Blame - private/property.te - android_system_sepolicy

blob: be865f1c431520f949e57467e2dd4f5c54856e28 [file] [log] [blame]

Inseob Kim	55e5c9b	2020-03-04 17:20:35 +0900	[diff] [blame^]	1	###
				2	### Neverallow rules
				3	###
				4
				5	treble_sysprop_neverallow(`
				6
				7	# TODO(b/131162102): uncomment these after assigning ownership attributes to all properties
				8	# neverallow domain {
				9	# property_type
				10	# -system_property_type
				11	# -product_property_type
				12	# -vendor_property_type
				13	# }:file no_rw_file_perms;
				14
				15	neverallow { domain -coredomain } {
				16	system_property_type
				17	system_internal_property_type
				18	-system_restricted_property_type
				19	-system_public_property_type
				20	}:file no_rw_file_perms;
				21
				22	neverallow { domain -coredomain } {
				23	system_property_type
				24	-system_public_property_type
				25	}:property_service set;
				26
				27	# init is in coredomain, but should be able to read/write all props.
				28	# dumpstate is also in coredomain, but should be able to read all props.
				29	neverallow { coredomain -init -dumpstate } {
				30	vendor_property_type
				31	vendor_internal_property_type
				32	-vendor_restricted_property_type
				33	-vendor_public_property_type
				34	}:file no_rw_file_perms;
				35
				36	neverallow { coredomain -init } {
				37	vendor_property_type
				38	-vendor_public_property_type
				39	}:property_service set;
				40
				41	')
				42
				43	# There is no need to perform ioctl or advisory locking operations on
				44	# property files. If this neverallow is being triggered, it is
				45	# likely that the policy is using r_file_perms directly instead of
				46	# the get_prop() macro.
				47	neverallow domain property_type:file { ioctl lock };
				48
				49	neverallow * {
				50	core_property_type
				51	-audio_prop
				52	-config_prop
				53	-cppreopt_prop
				54	-dalvik_prop
				55	-debuggerd_prop
				56	-debug_prop
				57	-default_prop
				58	-dhcp_prop
				59	-dumpstate_prop
				60	-ffs_prop
				61	-fingerprint_prop
				62	-logd_prop
				63	-net_radio_prop
				64	-nfc_prop
				65	-ota_prop
				66	-pan_result_prop
				67	-persist_debug_prop
				68	-powerctl_prop
				69	-radio_prop
				70	-restorecon_prop
				71	-shell_prop
				72	-system_prop
				73	-system_radio_prop
				74	-vold_prop
				75	}:file no_rw_file_perms;
				76
				77	# sigstop property is only used for debugging; should only be set by su which is permissive
				78	# for userdebug/eng
				79	neverallow {
				80	domain
				81	-init
				82	-vendor_init
				83	} ctl_sigstop_prop:property_service set;
				84
				85	# Don't audit legacy ctl. property handling. We only want the newer permission check to appear
				86	# in the audit log
				87	dontaudit domain {
				88	ctl_bootanim_prop
				89	ctl_bugreport_prop
				90	ctl_console_prop
				91	ctl_default_prop
				92	ctl_dumpstate_prop
				93	ctl_fuse_prop
				94	ctl_mdnsd_prop
				95	ctl_rildaemon_prop
				96	}:property_service set;
				97
				98	neverallow {
				99	domain
				100	-init
				101	} init_svc_debug_prop:property_service set;
				102
				103	neverallow {
				104	domain
				105	-init
				106	-dumpstate
				107	userdebug_or_eng(`-su')
				108	} init_svc_debug_prop:file no_rw_file_perms;
				109
				110	compatible_property_only(`
				111	# Prevent properties from being set
				112	neverallow {
				113	domain
				114	-coredomain
				115	-appdomain
				116	-vendor_init
				117	} {
				118	core_property_type
				119	extended_core_property_type
				120	exported_config_prop
				121	exported_dalvik_prop
				122	exported_default_prop
				123	exported_dumpstate_prop
				124	exported_ffs_prop
				125	exported_fingerprint_prop
				126	exported_system_prop
				127	exported_system_radio_prop
				128	exported_vold_prop
				129	exported2_config_prop
				130	exported2_default_prop
				131	exported2_system_prop
				132	exported2_vold_prop
				133	exported3_default_prop
				134	exported3_system_prop
				135	-nfc_prop
