Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / c531cfc44e9c1d92cbcd32210e6e6347cdd0f7e7 / . / private / property.te
blob: 016a79b045f7f78368e5a5b21352cca87b228409 [file] [log] [blame]
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]1# Properties used only in /system
2system_internal_prop(adbd_prop)
Richard Fung0c7c2672021-11-08 20:09:54 +0000[diff] [blame]3system_internal_prop(apexd_payload_metadata_prop)
David Anderson09bb9442020-11-13 00:45:59 -0800[diff] [blame]4system_internal_prop(ctl_snapuserd_prop)
Harshit Mahajan7740a472024-02-01 13:00:46 +0000[diff] [blame]5system_internal_prop(crashrecovery_prop)
Ben Murdochd3104972024-08-23 13:10:51 +0000[diff] [blame]6system_internal_prop(debug_tracing_desktop_mode_visible_tasks_prop)
Dennis Shen3b8c57f2023-07-25 20:15:02 +0000[diff] [blame]7system_internal_prop(device_config_core_experiments_team_internal_prop)
Suren Baghdasaryan592e06c2021-08-04 12:31:43 -0700[diff] [blame]8system_internal_prop(device_config_lmkd_native_prop)
Kalesh Singh9e257142022-04-06 14:31:26 -0700[diff] [blame]9system_internal_prop(device_config_mglru_native_prop)
Yi Kong0ac00722020-10-27 02:29:52 +0800[diff] [blame]10system_internal_prop(device_config_profcollect_native_boot_prop)
Vikram Gaure1c49f52022-09-29 21:20:22 +0000[diff] [blame]11system_internal_prop(device_config_remote_key_provisioning_native_prop)
Tej Singhdd0988f2020-11-17 19:26:23 -0800[diff] [blame]12system_internal_prop(device_config_statsd_native_prop)
13system_internal_prop(device_config_statsd_native_boot_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]14system_internal_prop(device_config_storage_native_boot_prop)
15system_internal_prop(device_config_sys_traced_prop)
16system_internal_prop(device_config_window_manager_native_boot_prop)
17system_internal_prop(device_config_configuration_prop)
Xiao Ma2d6c9f02021-02-02 10:27:38 +0000[diff] [blame]18system_internal_prop(device_config_connectivity_prop)
Nick Chalko81a4dd42021-02-11 09:12:51 -0800[diff] [blame]19system_internal_prop(device_config_swcodec_native_prop)
Motomu Utsumi24732622023-05-11 19:36:18 +0900[diff] [blame]20system_internal_prop(device_config_tethering_u_or_later_native_prop)
Alexander Potapenko0a64d102022-01-28 19:48:27 +0100[diff] [blame]21system_internal_prop(dmesgd_start_prop)
Hongguang Chen91a5f4e2020-04-23 23:43:13 -0700[diff] [blame]22system_internal_prop(fastbootd_protocol_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]23system_internal_prop(gsid_prop)
24system_internal_prop(init_perf_lsm_hooks_prop)
Inseob Kim15e5e0a2020-05-14 19:43:08 +0900[diff] [blame]25system_internal_prop(init_service_status_private_prop)
Suren Baghdasaryan9fdb2982022-09-07 13:13:47 -0700[diff] [blame]26system_internal_prop(init_storage_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]27system_internal_prop(init_svc_debug_prop)
Alice Ryhl6b9aa6d2024-02-21 15:18:14 +0000[diff] [blame]28system_internal_prop(kcmdline_prop)
Hasini Gunasinghe4fa6b1a2021-07-02 23:14:50 +0000[diff] [blame]29system_internal_prop(keystore_crash_prop)
Paul Crowleyb0c55712021-02-23 08:40:05 -0800[diff] [blame]30system_internal_prop(keystore_listen_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]31system_internal_prop(last_boot_reason_prop)
Alexander Mishkovetsf0be89b2020-07-08 23:11:03 +0200[diff] [blame]32system_internal_prop(localization_prop)
Snild Dolkowef0f3692023-11-10 10:58:01 +0100[diff] [blame]33system_internal_prop(logd_auditrate_prop)
Primiano Tuccicd452302020-10-09 09:15:10 +0100[diff] [blame]34system_internal_prop(lower_kptr_restrict_prop)
Lorenzo Colitti082ebd22021-03-10 14:45:07 +0900[diff] [blame]35system_internal_prop(net_464xlat_fromvendor_prop)
Lorenzo Colitti26d3d4a2021-03-10 15:31:36 +0900[diff] [blame]36system_internal_prop(net_connectivity_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]37system_internal_prop(netd_stable_secret_prop)
