Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 0cef0fe5ac8b56f3d7a601034d70fdaa8775029e / . / private / property.te
blob: ffd3c519f05b2d130bdf8d861b5034f00e142581 [file] [log] [blame]
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]1# Properties used only in /system
2system_internal_prop(adbd_prop)
Yi Kong0ac00722020-10-27 02:29:52 +0800[diff] [blame]3system_internal_prop(device_config_profcollect_native_boot_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]4system_internal_prop(device_config_storage_native_boot_prop)
5system_internal_prop(device_config_sys_traced_prop)
6system_internal_prop(device_config_window_manager_native_boot_prop)
7system_internal_prop(device_config_configuration_prop)
Hongguang Chen91a5f4e2020-04-23 23:43:13 -0700[diff] [blame]8system_internal_prop(fastbootd_protocol_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]9system_internal_prop(gsid_prop)
10system_internal_prop(init_perf_lsm_hooks_prop)
Inseob Kim15e5e0a2020-05-14 19:43:08 +0900[diff] [blame]11system_internal_prop(init_service_status_private_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]12system_internal_prop(init_svc_debug_prop)
13system_internal_prop(last_boot_reason_prop)
Alexander Mishkovetsf0be89b2020-07-08 23:11:03 +0200[diff] [blame]14system_internal_prop(localization_prop)
Primiano Tuccicd452302020-10-09 09:15:10 +0100[diff] [blame]15system_internal_prop(lower_kptr_restrict_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]16system_internal_prop(netd_stable_secret_prop)
17system_internal_prop(pm_prop)
Inseob Kimd5a04482020-11-05 22:17:26 +0900[diff] [blame]18system_internal_prop(setupwizard_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]19system_internal_prop(system_adbd_prop)
Benjamin Schwartz3e4d97b2020-10-30 13:55:21 -0700[diff] [blame]20system_internal_prop(suspend_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]21system_internal_prop(traced_perf_enabled_prop)
22system_internal_prop(userspace_reboot_log_prop)
23system_internal_prop(userspace_reboot_test_prop)
Inseob Kimd5a04482020-11-05 22:17:26 +0900[diff] [blame]24system_internal_prop(verity_status_prop)
25system_internal_prop(zygote_wrap_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]26
Janis Danisevskis202e8632020-10-23 11:16:34 -0700[diff] [blame]27# TODO Remove this property when Keystore 2.0 migration is complete b/171563717
28system_internal_prop(keystore2_enable_prop)
29
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]30###
31### Neverallow rules
32###
33
34treble_sysprop_neverallow(`
35
Inseob Kimafc09932020-09-28 13:32:43 +0900[diff] [blame]36enforce_sysprop_owner(`
37 neverallow domain {
38 property_type
39 -system_property_type
40 -product_property_type
41 -vendor_property_type
42 }:file no_rw_file_perms;
43')
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]44
45neverallow { domain -coredomain } {
46 system_property_type
47 system_internal_property_type
48 -system_restricted_property_type
49 -system_public_property_type
50}:file no_rw_file_perms;
51
52neverallow { domain -coredomain } {
53 system_property_type
54 -system_public_property_type
55}:property_service set;
56
57# init is in coredomain, but should be able to read/write all props.
58# dumpstate is also in coredomain, but should be able to read all props.
59neverallow { coredomain -init -dumpstate } {
60 vendor_property_type
61 vendor_internal_property_type
62 -vendor_restricted_property_type
63 -vendor_public_property_type
64}:file no_rw_file_perms;
65
66neverallow { coredomain -init } {
67 vendor_property_type
68 -vendor_public_property_type
69}:property_service set;
70
71')
72
73# There is no need to perform ioctl or advisory locking operations on
74# property files. If this neverallow is being triggered, it is
75# likely that the policy is using r_file_perms directly instead of
76# the get_prop() macro.
