Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 3e4d97b15818d00f5064507b103e680c6cb85ad3 / . / private / property.te
blob: 10cfb49f77322c6b2c9bf494b61586e9103e17bb [file] [log] [blame]
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]1# Properties used only in /system
2system_internal_prop(adbd_prop)
Yi Kong0ac00722020-10-27 02:29:52 +0800[diff] [blame]3system_internal_prop(device_config_profcollect_native_boot_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]4system_internal_prop(device_config_storage_native_boot_prop)
5system_internal_prop(device_config_sys_traced_prop)
6system_internal_prop(device_config_window_manager_native_boot_prop)
7system_internal_prop(device_config_configuration_prop)
Hongguang Chen91a5f4e2020-04-23 23:43:13 -0700[diff] [blame]8system_internal_prop(fastbootd_protocol_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]9system_internal_prop(gsid_prop)
10system_internal_prop(init_perf_lsm_hooks_prop)
Inseob Kim15e5e0a2020-05-14 19:43:08 +0900[diff] [blame]11system_internal_prop(init_service_status_private_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]12system_internal_prop(init_svc_debug_prop)
13system_internal_prop(last_boot_reason_prop)
Alexander Mishkovetsf0be89b2020-07-08 23:11:03 +0200[diff] [blame]14system_internal_prop(localization_prop)
Primiano Tuccicd452302020-10-09 09:15:10 +0100[diff] [blame]15system_internal_prop(lower_kptr_restrict_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]16system_internal_prop(netd_stable_secret_prop)
17system_internal_prop(pm_prop)
18system_internal_prop(system_adbd_prop)
Benjamin Schwartz3e4d97b2020-10-30 13:55:21 -0700[diff] [blame^]19system_internal_prop(suspend_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]20system_internal_prop(traced_perf_enabled_prop)
21system_internal_prop(userspace_reboot_log_prop)
22system_internal_prop(userspace_reboot_test_prop)
23
Janis Danisevskis202e8632020-10-23 11:16:34 -0700[diff] [blame]24# TODO Remove this property when Keystore 2.0 migration is complete b/171563717
25system_internal_prop(keystore2_enable_prop)
26
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]27###
28### Neverallow rules
29###
30
31treble_sysprop_neverallow(`
32
Inseob Kimafc09932020-09-28 13:32:43 +0900[diff] [blame]33enforce_sysprop_owner(`
34 neverallow domain {
35 property_type
36 -system_property_type
37 -product_property_type
38 -vendor_property_type
39 }:file no_rw_file_perms;
40')
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]41
42neverallow { domain -coredomain } {
43 system_property_type
44 system_internal_property_type
45 -system_restricted_property_type
46 -system_public_property_type
47}:file no_rw_file_perms;
48
49neverallow { domain -coredomain } {
50 system_property_type
51 -system_public_property_type
52}:property_service set;
53
54# init is in coredomain, but should be able to read/write all props.
55# dumpstate is also in coredomain, but should be able to read all props.
56neverallow { coredomain -init -dumpstate } {
57 vendor_property_type
58 vendor_internal_property_type
59 -vendor_restricted_property_type
60 -vendor_public_property_type
61}:file no_rw_file_perms;
62
63neverallow { coredomain -init } {
64 vendor_property_type
65 -vendor_public_property_type
66}:property_service set;
67
68')
69
70# There is no need to perform ioctl or advisory locking operations on
71# property files. If this neverallow is being triggered, it is
72# likely that the policy is using r_file_perms directly instead of
73# the get_prop() macro.