Dennis Shenbb028e32023-09-29 17:28:28 +0000[diff] [blame]38system_internal_prop(next_boot_prop)
Martijn Coenenf2e4ee62021-03-16 08:34:30 +0100[diff] [blame]39system_internal_prop(odsign_prop)
Steven Moreland9f41fc02024-02-16 22:38:26 +0000[diff] [blame]40system_internal_prop(misctrl_prop)
Michael Rosenfeld3ccbebb2021-02-10 18:45:35 -0800[diff] [blame]41system_internal_prop(perf_drop_caches_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]42system_internal_prop(pm_prop)
Yi Kong9b658452021-03-22 22:02:22 +0800[diff] [blame]43system_internal_prop(profcollectd_node_id_prop)
Nazaninb373dd02021-04-29 21:52:42 -0700[diff] [blame]44system_internal_prop(radio_cdma_ecm_prop)
Andrew Sculledba76d2022-10-31 18:27:29 +0000[diff] [blame]45system_internal_prop(remote_prov_prop)
JW Wang0f8cf042021-02-24 14:29:06 +0800[diff] [blame]46system_internal_prop(rollback_test_prop)
Inseob Kimd5a04482020-11-05 22:17:26 +0900[diff] [blame]47system_internal_prop(setupwizard_prop)
Jiakai Zhangb9cf68a2024-03-08 18:36:03 +0000[diff] [blame]48system_internal_prop(snapshotctl_prop)
David Andersonbf5b6ce2021-07-26 15:03:11 -0700[diff] [blame]49system_internal_prop(snapuserd_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]50system_internal_prop(system_adbd_prop)
Mikhail Naganov8b69e5f2024-02-14 18:53:37 +0000[diff] [blame]51system_internal_prop(system_audio_config_prop)
Neil Fullerbbb00fa2022-09-23 14:10:35 +0100[diff] [blame]52system_internal_prop(timezone_metadata_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]53system_internal_prop(traced_perf_enabled_prop)
Yu-Ting Tseng43cae4e2023-12-15 00:48:23 +0000[diff] [blame]54system_internal_prop(uprobestats_start_with_config_prop)
Hongguang95155592022-08-09 14:57:02 -0700[diff] [blame]55system_internal_prop(tuner_server_ctl_prop)
Inseob Kimbbae4a92020-03-19 17:49:08 +0900[diff] [blame]56system_internal_prop(userspace_reboot_log_prop)
57system_internal_prop(userspace_reboot_test_prop)
Inseob Kimd5a04482020-11-05 22:17:26 +0900[diff] [blame]58system_internal_prop(verity_status_prop)
59system_internal_prop(zygote_wrap_prop)
hkuangde370e52021-05-14 12:52:54 -0700[diff] [blame]60system_internal_prop(ctl_mediatranscoding_prop)
Martijn Coenen5f21a0f2021-07-27 13:47:42 +0200[diff] [blame]61system_internal_prop(ctl_odsign_prop)
Jiyong Parkb804de22021-09-16 21:06:20 +0900[diff] [blame]62system_internal_prop(virtualizationservice_prop)
Jooyung Hanccfb0ef2022-07-07 15:42:39 +0900[diff] [blame]63system_internal_prop(ctl_apex_load_prop)
Pontus Lidman0af0e712023-07-20 19:09:48 +0000[diff] [blame]64system_internal_prop(sensors_config_prop)
Jaewan Kim4183cbb2023-08-31 07:58:08 +0000[diff] [blame]65system_internal_prop(hypervisor_pvmfw_prop)
66system_internal_prop(hypervisor_virtualizationmanager_prop)
Andy Yue2fb30d2023-10-19 17:43:51 -0700[diff] [blame]67system_internal_prop(game_manager_config_prop)
Devin Moore01b91e72023-11-30 23:06:43 +0000[diff] [blame]68system_internal_prop(hidl_memory_prop)
Radu Solea82db3432023-12-01 10:07:28 -0800[diff] [blame]69system_internal_prop(suspend_debug_prop)
tyiud60859a2024-06-21 18:15:46 +0000[diff] [blame]70system_internal_prop(system_service_enable_prop)
Jiakai Zhang261199f2024-08-29 19:12:15 +0100[diff] [blame]71system_internal_prop(ctl_artd_pre_reboot_prop)
Pontus Lidman0af0e712023-07-20 19:09:48 +0000[diff] [blame]72
Pawan Wagh3d9b0122024-07-08 22:50:33 +0000[diff] [blame]73
Andrew Scullaedd65a2021-10-08 12:13:46 +0000[diff] [blame]74# Properties which can't be written outside system
Kalesh Singhf3fb64a2024-08-28 16:53:37 +0000[diff] [blame]75system_restricted_prop(bionic_linker_16kb_app_compat_prop)
Andrew Scullaedd65a2021-10-08 12:13:46 +0000[diff] [blame]76system_restricted_prop(device_config_virtualization_framework_native_prop)
Kelvin Zhang7babcdb2024-05-30 19:11:07 +0000[diff] [blame]77system_restricted_prop(fstype_prop)