77neverallow domain property_type:file { ioctl lock };
78
79neverallow * {
80 core_property_type
81 -audio_prop
82 -config_prop
83 -cppreopt_prop
84 -dalvik_prop
85 -debuggerd_prop
86 -debug_prop
87 -default_prop
88 -dhcp_prop
89 -dumpstate_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]90 -fingerprint_prop
91 -logd_prop
92 -net_radio_prop
93 -nfc_prop
94 -ota_prop
95 -pan_result_prop
96 -persist_debug_prop
97 -powerctl_prop
98 -radio_prop
99 -restorecon_prop
100 -shell_prop
101 -system_prop
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]102 -usb_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]103 -vold_prop
104}:file no_rw_file_perms;
105
106# sigstop property is only used for debugging; should only be set by su which is permissive
107# for userdebug/eng
108neverallow {
109 domain
110 -init
111 -vendor_init
112} ctl_sigstop_prop:property_service set;
113
114# Don't audit legacy ctl. property handling. We only want the newer permission check to appear
115# in the audit log
116dontaudit domain {
117 ctl_bootanim_prop
118 ctl_bugreport_prop
119 ctl_console_prop
120 ctl_default_prop
121 ctl_dumpstate_prop
122 ctl_fuse_prop
123 ctl_mdnsd_prop
124 ctl_rildaemon_prop
125}:property_service set;
126
127neverallow {
128 domain
129 -init
130} init_svc_debug_prop:property_service set;
131
132neverallow {
133 domain
134 -init
135 -dumpstate
136 userdebug_or_eng(`-su')
137} init_svc_debug_prop:file no_rw_file_perms;
138
139compatible_property_only(`
140# Prevent properties from being set
141 neverallow {
142 domain
143 -coredomain
144 -appdomain
145 -vendor_init
146 } {
147 core_property_type
148 extended_core_property_type
149 exported_config_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]150 exported_default_prop
151 exported_dumpstate_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]152 exported_system_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]153 exported3_system_prop
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]154 usb_control_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]155 -nfc_prop
156 -powerctl_prop
157 -radio_prop
158 }:property_service set;
159
160 neverallow {
161 domain
162 -coredomain
163 -appdomain
164 -hal_nfc_server
165 } {
166 nfc_prop
167 }:property_service set;
168
169 neverallow {
170 domain
171 -coredomain
172 -appdomain
173 -hal_telephony_server
174 -vendor_init
175 } {
Inseob Kimacd02fc2020-07-28 15:17:24 +0900[diff] [blame]176 radio_control_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]177 }:property_service set;
178
179 neverallow {
180 domain
181 -coredomain
182 -appdomain
183 -hal_telephony_server
184 } {
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]185 radio_prop
186 }:property_service set;
187
188 neverallow {
189 domain
190 -coredomain
191 -bluetooth
192 -hal_bluetooth_server
193 } {
194 bluetooth_prop
195 }:property_service set;
196
197 neverallow {
198 domain
199 -coredomain
200 -bluetooth
201 -hal_bluetooth_server
202 -vendor_init
203 } {
204 exported_bluetooth_prop
205 }:property_service set;
206
207 neverallow {
208 domain
209 -coredomain
210 -hal_camera_server
211 -cameraserver
212 -vendor_init
213 } {
214 exported_camera_prop
215 }:property_service set;
216
217 neverallow {
218 domain
219 -coredomain
220 -hal_wifi_server
221 -wificond
222 } {
223 wifi_prop
224 }:property_service set;
225
226 neverallow {
227 domain
Inseob Kim3dbf3d82020-06-25 21:20:42 +0900[diff] [blame]228 -init
229 -dumpstate
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]230 -hal_wifi_server
231 -wificond
232 -vendor_init
233 } {
Inseob Kim3dbf3d82020-06-25 21:20:42 +0900[diff] [blame]234 wifi_hal_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]235 }:property_service set;
236
237# Prevent properties from being read
238 neverallow {
239 domain
240 -coredomain
241 -appdomain
242 -vendor_init
243 } {
244 core_property_type
