Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 202e8636ac025fb6d0e293889f106ffab81820af / . / private / property.te
blob: bf73c3d656a20d39d348a464ba63fc30f6d525de [file] [log] [blame]
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]1# Properties used only in /system
2system_internal_prop(adbd_prop)
Yi Kong0ac00722020-10-27 02:29:52 +0800[diff] [blame]3system_internal_prop(device_config_profcollect_native_boot_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]4system_internal_prop(device_config_storage_native_boot_prop)
5system_internal_prop(device_config_sys_traced_prop)
6system_internal_prop(device_config_window_manager_native_boot_prop)
7system_internal_prop(device_config_configuration_prop)
Hongguang Chen91a5f4e2020-04-23 23:43:13 -0700[diff] [blame]8system_internal_prop(fastbootd_protocol_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]9system_internal_prop(gsid_prop)
10system_internal_prop(init_perf_lsm_hooks_prop)
Inseob Kim15e5e0a2020-05-14 19:43:08 +0900[diff] [blame]11system_internal_prop(init_service_status_private_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]12system_internal_prop(init_svc_debug_prop)
13system_internal_prop(last_boot_reason_prop)
Alexander Mishkovetsf0be89b2020-07-08 23:11:03 +0200[diff] [blame]14system_internal_prop(localization_prop)
Primiano Tuccicd452302020-10-09 09:15:10 +0100[diff] [blame]15system_internal_prop(lower_kptr_restrict_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]16system_internal_prop(netd_stable_secret_prop)
17system_internal_prop(pm_prop)
18system_internal_prop(system_adbd_prop)
19system_internal_prop(traced_perf_enabled_prop)
20system_internal_prop(userspace_reboot_log_prop)
21system_internal_prop(userspace_reboot_test_prop)
22
Janis Danisevskis202e8632020-10-23 11:16:34 -0700[diff] [blame^]23# TODO Remove this property when Keystore 2.0 migration is complete b/171563717
24system_internal_prop(keystore2_enable_prop)
25
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]26###
27### Neverallow rules
28###
29
30treble_sysprop_neverallow(`
31
Inseob Kimafc09932020-09-28 13:32:43 +0900[diff] [blame]32enforce_sysprop_owner(`
33 neverallow domain {
34 property_type
35 -system_property_type
36 -product_property_type
37 -vendor_property_type
38 }:file no_rw_file_perms;
39')
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]40
41neverallow { domain -coredomain } {
42 system_property_type
43 system_internal_property_type
44 -system_restricted_property_type
45 -system_public_property_type
46}:file no_rw_file_perms;
47
48neverallow { domain -coredomain } {
49 system_property_type
50 -system_public_property_type
51}:property_service set;
52
53# init is in coredomain, but should be able to read/write all props.
54# dumpstate is also in coredomain, but should be able to read all props.
55neverallow { coredomain -init -dumpstate } {
56 vendor_property_type
57 vendor_internal_property_type
58 -vendor_restricted_property_type
59 -vendor_public_property_type
60}:file no_rw_file_perms;
61
62neverallow { coredomain -init } {
63 vendor_property_type
64 -vendor_public_property_type
65}:property_service set;
66
67')
68
69# There is no need to perform ioctl or advisory locking operations on
70# property files. If this neverallow is being triggered, it is
71# likely that the policy is using r_file_perms directly instead of
72# the get_prop() macro.
73neverallow domain property_type:file { ioctl lock };
74
75neverallow * {
76 core_property_type
77 -audio_prop
78 -config_prop
79 -cppreopt_prop
80 -dalvik_prop
81 -debuggerd_prop
82 -debug_prop
83 -default_prop
84 -dhcp_prop
85 -dumpstate_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]86 -fingerprint_prop
87 -logd_prop
88 -net_radio_prop
89 -nfc_prop
90 -ota_prop
91 -pan_result_prop
92 -persist_debug_prop
93 -powerctl_prop
94 -radio_prop
95 -restorecon_prop
96 -shell_prop
97 -system_prop
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]98 -usb_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]99 -vold_prop
100}:file no_rw_file_perms;
101
102# sigstop property is only used for debugging; should only be set by su which is permissive
103# for userdebug/eng
104neverallow {
105 domain
106 -init
107 -vendor_init
108} ctl_sigstop_prop:property_service set;
109
110# Don't audit legacy ctl. property handling. We only want the newer permission check to appear
111# in the audit log
112dontaudit domain {
113 ctl_bootanim_prop
114 ctl_bugreport_prop
115 ctl_console_prop
116 ctl_default_prop
117 ctl_dumpstate_prop
118 ctl_fuse_prop
119 ctl_mdnsd_prop
