy compiles and device boots
Test: device boots with data wipe
Test: device boots without data wipe
Change-Id: I545ae76dddaa2193890eeb1d404db79d1ffa13c2
5 files changed
tree: 5e6daeea4e94e3c517b9dea377263bbdadb7a2e0
  1. build/
  2. prebuilts/
  3. private/
  4. public/
  5. reqd_mask/
  6. tests/
  7. tools/
  8. vendor/
  9. .gitignore
  10. Android.bp
  11. Android.mk
  12. CleanSpec.mk
  13. definitions.mk
  14. MODULE_LICENSE_PUBLIC_DOMAIN
  15. NOTICE
  16. OWNERS
  17. PREUPLOAD.cfg
  18. README
  19. treble_sepolicy_tests_for_release.mk