Merge changes from topic 'debuggerd_ambient' * changes: crash_dump: dontaudit CAP_SYS_PTRACE denial. crash_dump: don't allow CAP_SYS_PTRACE or CAP_KILL.

commit: d765766bcb991872d35cd50b9aa17a5c352bdab4 [log] [tgz]
author: Josh Gao <jmgao@google.com> Mon Feb 06 18:37:54 2017 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Mon Feb 06 18:37:55 2017 +0000
tree: a89920b2cc34ce1efa53b022dad52635c25e6141
parent: 46e5a060f66dc585f2b2319ba1f19f1c6ecc3c98 [diff]
parent: 943d7ed51e32d5f7914653f0c4aa051c5f26c6c3 [diff]
diff --git a/public/crash_dump.te b/public/crash_dump.te
index e117176..e1327e4 100644
--- a/public/crash_dump.te
+++ b/public/crash_dump.te

@@ -1,7 +1,6 @@
 type crash_dump, domain;
 type crash_dump_exec, exec_type, file_type;
 
-allow crash_dump self:capability { sys_ptrace kill };
 allow crash_dump {
   domain
   -init
@@ -9,6 +8,11 @@
   -keystore
   -logd
 }:process { ptrace signal sigchld sigstop sigkill };
+
+# crash_dump might inherit CAP_SYS_PTRACE from a privileged process,
+# which will result in an audit log even when it's allowed to trace.
+dontaudit crash_dump self:capability { sys_ptrace };
+
 userdebug_or_eng(`
   allow crash_dump logd:process { ptrace signal sigchld sigstop sigkill };
 ')
commit	d765766bcb991872d35cd50b9aa17a5c352bdab4	[log] [tgz]
author	Josh Gao <jmgao@google.com>	Mon Feb 06 18:37:54 2017 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Mon Feb 06 18:37:55 2017 +0000
tree	a89920b2cc34ce1efa53b022dad52635c25e6141
parent	46e5a060f66dc585f2b2319ba1f19f1c6ecc3c98 [diff]
parent	943d7ed51e32d5f7914653f0c4aa051c5f26c6c3 [diff]