120 ctl_rildaemon_prop
121}:property_service set;
122
123neverallow {
124 domain
125 -init
126} init_svc_debug_prop:property_service set;
127
128neverallow {
129 domain
130 -init
131 -dumpstate
132 userdebug_or_eng(`-su')
133} init_svc_debug_prop:file no_rw_file_perms;
134
135compatible_property_only(`
136# Prevent properties from being set
137 neverallow {
138 domain
139 -coredomain
140 -appdomain
141 -vendor_init
142 } {
143 core_property_type
144 extended_core_property_type
145 exported_config_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]146 exported_default_prop
147 exported_dumpstate_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]148 exported_system_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]149 exported3_system_prop
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]150 usb_control_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]151 -nfc_prop
152 -powerctl_prop
153 -radio_prop
154 }:property_service set;
155
156 neverallow {
157 domain
158 -coredomain
159 -appdomain
160 -hal_nfc_server
161 } {
162 nfc_prop
163 }:property_service set;
164
165 neverallow {
166 domain
167 -coredomain
168 -appdomain
169 -hal_telephony_server
170 -vendor_init
171 } {
Inseob Kimacd02fc2020-07-28 15:17:24 +0900[diff] [blame]172 radio_control_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]173 }:property_service set;
174
175 neverallow {
176 domain
177 -coredomain
178 -appdomain
179 -hal_telephony_server
180 } {
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]181 radio_prop
182 }:property_service set;
183
184 neverallow {
185 domain
186 -coredomain
187 -bluetooth
188 -hal_bluetooth_server
189 } {
190 bluetooth_prop
191 }:property_service set;
192
193 neverallow {
194 domain
195 -coredomain
196 -bluetooth
197 -hal_bluetooth_server
198 -vendor_init
199 } {
200 exported_bluetooth_prop
201 }:property_service set;
202
203 neverallow {
204 domain
205 -coredomain
206 -hal_camera_server
207 -cameraserver
208 -vendor_init
209 } {
210 exported_camera_prop
211 }:property_service set;
212
213 neverallow {
214 domain
215 -coredomain
216 -hal_wifi_server
217 -wificond
218 } {
219 wifi_prop
220 }:property_service set;
221
222 neverallow {
223 domain
Inseob Kim3dbf3d82020-06-25 21:20:42 +0900[diff] [blame]224 -init
225 -dumpstate
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]226 -hal_wifi_server
227 -wificond
228 -vendor_init
229 } {
Inseob Kim3dbf3d82020-06-25 21:20:42 +0900[diff] [blame]230 wifi_hal_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]231 }:property_service set;
232
233# Prevent properties from being read
234 neverallow {
235 domain
236 -coredomain
237 -appdomain
238 -vendor_init
239 } {
240 core_property_type
Inseob Kimd8c39d92020-04-20 19:36:33 +0900[diff] [blame]241 dalvik_config_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]242 extended_core_property_type
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]243 exported3_system_prop
Inseob Kimfd2d6ec2020-04-01 10:01:16 +0900[diff] [blame]244 systemsound_config_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]245 -debug_prop
246 -logd_prop
247 -nfc_prop
248 -powerctl_prop
249 -radio_prop
250 }:file no_rw_file_perms;
251
252 neverallow {
253 domain
254 -coredomain
255 -appdomain
256 -hal_nfc_server
257 } {
258 nfc_prop
259 }:file no_rw_file_perms;
260
261 neverallow {
262 domain
263 -coredomain
264 -appdomain
265 -hal_telephony_server
266 } {
267 radio_prop
268 }:file no_rw_file_perms;
269
270 neverallow {
271 domain
272 -coredomain
273 -bluetooth
274 -hal_bluetooth_server
275 } {
276 bluetooth_prop
277 }:file no_rw_file_perms;
278
279 neverallow {
280 domain
281 -coredomain
282 -hal_wifi_server
283 -wificond
284 } {
285 wifi_prop
286 }:file no_rw_file_perms;
287')
288
289compatible_property_only(`
290 # Neverallow coredomain to set vendor properties
291 neverallow {
292 coredomain
293 -init
294 -system_writes_vendor_properties_violators
295 } {
296 property_type
297 -system_property_type
298 -extended_core_property_type
299 }:property_service set;
300')
301
302neverallow {
Inseob Kimbfb37082020-04-27 23:49:15 +0900[diff] [blame]303 -coredomain
304 -vendor_init
305} {
306 ffs_config_prop
307 ffs_control_prop
308}:file no_rw_file_perms;
309
310neverallow {
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]311 -init
312 -system_server
313} {
314 userspace_reboot_log_prop
315}:property_service set;
316
317neverallow {
318 # Only allow init and system_server to set system_adbd_prop
319 -init
320 -system_server
321} {
322 system_adbd_prop
323}:property_service set;
324
