Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 5f154404deef6bf37200512f0c18f043156a6c4f
commit5f154404deef6bf37200512f0c18f043156a6c4f[log] [tgz]
authorNick Kralevich <nnk@google.com>Wed Dec 19 13:36:53 2018 -0800
committerNick Kralevich <nnk@google.com>Wed Dec 19 13:44:22 2018 -0800
treed4633a604b1c13d2dcc3d5edfe361ab842d392dc
parent3361ec4358b7aeea8fabdbbf26d864c364bc0eeb [diff]
Ensure that service_manager adds / finds make sense.

Add a neverallow rule asserting that services registered or queried
through servicemanager must have the attribute service_manager_type
or vndservice_manager_type. Attempting to add or query a service which
does not have one of those attributes is malformed policy.

See
https://android-review.googlesource.com/c/platform/system/sepolicy/+/826500/7/private/system_server.te#696
as an example where this occurred.

Test: compiles
Change-Id: I339bde04b80819b07832d96797fd7f477a4b676a
1 file changed
tree: d4633a604b1c13d2dcc3d5edfe361ab842d392dc
  1. apex/
  2. build/
  3. prebuilts/
  4. private/
  5. public/
  6. reqd_mask/
  7. tests/
  8. tools/
  9. vendor/
  10. .gitignore
  11. Android.bp
  12. Android.mk
  13. CleanSpec.mk
  14. definitions.mk
  15. MODULE_LICENSE_PUBLIC_DOMAIN
  16. NOTICE
  17. OWNERS
  18. PREUPLOAD.cfg
  19. README
  20. treble_sepolicy_tests_for_release.mk