74neverallow domain property_type:file { ioctl lock };
75
76neverallow * {
77 core_property_type
78 -audio_prop
79 -config_prop
80 -cppreopt_prop
81 -dalvik_prop
82 -debuggerd_prop
83 -debug_prop
84 -default_prop
85 -dhcp_prop
86 -dumpstate_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]87 -fingerprint_prop
88 -logd_prop
89 -net_radio_prop
90 -nfc_prop
91 -ota_prop
92 -pan_result_prop
93 -persist_debug_prop
94 -powerctl_prop
95 -radio_prop
96 -restorecon_prop
97 -shell_prop
98 -system_prop
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]99 -usb_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]100 -vold_prop
101}:file no_rw_file_perms;
102
103# sigstop property is only used for debugging; should only be set by su which is permissive
104# for userdebug/eng
105neverallow {
106 domain
107 -init
108 -vendor_init
109} ctl_sigstop_prop:property_service set;
110
111# Don't audit legacy ctl. property handling. We only want the newer permission check to appear
112# in the audit log
113dontaudit domain {
114 ctl_bootanim_prop
115 ctl_bugreport_prop
116 ctl_console_prop
117 ctl_default_prop
118 ctl_dumpstate_prop
119 ctl_fuse_prop
120 ctl_mdnsd_prop
121 ctl_rildaemon_prop
122}:property_service set;
123
124neverallow {
125 domain
126 -init
127} init_svc_debug_prop:property_service set;
128
129neverallow {
130 domain
131 -init
132 -dumpstate
133 userdebug_or_eng(`-su')
134} init_svc_debug_prop:file no_rw_file_perms;
135
136compatible_property_only(`
137# Prevent properties from being set
138 neverallow {
139 domain
140 -coredomain
141 -appdomain
142 -vendor_init
143 } {
144 core_property_type
145 extended_core_property_type
146 exported_config_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]147 exported_default_prop
148 exported_dumpstate_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]149 exported_system_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]150 exported3_system_prop
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]151 usb_control_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]152 -nfc_prop
153 -powerctl_prop
154 -radio_prop
155 }:property_service set;
156
157 neverallow {
158 domain
159 -coredomain
160 -appdomain
161 -hal_nfc_server
162 } {
163 nfc_prop
164 }:property_service set;
165
166 neverallow {
167 domain
168 -coredomain
169 -appdomain
170 -hal_telephony_server
171 -vendor_init
172 } {
Inseob Kimacd02fc2020-07-28 15:17:24 +0900[diff] [blame]173 radio_control_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]174 }:property_service set;
175
176 neverallow {
177 domain
178 -coredomain
179 -appdomain
180 -hal_telephony_server
181 } {
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]182 radio_prop
183 }:property_service set;
184
185 neverallow {
186 domain
187 -coredomain
188 -bluetooth
189 -hal_bluetooth_server
190 } {
191 bluetooth_prop
192 }:property_service set;
193
194 neverallow {
195 domain
196 -coredomain
197 -bluetooth
198 -hal_bluetooth_server
199 -vendor_init
200 } {
201 exported_bluetooth_prop
202 }:property_service set;
203
204 neverallow {
205 domain
206 -coredomain
207 -hal_camera_server
208 -cameraserver
209 -vendor_init
210 } {
211 exported_camera_prop
212 }:property_service set;
213
214 neverallow {
215 domain
216 -coredomain
217 -hal_wifi_server
218 -wificond
219 } {
220 wifi_prop
221 }:property_service set;
222
223 neverallow {
224 domain
Inseob Kim3dbf3d82020-06-25 21:20:42 +0900[diff] [blame]225 -init
226 -dumpstate
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]227 -hal_wifi_server