Jiyong Parkc4f84bc2022-09-18 23:09:53 +0900[diff] [blame]78system_restricted_prop(log_file_logger_prop)
Alexander Roederer829d9742023-03-23 02:19:22 +0000[diff] [blame]79system_restricted_prop(persist_sysui_builder_extras_prop)
Alexander Roederer584a8622023-05-31 21:25:50 +0000[diff] [blame]80system_restricted_prop(persist_sysui_ranking_update_prop)
Pawan Wagh3d9b0122024-07-08 22:50:33 +0000[diff] [blame]81system_restricted_prop(page_size_prop)
Andrew Scullaedd65a2021-10-08 12:13:46 +0000[diff] [blame]82
Ted Wangc531cfc2024-09-16 10:49:32 +0000[diff] [blame^]83# Properties with no restrictions
84until_board_api(202504, `
85 system_public_prop(bluetooth_finder_prop)
86')
87
Vadim Caen1d81f872024-08-19 15:08:35 +0200[diff] [blame]88# These types will be public starting at board api 202504
89until_board_api(202504, `
90 system_restricted_prop(enable_16k_pages_prop)
91 system_restricted_prop(profcollectd_etr_prop)
92')
93
Alice Wang3d9ce1a2024-06-07 09:07:34 +0000[diff] [blame]94# Properties which should only be written by vendor_init
95system_vendor_config_prop(avf_virtualizationservice_prop)
Miranda Huangd07ee242024-08-16 22:42:40 +0000[diff] [blame]96system_vendor_config_prop(high_barometer_quality_prop)
Alice Wang3d9ce1a2024-06-07 09:07:34 +0000[diff] [blame]97
Inseob Kim75806ef2024-03-27 17:18:41 +0900[diff] [blame]98typeattribute log_prop log_property_type;
99typeattribute log_tag_prop log_property_type;
100typeattribute wifi_log_prop log_property_type;
101
102allow property_type tmpfs:filesystem associate;
103
104# core_property_type should not be used for new properties or
105# device specific properties. Properties with this attribute
106# are readable to everyone, which is overly broad and should
107# be avoided.
108# New properties should have appropriate read / write access
109# control rules written.
110
111typeattribute audio_prop core_property_type;
112typeattribute config_prop core_property_type;
113typeattribute cppreopt_prop core_property_type;
114typeattribute dalvik_prop core_property_type;
115typeattribute debuggerd_prop core_property_type;
116typeattribute debug_prop core_property_type;
117typeattribute dhcp_prop core_property_type;
118typeattribute dumpstate_prop core_property_type;
119typeattribute logd_prop core_property_type;
120typeattribute net_radio_prop core_property_type;
121typeattribute nfc_prop core_property_type;
122typeattribute ota_prop core_property_type;
123typeattribute pan_result_prop core_property_type;
124typeattribute persist_debug_prop core_property_type;
125typeattribute powerctl_prop core_property_type;
126typeattribute radio_prop core_property_type;
127typeattribute restorecon_prop core_property_type;
128typeattribute shell_prop core_property_type;
129typeattribute system_prop core_property_type;
130typeattribute usb_prop core_property_type;
131typeattribute vold_prop core_property_type;
132
133typeattribute dalvik_config_prop dalvik_config_prop_type;
134typeattribute dalvik_dynamic_config_prop dalvik_config_prop_type;
135
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]136###
137### Neverallow rules
138###
139
140treble_sysprop_neverallow(`
141
Inseob Kimafc09932020-09-28 13:32:43 +0900[diff] [blame]142enforce_sysprop_owner(`
143 neverallow domain {
144 property_type
145 -system_property_type
146 -product_property_type
147 -vendor_property_type
148 }:file no_rw_file_perms;
149')
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]150
151neverallow { domain -coredomain } {
152 system_property_type
153 system_internal_property_type
154 -system_restricted_property_type
155 -system_public_property_type
156}:file no_rw_file_perms;
157
158neverallow { domain -coredomain } {
159 system_property_type
160 -system_public_property_type
161}:property_service set;
162
163# init is in coredomain, but should be able to read/write all props.