				136	-powerctl_prop
				137	-radio_prop
				138	}:property_service set;
				139
				140	neverallow {
				141	domain
				142	-coredomain
				143	-appdomain
				144	-hal_nfc_server
				145	} {
				146	nfc_prop
				147	}:property_service set;
				148
				149	neverallow {
				150	domain
				151	-coredomain
				152	-appdomain
				153	-hal_telephony_server
				154	-vendor_init
				155	} {
				156	exported_radio_prop
				157	exported3_radio_prop
				158	}:property_service set;
				159
				160	neverallow {
				161	domain
				162	-coredomain
				163	-appdomain
				164	-hal_telephony_server
				165	} {
				166	exported2_radio_prop
				167	radio_prop
				168	}:property_service set;
				169
				170	neverallow {
				171	domain
				172	-coredomain
				173	-bluetooth
				174	-hal_bluetooth_server
				175	} {
				176	bluetooth_prop
				177	}:property_service set;
				178
				179	neverallow {
				180	domain
				181	-coredomain
				182	-bluetooth
				183	-hal_bluetooth_server
				184	-vendor_init
				185	} {
				186	exported_bluetooth_prop
				187	}:property_service set;
				188
				189	neverallow {
				190	domain
				191	-coredomain
				192	-hal_camera_server
				193	-cameraserver
				194	-vendor_init
				195	} {
				196	exported_camera_prop
				197	}:property_service set;
				198
				199	neverallow {
				200	domain
				201	-coredomain
				202	-hal_wifi_server
				203	-wificond
				204	} {
				205	wifi_prop
				206	}:property_service set;
				207
				208	neverallow {
				209	domain
				210	-coredomain
				211	-hal_wifi_server
				212	-wificond
				213	-vendor_init
				214	} {
				215	exported_wifi_prop
				216	}:property_service set;
				217
				218	# Prevent properties from being read
				219	neverallow {
				220	domain
				221	-coredomain
				222	-appdomain
				223	-vendor_init
				224	} {
				225	core_property_type
				226	extended_core_property_type
				227	exported_dalvik_prop
				228	exported_ffs_prop
				229	exported_system_radio_prop
				230	exported2_config_prop
				231	exported2_system_prop
				232	exported2_vold_prop
				233	exported3_default_prop
				234	exported3_system_prop
				235	-debug_prop
				236	-logd_prop
				237	-nfc_prop
				238	-powerctl_prop
				239	-radio_prop
				240	}:file no_rw_file_perms;
				241
				242	neverallow {
				243	domain
				244	-coredomain
				245	-appdomain
				246	-hal_nfc_server
				247	} {
				248	nfc_prop
				249	}:file no_rw_file_perms;
				250
				251	neverallow {
				252	domain
				253	-coredomain
				254	-appdomain
				255	-hal_telephony_server
				256	} {
				257	radio_prop
				258	}:file no_rw_file_perms;
				259
				260	neverallow {
				261	domain
				262	-coredomain
				263	-bluetooth
				264	-hal_bluetooth_server
				265	} {
				266	bluetooth_prop
				267	}:file no_rw_file_perms;
				268
				269	neverallow {
				270	domain
				271	-coredomain
				272	-hal_wifi_server
				273	-wificond
				274	} {
				275	wifi_prop
				276	}:file no_rw_file_perms;
				277	')
				278
				279	compatible_property_only(`
				280	# Neverallow coredomain to set vendor properties
				281	neverallow {
				282	coredomain
				283	-init
				284	-system_writes_vendor_properties_violators
				285	} {
				286	property_type
				287	-system_property_type
				288	-extended_core_property_type
				289	}:property_service set;
				290	')
				291
				292	neverallow {
				293	-init
				294	-system_server
				295	} {
				296	userspace_reboot_log_prop
				297	}:property_service set;
				298
				299	neverallow {
				300	# Only allow init and system_server to set system_adbd_prop
				301	-init
				302	-system_server
				303	} {
				304	system_adbd_prop
				305	}:property_service set;
				306
				307	neverallow {
				308	# Only allow init and adbd to set adbd_prop
				309	-init
				310	-adbd
				311	} {
				312	adbd_prop
				313	}:property_service set;
				314
				315	neverallow {
				316	# Only allow init and shell to set userspace_reboot_test_prop
				317	-init
				318	-shell
				319	} {
				320	userspace_reboot_test_prop
				321	}:property_service set;