228 -wificond
229 -vendor_init
230 } {
Inseob Kim3dbf3d82020-06-25 21:20:42 +0900[diff] [blame]231 wifi_hal_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]232 }:property_service set;
233
234# Prevent properties from being read
235 neverallow {
236 domain
237 -coredomain
238 -appdomain
239 -vendor_init
240 } {
241 core_property_type
Inseob Kimd8c39d92020-04-20 19:36:33 +0900[diff] [blame]242 dalvik_config_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]243 extended_core_property_type
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]244 exported3_system_prop
Inseob Kimfd2d6ec2020-04-01 10:01:16 +0900[diff] [blame]245 systemsound_config_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]246 -debug_prop
247 -logd_prop
248 -nfc_prop
249 -powerctl_prop
250 -radio_prop
251 }:file no_rw_file_perms;
252
253 neverallow {
254 domain
255 -coredomain
256 -appdomain
257 -hal_nfc_server
258 } {
259 nfc_prop
260 }:file no_rw_file_perms;
261
262 neverallow {
263 domain
264 -coredomain
265 -appdomain
266 -hal_telephony_server
267 } {
268 radio_prop
269 }:file no_rw_file_perms;
270
271 neverallow {
272 domain
273 -coredomain
274 -bluetooth
275 -hal_bluetooth_server
276 } {
277 bluetooth_prop
278 }:file no_rw_file_perms;
279
280 neverallow {
281 domain
282 -coredomain
283 -hal_wifi_server
284 -wificond
285 } {
286 wifi_prop
287 }:file no_rw_file_perms;
Benjamin Schwartz3e4d97b2020-10-30 13:55:21 -0700[diff] [blame^]288
289 neverallow {
290 domain
291 -init
292 } {
293 suspend_prop
294 }:property_service set;
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]295')
296
297compatible_property_only(`
298 # Neverallow coredomain to set vendor properties
299 neverallow {
300 coredomain
301 -init
302 -system_writes_vendor_properties_violators
303 } {
304 property_type
305 -system_property_type
306 -extended_core_property_type
307 }:property_service set;
308')
309
310neverallow {
Inseob Kimbfb37082020-04-27 23:49:15 +0900[diff] [blame]311 -coredomain
312 -vendor_init
313} {
314 ffs_config_prop
315 ffs_control_prop
316}:file no_rw_file_perms;
317
318neverallow {
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]319 -init
320 -system_server
321} {
322 userspace_reboot_log_prop
323}:property_service set;
324
325neverallow {
326 # Only allow init and system_server to set system_adbd_prop
327 -init
328 -system_server
329} {
330 system_adbd_prop
331}:property_service set;
332
333neverallow {
334 # Only allow init and adbd to set adbd_prop
335 -init
336 -adbd
337} {
338 adbd_prop
339}:property_service set;
340
341neverallow {
342 # Only allow init and shell to set userspace_reboot_test_prop
343 -init
344 -shell
345} {
346 userspace_reboot_test_prop
347}:property_service set;
Inseob Kim721d9212020-04-24 21:25:17 +0900[diff] [blame]348
349neverallow {
350 -init
351 -system_server
352 -vendor_init
353} {
354 surfaceflinger_color_prop
355}:property_service set;
Inseob Kim9add20f2020-05-06 22:20:35 +0900[diff] [blame]356
357neverallow {
358 -init
359} {
360 libc_debug_prop
361}:property_service set;
Inseob Kim36aeb162020-05-08 20:42:25 +0900[diff] [blame]362
363neverallow {
364 -init
365 -system_server
366 -vendor_init
367} zram_control_prop:property_service set;
Inseob Kim1337e152020-05-12 22:51:48 +0900[diff] [blame]368
369neverallow {
370 -init
371 -system_server
372 -vendor_init
373} dalvik_runtime_prop:property_service set;
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]374
375neverallow {
376 -coredomain