164# dumpstate is also in coredomain, but should be able to read all props.
165neverallow { coredomain -init -dumpstate } {
166 vendor_property_type
167 vendor_internal_property_type
168 -vendor_restricted_property_type
169 -vendor_public_property_type
170}:file no_rw_file_perms;
171
172neverallow { coredomain -init } {
173 vendor_property_type
174 -vendor_public_property_type
175}:property_service set;
176
177')
178
179# There is no need to perform ioctl or advisory locking operations on
180# property files. If this neverallow is being triggered, it is
181# likely that the policy is using r_file_perms directly instead of
182# the get_prop() macro.
183neverallow domain property_type:file { ioctl lock };
184
185neverallow * {
186 core_property_type
187 -audio_prop
188 -config_prop
189 -cppreopt_prop
190 -dalvik_prop
191 -debuggerd_prop
192 -debug_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]193 -dhcp_prop
194 -dumpstate_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]195 -fingerprint_prop
196 -logd_prop
197 -net_radio_prop
198 -nfc_prop
199 -ota_prop
200 -pan_result_prop
201 -persist_debug_prop
202 -powerctl_prop
203 -radio_prop
204 -restorecon_prop
205 -shell_prop
206 -system_prop
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]207 -usb_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]208 -vold_prop
209}:file no_rw_file_perms;
210
211# sigstop property is only used for debugging; should only be set by su which is permissive
212# for userdebug/eng
213neverallow {
214 domain
215 -init
216 -vendor_init
217} ctl_sigstop_prop:property_service set;
218
219# Don't audit legacy ctl. property handling. We only want the newer permission check to appear
220# in the audit log
221dontaudit domain {
222 ctl_bootanim_prop
223 ctl_bugreport_prop
224 ctl_console_prop
225 ctl_default_prop
226 ctl_dumpstate_prop
227 ctl_fuse_prop
228 ctl_mdnsd_prop
229 ctl_rildaemon_prop
230}:property_service set;
231
232neverallow {
233 domain
234 -init
Suren Baghdasaryan9fdb2982022-09-07 13:13:47 -0700[diff] [blame]235 -extra_free_kbytes
236} init_storage_prop:property_service set;
237
238neverallow {
239 domain
240 -init
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]241} init_svc_debug_prop:property_service set;
242
243neverallow {
244 domain
245 -init
246 -dumpstate
247 userdebug_or_eng(`-su')
248} init_svc_debug_prop:file no_rw_file_perms;
249
Steven Moreland9f41fc02024-02-16 22:38:26 +0000[diff] [blame]250# DO NOT ADD: compat risk
251neverallow {
252 domain
253 -init
Steven Moreland0ae91482024-05-14 19:42:37 +0000[diff] [blame]254 -crash_dump
Steven Moreland9f41fc02024-02-16 22:38:26 +0000[diff] [blame]255 -dumpstate
256 -misctrl
Steven Moreland0ae91482024-05-14 19:42:37 +0000[diff] [blame]257 -statsd
Steven Moreland9f41fc02024-02-16 22:38:26 +0000[diff] [blame]258 userdebug_or_eng(`-su')
259} misctrl_prop:file no_rw_file_perms;
260neverallow {
261 domain
262 -init
263 -misctrl
264 userdebug_or_eng(`-su')
265} misctrl_prop:property_service set;
266
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]267compatible_property_only(`
268# Prevent properties from being set
269 neverallow {
270 domain
271 -coredomain
272 -appdomain
273 -vendor_init
274 } {
275 core_property_type
276 extended_core_property_type
277 exported_config_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]278 exported_default_prop
279 exported_dumpstate_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]280 exported_system_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]281 exported3_system_prop
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]282 usb_control_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]283 -nfc_prop
284 -powerctl_prop
285 -radio_prop
286 }:property_service set;
287
288 neverallow {
289 domain
290 -coredomain
291 -appdomain
292 -hal_nfc_server
293 } {
294 nfc_prop
295 }:property_service set;
296
297 neverallow {
298 domain
299 -coredomain
300 -appdomain
301 -hal_telephony_server
302 -vendor_init
303 } {
Inseob Kimacd02fc2020-07-28 15:17:24 +0900[diff] [blame]304 radio_control_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]305 }:property_service set;
306
307 neverallow {
308 domain
309 -coredomain
310 -appdomain
