Prevent ptrace of logd on user builds system/core commit 6a70ded7bfa8914aaa3dc25630ff2713ae893f80 (later amended by 107e29ac1b1c297a0d4ee35c4978e79f47013e2c indicated that logd doesn't want it's memory accessible by anyone else. Unfortunately, setting DUMPABLE isn't sufficient against a root level process such with ptrace. Only one such process exists, "debuggerd". Block debuggerd from accessing logd's memory on user builds. Userdebug and eng builds are unaffected. Add a neverallow rule (compile time assertion + CTS test) to prevent regressions. Bug: 32450474 Test: Policy compiles. Change-Id: Ie90850cd91846a43adaa0871d239f894a0c94d38

commit: cb5f4a3dd8acd5c58bb2f0e65c6b4c256a1ec614 [log] [tgz]
author: Nick Kralevich <nnk@google.com> Mon Dec 05 14:01:28 2016 -0800
committer: Nick Kralevich <nnk@google.com> Mon Dec 05 14:07:32 2016 -0800
tree: 9256469d7882a51a7039b9f8d0af4931c4f495e3
parent: 8ee06cc44fe0d7cb914848d30e058be25f8f6509 [diff] [blame]
diff --git a/public/debuggerd.te b/public/debuggerd.te
index 33f8878..0222e34 100644
--- a/public/debuggerd.te
+++ b/public/debuggerd.te

@@ -15,9 +15,15 @@
   -healthd
   -init
   -keystore
+  -logd
   -ueventd
   -watchdogd
 }:process { execmem ptrace getattr };
+
+userdebug_or_eng(`
+  allow debuggerd logd:process { execmem ptrace getattr };
+')
+
 allow debuggerd tombstone_data_file:dir rw_dir_perms;
 allow debuggerd tombstone_data_file:file create_file_perms;
 allow debuggerd shared_relro_file:dir r_dir_perms;
commit	cb5f4a3dd8acd5c58bb2f0e65c6b4c256a1ec614	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Mon Dec 05 14:01:28 2016 -0800
committer	Nick Kralevich <nnk@google.com>	Mon Dec 05 14:07:32 2016 -0800
tree	9256469d7882a51a7039b9f8d0af4931c4f495e3
parent	8ee06cc44fe0d7cb914848d30e058be25f8f6509 [diff] [blame]