Inseob Kimd8c39d92020-04-20 19:36:33 +0900[diff] [blame]245 dalvik_config_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]246 extended_core_property_type
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]247 exported3_system_prop
Inseob Kimfd2d6ec2020-04-01 10:01:16 +0900[diff] [blame]248 systemsound_config_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]249 -debug_prop
250 -logd_prop
251 -nfc_prop
252 -powerctl_prop
253 -radio_prop
254 }:file no_rw_file_perms;
255
256 neverallow {
257 domain
258 -coredomain
259 -appdomain
260 -hal_nfc_server
261 } {
262 nfc_prop
263 }:file no_rw_file_perms;
264
265 neverallow {
266 domain
267 -coredomain
268 -appdomain
269 -hal_telephony_server
270 } {
271 radio_prop
272 }:file no_rw_file_perms;
273
274 neverallow {
275 domain
276 -coredomain
277 -bluetooth
278 -hal_bluetooth_server
279 } {
280 bluetooth_prop
281 }:file no_rw_file_perms;
282
283 neverallow {
284 domain
285 -coredomain
286 -hal_wifi_server
287 -wificond
288 } {
289 wifi_prop
290 }:file no_rw_file_perms;
Benjamin Schwartz3e4d97b2020-10-30 13:55:21 -0700[diff] [blame]291
292 neverallow {
293 domain
294 -init
295 } {
296 suspend_prop
297 }:property_service set;
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]298')
299
300compatible_property_only(`
301 # Neverallow coredomain to set vendor properties
302 neverallow {
303 coredomain
304 -init
305 -system_writes_vendor_properties_violators
306 } {
307 property_type
308 -system_property_type
309 -extended_core_property_type
310 }:property_service set;
311')
312
313neverallow {
Inseob Kimbfb37082020-04-27 23:49:15 +0900[diff] [blame]314 -coredomain
315 -vendor_init
316} {
317 ffs_config_prop
318 ffs_control_prop
319}:file no_rw_file_perms;
320
321neverallow {
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]322 -init
323 -system_server
324} {
325 userspace_reboot_log_prop
326}:property_service set;
327
328neverallow {
329 # Only allow init and system_server to set system_adbd_prop
330 -init
331 -system_server
332} {
333 system_adbd_prop
334}:property_service set;
335
Josh Gao0cac6fd2020-10-28 13:56:23 -0700[diff] [blame]336# Let (vendor_)init, adbd, and system_server set service.adb.tcp.port
337neverallow {
338 -init
339 -vendor_init
340 -adbd
341 -system_server
342} {
343 adbd_config_prop
344}:property_service set;
345
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]346neverallow {
347 # Only allow init and adbd to set adbd_prop
348 -init
349 -adbd
350} {
351 adbd_prop
352}:property_service set;
353
354neverallow {
355 # Only allow init and shell to set userspace_reboot_test_prop
356 -init
357 -shell
358} {
359 userspace_reboot_test_prop
360}:property_service set;
Inseob Kim721d9212020-04-24 21:25:17 +0900[diff] [blame]361
362neverallow {
363 -init
364 -system_server
365 -vendor_init
366} {
367 surfaceflinger_color_prop
368}:property_service set;
Inseob Kim9add20f2020-05-06 22:20:35 +0900[diff] [blame]369
370neverallow {
371 -init
372} {
373 libc_debug_prop
374}:property_service set;
Inseob Kim36aeb162020-05-08 20:42:25 +0900[diff] [blame]375
376neverallow {
377 -init
378 -system_server
379 -vendor_init
380} zram_control_prop:property_service set;
Inseob Kim1337e152020-05-12 22:51:48 +0900[diff] [blame]381
382neverallow {
383 -init
384 -system_server
385 -vendor_init
386} dalvik_runtime_prop:property_service set;
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]387
388neverallow {
389 -coredomain
390 -vendor_init
391} {
392 usb_config_prop
393 usb_control_prop
394}:property_service set;
Inseob Kim3b82aec2020-05-14 01:38:40 +0900[diff] [blame]395
396neverallow {
397 -init
398 -system_server
399} {
400 provisioned_prop
401 retaildemo_prop
402}:property_service set;
403
404neverallow {
405 -coredomain
406 -vendor_init
407} {
408 provisioned_prop
409 retaildemo_prop
410}:file no_rw_file_perms;
Inseob Kim15e5e0a2020-05-14 19:43:08 +0900[diff] [blame]411
412neverallow {
413 -init
414} {
415 init_service_status_private_prop
416 init_service_status_prop
