Don't let ro.log.file_logger.path to be set ro.log.file_logger.path is a system property that liblog uses to determine if file_logger should be used (instead of logd) and what file the logs should be emitted to. It is primarily meant for non-Android environment like Microdroid, and doesn't need to be set in Android. In fact, setting it to a wrong value can break the system logging functionality. This change prevents such a problem by assigning a dedicated property context (log_file_logger_prop) to the property and making it non-writable. (Note that it still has to be readable because liblog reads it and liblog can be loaded in any process) Bug: 222592894 Test: try to set ro.log.file_logger.path Change-Id: Ic6b527327f5bd4ca70a58b6e45f7be382e093318

commit: c4f84bcb379aace2d19f3bcaf3c896bd82d700c6 [log] [tgz]
author: Jiyong Park <jiyong@google.com> Sun Sep 18 23:09:53 2022 +0900
committer: Jiyong Park <jiyong@google.com> Sun Sep 18 23:39:41 2022 +0900
tree: c984d447d815016d7ea9a71ed7a812c78b41bb3f
parent: 7c4f837e4038870c9613c0cee76c8559d2534944 [diff] [blame]
diff --git a/private/property.te b/private/property.te
index bb49742..805b70d 100644
--- a/private/property.te
+++ b/private/property.te

@@ -51,6 +51,7 @@
 
 # Properties which can't be written outside system
 system_restricted_prop(device_config_virtualization_framework_native_prop)
+system_restricted_prop(log_file_logger_prop)
 
 ###
 ### Neverallow rules
@@ -672,3 +673,7 @@
   -profcollectd
 } profcollectd_node_id_prop:file r_file_perms;
 
+neverallow {
+  domain
+  -init
+} log_file_logger_prop:property_service set;
commit	c4f84bcb379aace2d19f3bcaf3c896bd82d700c6	[log] [tgz]
author	Jiyong Park <jiyong@google.com>	Sun Sep 18 23:09:53 2022 +0900
committer	Jiyong Park <jiyong@google.com>	Sun Sep 18 23:39:41 2022 +0900
tree	c984d447d815016d7ea9a71ed7a812c78b41bb3f
parent	7c4f837e4038870c9613c0cee76c8559d2534944 [diff] [blame]