325neverallow {
326 # Only allow init and adbd to set adbd_prop
327 -init
328 -adbd
329} {
330 adbd_prop
331}:property_service set;
332
333neverallow {
334 # Only allow init and shell to set userspace_reboot_test_prop
335 -init
336 -shell
337} {
338 userspace_reboot_test_prop
339}:property_service set;
Inseob Kim721d9212020-04-24 21:25:17 +0900[diff] [blame]340
341neverallow {
342 -init
343 -system_server
344 -vendor_init
345} {
346 surfaceflinger_color_prop
347}:property_service set;
Inseob Kim9add20f2020-05-06 22:20:35 +0900[diff] [blame]348
349neverallow {
350 -init
351} {
352 libc_debug_prop
353}:property_service set;
Inseob Kim36aeb162020-05-08 20:42:25 +0900[diff] [blame]354
355neverallow {
356 -init
357 -system_server
358 -vendor_init
359} zram_control_prop:property_service set;
Inseob Kim1337e152020-05-12 22:51:48 +0900[diff] [blame]360
361neverallow {
362 -init
363 -system_server
364 -vendor_init
365} dalvik_runtime_prop:property_service set;
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]366
367neverallow {
368 -coredomain
369 -vendor_init
370} {
371 usb_config_prop
372 usb_control_prop
373}:property_service set;
Inseob Kim3b82aec2020-05-14 01:38:40 +0900[diff] [blame]374
375neverallow {
376 -init
377 -system_server
378} {
379 provisioned_prop
380 retaildemo_prop
381}:property_service set;
382
383neverallow {
384 -coredomain
385 -vendor_init
386} {
387 provisioned_prop
388 retaildemo_prop
389}:file no_rw_file_perms;
Inseob Kim15e5e0a2020-05-14 19:43:08 +0900[diff] [blame]390
391neverallow {
392 -init
393} {
394 init_service_status_private_prop
395 init_service_status_prop
396}:property_service set;
Inseob Kimad631702020-05-14 21:47:43 +0900[diff] [blame]397
398neverallow {
399 -init
400 -radio
401 -appdomain
402 -hal_telephony_server
Inseob Kim285da2f2020-06-04 20:29:43 +0900[diff] [blame]403 not_compatible_property(`-vendor_init')
Inseob Kimad631702020-05-14 21:47:43 +0900[diff] [blame]404} telephony_status_prop:property_service set;
Peiyong Lin37dea072020-06-03 12:20:41 -0700[diff] [blame]405
406neverallow {
407 -init
408 -vendor_init
409} {
410 graphics_config_prop
411}:property_service set;
Inseob Kim6ffdf1b2020-06-16 20:00:41 +0900[diff] [blame]412
413neverallow {
Amy Hsu0f352fb2020-06-15 17:04:12 +0800[diff] [blame]414 -init
Midas Chien0d0391f2020-06-17 22:13:21 +0800[diff] [blame]415 -surfaceflinger
Amy Hsu0f352fb2020-06-15 17:04:12 +0800[diff] [blame]416} {
417 surfaceflinger_display_prop
418}:property_service set;
419
Inseob Kim072b0142020-06-16 20:00:41 +0900[diff] [blame]420neverallow {
Inseob Kim5eacf722020-07-01 01:27:49 +0900[diff] [blame]421 -coredomain
422 -appdomain
Inseob Kim6ffdf1b2020-06-16 20:00:41 +0900[diff] [blame]423 -vendor_init
Inseob Kim6ffdf1b2020-06-16 20:00:41 +0900[diff] [blame]424} packagemanager_config_prop:file no_rw_file_perms;
Inseob Kim04f435c2020-07-07 12:46:24 +0900[diff] [blame]425
426neverallow {
427 -coredomain
428 -vendor_init
429} keyguard_config_prop:file no_rw_file_perms;
Alexander Mishkovetsf0be89b2020-07-08 23:11:03 +0200[diff] [blame]430
431neverallow {
432 -init
433} {
434 localization_prop
435}:property_service set;
Inseob Kimc80b0242020-07-16 22:25:47 +0900[diff] [blame]436
437neverallow {
438 -init
439 -vendor_init
440 -dumpstate
441 -system_app
442} oem_unlock_prop:file no_rw_file_perms;
443
444neverallow {
445 -coredomain
446 -vendor_init
447} storagemanager_config_prop:file no_rw_file_perms;
448
449neverallow {
450 -init
451 -vendor_init
452 -dumpstate
453 -appdomain
454} sendbug_config_prop:file no_rw_file_perms;
Inseob Kimc97a97c2020-07-20 20:26:07 +0900[diff] [blame]455
456neverallow {
457 -init
458 -vendor_init
459 -dumpstate
460 -appdomain
461} camera_calibration_prop:file no_rw_file_perms;
Inseob Kim46dd4be2020-08-18 11:25:32 +0900[diff] [blame]462
463neverallow {
464 -init
465 -dumpstate
Jeff Vander Stoep684d25b2020-08-25 11:41:00 +0200[diff] [blame]466 -hal_dumpstate_server
Inseob Kim46dd4be2020-08-18 11:25:32 +0900[diff] [blame]467 not_compatible_property(`-vendor_init')
468} hal_dumpstate_config_prop:file no_rw_file_perms;
Primiano Tuccicd452302020-10-09 09:15:10 +0100[diff] [blame]469
470neverallow {
471 -init
472 userdebug_or_eng(`-traced_probes')
473} {
474 lower_kptr_restrict_prop
475}:property_service set;
Janis Danisevskis202e8632020-10-23 11:16:34 -0700[diff] [blame^]476
477# TODO Remove this property when Keystore 2.0 migration is complete b/171563717
478neverallow {
479 -init
480 -dumpstate
481 -system_app
482 -system_server
483 -zygote
484} keystore2_enable_prop:file no_rw_file_perms;