417}:property_service set;
Inseob Kimad631702020-05-14 21:47:43 +0900[diff] [blame]418
419neverallow {
420 -init
421 -radio
422 -appdomain
423 -hal_telephony_server
Inseob Kim285da2f2020-06-04 20:29:43 +0900[diff] [blame]424 not_compatible_property(`-vendor_init')
Inseob Kimad631702020-05-14 21:47:43 +0900[diff] [blame]425} telephony_status_prop:property_service set;
Peiyong Lin37dea072020-06-03 12:20:41 -0700[diff] [blame]426
427neverallow {
428 -init
429 -vendor_init
430} {
431 graphics_config_prop
432}:property_service set;
Inseob Kim6ffdf1b2020-06-16 20:00:41 +0900[diff] [blame]433
434neverallow {
Amy Hsu0f352fb2020-06-15 17:04:12 +0800[diff] [blame]435 -init
Midas Chien0d0391f2020-06-17 22:13:21 +0800[diff] [blame]436 -surfaceflinger
Amy Hsu0f352fb2020-06-15 17:04:12 +0800[diff] [blame]437} {
438 surfaceflinger_display_prop
439}:property_service set;
440
Inseob Kim072b0142020-06-16 20:00:41 +0900[diff] [blame]441neverallow {
Inseob Kim5eacf722020-07-01 01:27:49 +0900[diff] [blame]442 -coredomain
443 -appdomain
Inseob Kim6ffdf1b2020-06-16 20:00:41 +0900[diff] [blame]444 -vendor_init
Inseob Kim6ffdf1b2020-06-16 20:00:41 +0900[diff] [blame]445} packagemanager_config_prop:file no_rw_file_perms;
Inseob Kim04f435c2020-07-07 12:46:24 +0900[diff] [blame]446
447neverallow {
448 -coredomain
449 -vendor_init
450} keyguard_config_prop:file no_rw_file_perms;
Alexander Mishkovetsf0be89b2020-07-08 23:11:03 +0200[diff] [blame]451
452neverallow {
453 -init
454} {
455 localization_prop
456}:property_service set;
Inseob Kimc80b0242020-07-16 22:25:47 +0900[diff] [blame]457
458neverallow {
459 -init
460 -vendor_init
461 -dumpstate
462 -system_app
463} oem_unlock_prop:file no_rw_file_perms;
464
465neverallow {
466 -coredomain
467 -vendor_init
468} storagemanager_config_prop:file no_rw_file_perms;
469
470neverallow {
471 -init
472 -vendor_init
473 -dumpstate
474 -appdomain
475} sendbug_config_prop:file no_rw_file_perms;
Inseob Kimc97a97c2020-07-20 20:26:07 +0900[diff] [blame]476
477neverallow {
478 -init
479 -vendor_init
480 -dumpstate
481 -appdomain
482} camera_calibration_prop:file no_rw_file_perms;
Inseob Kim46dd4be2020-08-18 11:25:32 +0900[diff] [blame]483
484neverallow {
485 -init
486 -dumpstate
Jeff Vander Stoep684d25b2020-08-25 11:41:00 +0200[diff] [blame]487 -hal_dumpstate_server
Inseob Kim46dd4be2020-08-18 11:25:32 +0900[diff] [blame]488 not_compatible_property(`-vendor_init')
489} hal_dumpstate_config_prop:file no_rw_file_perms;
Primiano Tuccicd452302020-10-09 09:15:10 +0100[diff] [blame]490
491neverallow {
492 -init
493 userdebug_or_eng(`-traced_probes')
Florian Mayer167407d2020-11-11 11:01:36 +0000[diff] [blame]494 userdebug_or_eng(`-traced_perf')
Primiano Tuccicd452302020-10-09 09:15:10 +0100[diff] [blame]495} {
496 lower_kptr_restrict_prop
497}:property_service set;
Janis Danisevskis202e8632020-10-23 11:16:34 -0700[diff] [blame]498
499# TODO Remove this property when Keystore 2.0 migration is complete b/171563717
500neverallow {
501 -init
502 -dumpstate
503 -system_app
504 -system_server
505 -zygote
506} keystore2_enable_prop:file no_rw_file_perms;
Inseob Kimd5a04482020-11-05 22:17:26 +0900[diff] [blame]507
508neverallow {
509 -init
510} zygote_wrap_prop:property_service set;
511
512neverallow {
513 -init
514} verity_status_prop:property_service set;
515
516neverallow {
517 -init
518} setupwizard_prop:property_service set;
Inseob Kim99855662020-11-12 22:21:51 +0900[diff] [blame]519
520# ro.product.property_source_order is useless after initialization of ro.product.* props.
521# So making it accessible only from init and vendor_init.
522neverallow {
523 -init
524 -dumpstate
525 -vendor_init
526} build_config_prop:file no_rw_file_perms;
Inseob Kim0cef0fe2020-11-17 13:54:52 +0900[diff] [blame^]527
528neverallow {
529 -init
530 -shell
531} sqlite_log_prop:property_service set;
532
533neverallow {
534 -coredomain
535 -appdomain
536} sqlite_log_prop:file no_rw_file_perms;