377 -vendor_init
378} {
379 usb_config_prop
380 usb_control_prop
381}:property_service set;
Inseob Kim3b82aec2020-05-14 01:38:40 +0900[diff] [blame]382
383neverallow {
384 -init
385 -system_server
386} {
387 provisioned_prop
388 retaildemo_prop
389}:property_service set;
390
391neverallow {
392 -coredomain
393 -vendor_init
394} {
395 provisioned_prop
396 retaildemo_prop
397}:file no_rw_file_perms;
Inseob Kim15e5e0a2020-05-14 19:43:08 +0900[diff] [blame]398
399neverallow {
400 -init
401} {
402 init_service_status_private_prop
403 init_service_status_prop
404}:property_service set;
Inseob Kimad631702020-05-14 21:47:43 +0900[diff] [blame]405
406neverallow {
407 -init
408 -radio
409 -appdomain
410 -hal_telephony_server
Inseob Kim285da2f2020-06-04 20:29:43 +0900[diff] [blame]411 not_compatible_property(`-vendor_init')
Inseob Kimad631702020-05-14 21:47:43 +0900[diff] [blame]412} telephony_status_prop:property_service set;
Peiyong Lin37dea072020-06-03 12:20:41 -0700[diff] [blame]413
414neverallow {
415 -init
416 -vendor_init
417} {
418 graphics_config_prop
419}:property_service set;
Inseob Kim6ffdf1b2020-06-16 20:00:41 +0900[diff] [blame]420
421neverallow {
Amy Hsu0f352fb2020-06-15 17:04:12 +0800[diff] [blame]422 -init
Midas Chien0d0391f2020-06-17 22:13:21 +0800[diff] [blame]423 -surfaceflinger
Amy Hsu0f352fb2020-06-15 17:04:12 +0800[diff] [blame]424} {
425 surfaceflinger_display_prop
426}:property_service set;
427
Inseob Kim072b0142020-06-16 20:00:41 +0900[diff] [blame]428neverallow {
Inseob Kim5eacf722020-07-01 01:27:49 +0900[diff] [blame]429 -coredomain
430 -appdomain
Inseob Kim6ffdf1b2020-06-16 20:00:41 +0900[diff] [blame]431 -vendor_init
Inseob Kim6ffdf1b2020-06-16 20:00:41 +0900[diff] [blame]432} packagemanager_config_prop:file no_rw_file_perms;
Inseob Kim04f435c2020-07-07 12:46:24 +0900[diff] [blame]433
434neverallow {
435 -coredomain
436 -vendor_init
437} keyguard_config_prop:file no_rw_file_perms;
Alexander Mishkovetsf0be89b2020-07-08 23:11:03 +0200[diff] [blame]438
439neverallow {
440 -init
441} {
442 localization_prop
443}:property_service set;
Inseob Kimc80b0242020-07-16 22:25:47 +0900[diff] [blame]444
445neverallow {
446 -init
447 -vendor_init
448 -dumpstate
449 -system_app
450} oem_unlock_prop:file no_rw_file_perms;
451
452neverallow {
453 -coredomain
454 -vendor_init
455} storagemanager_config_prop:file no_rw_file_perms;
456
457neverallow {
458 -init
459 -vendor_init
460 -dumpstate
461 -appdomain
462} sendbug_config_prop:file no_rw_file_perms;
Inseob Kimc97a97c2020-07-20 20:26:07 +0900[diff] [blame]463
464neverallow {
465 -init
466 -vendor_init
467 -dumpstate
468 -appdomain
469} camera_calibration_prop:file no_rw_file_perms;
Inseob Kim46dd4be2020-08-18 11:25:32 +0900[diff] [blame]470
471neverallow {
472 -init
473 -dumpstate
Jeff Vander Stoep684d25b2020-08-25 11:41:00 +0200[diff] [blame]474 -hal_dumpstate_server
Inseob Kim46dd4be2020-08-18 11:25:32 +0900[diff] [blame]475 not_compatible_property(`-vendor_init')
476} hal_dumpstate_config_prop:file no_rw_file_perms;
Primiano Tuccicd452302020-10-09 09:15:10 +0100[diff] [blame]477
478neverallow {
479 -init
480 userdebug_or_eng(`-traced_probes')
481} {
482 lower_kptr_restrict_prop
483}:property_service set;
Janis Danisevskis202e8632020-10-23 11:16:34 -0700[diff] [blame]484
485# TODO Remove this property when Keystore 2.0 migration is complete b/171563717
486neverallow {
487 -init
488 -dumpstate
489 -system_app
490 -system_server
491 -zygote
492} keystore2_enable_prop:file no_rw_file_perms;