311 -hal_telephony_server
312 } {
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]313 radio_prop
314 }:property_service set;
315
316 neverallow {
317 domain
318 -coredomain
319 -bluetooth
320 -hal_bluetooth_server
321 } {
322 bluetooth_prop
323 }:property_service set;
324
325 neverallow {
326 domain
327 -coredomain
328 -bluetooth
329 -hal_bluetooth_server
330 -vendor_init
331 } {
332 exported_bluetooth_prop
333 }:property_service set;
334
335 neverallow {
336 domain
337 -coredomain
338 -hal_camera_server
339 -cameraserver
340 -vendor_init
341 } {
342 exported_camera_prop
343 }:property_service set;
344
345 neverallow {
346 domain
347 -coredomain
348 -hal_wifi_server
349 -wificond
350 } {
351 wifi_prop
352 }:property_service set;
353
354 neverallow {
355 domain
Inseob Kim3dbf3d82020-06-25 21:20:42 +0900[diff] [blame]356 -init
357 -dumpstate
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]358 -hal_wifi_server
359 -wificond
360 -vendor_init
361 } {
Inseob Kim3dbf3d82020-06-25 21:20:42 +0900[diff] [blame]362 wifi_hal_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]363 }:property_service set;
364
365# Prevent properties from being read
366 neverallow {
367 domain
368 -coredomain
369 -appdomain
370 -vendor_init
371 } {
372 core_property_type
Jiakai Zhang22fb5c72023-03-30 15:50:05 +0100[diff] [blame]373 dalvik_config_prop_type
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]374 extended_core_property_type
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]375 exported3_system_prop
Inseob Kimfd2d6ec2020-04-01 10:01:16 +0900[diff] [blame]376 systemsound_config_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]377 -debug_prop
378 -logd_prop
379 -nfc_prop
380 -powerctl_prop
381 -radio_prop
Inseob Kim179c2c92024-05-23 16:12:32 +0900[diff] [blame]382 -dalvik_dynamic_config_prop
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]383 }:file no_rw_file_perms;
384
385 neverallow {
386 domain
387 -coredomain
388 -appdomain
Inseob Kim179c2c92024-05-23 16:12:32 +0900[diff] [blame]389 -vendor_init
390 -hal_power_server
391 } dalvik_dynamic_config_prop:file no_rw_file_perms;
392
393 neverallow {
394 domain
395 -coredomain
396 -appdomain
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]397 -hal_nfc_server
398 } {
399 nfc_prop
400 }:file no_rw_file_perms;
401
402 neverallow {
403 domain
404 -coredomain
405 -appdomain
406 -hal_telephony_server
407 } {
408 radio_prop
409 }:file no_rw_file_perms;
410
411 neverallow {
412 domain
413 -coredomain
414 -bluetooth
415 -hal_bluetooth_server
416 } {
417 bluetooth_prop
418 }:file no_rw_file_perms;
419
420 neverallow {
421 domain
422 -coredomain
423 -hal_wifi_server
424 -wificond
425 } {
426 wifi_prop
427 }:file no_rw_file_perms;
Benjamin Schwartz3e4d97b2020-10-30 13:55:21 -0700[diff] [blame]428
429 neverallow {
430 domain
Benjamin Schwartzc171a1d2021-04-20 09:13:02 -0700[diff] [blame]431 -coredomain
432 -vendor_init
Benjamin Schwartz3e4d97b2020-10-30 13:55:21 -0700[diff] [blame]433 } {
434 suspend_prop
435 }:property_service set;
Radu Solea82db3432023-12-01 10:07:28 -0800[diff] [blame]436
437 neverallow {
438 domain
439 -init
440 } {
441 suspend_debug_prop
442 }:property_service set;
443
444 neverallow {
445 domain
446 -init
Miranda Huangd07ee242024-08-16 22:42:40 +0000[diff] [blame]447 -vendor_init
448 } {
449 high_barometer_quality_prop
450 }:property_service set;
451
452 neverallow {
453 domain
454 -init
Radu Solea82db3432023-12-01 10:07:28 -0800[diff] [blame]455 -dumpstate
456 userdebug_or_eng(`-system_suspend')
457 } {
458 suspend_debug_prop
459 }:file no_rw_file_perms;
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]460')
461
Radu Solea82db3432023-12-01 10:07:28 -0800[diff] [blame]462dontaudit system_suspend suspend_debug_prop:file r_file_perms;
463
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]464compatible_property_only(`
465 # Neverallow coredomain to set vendor properties
466 neverallow {
467 coredomain
468 -init
469 -system_writes_vendor_properties_violators
470 } {
471 property_type
472 -system_property_type
473 -extended_core_property_type
474 }:property_service set;
475')
476
477neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]478 domain
Inseob Kimbfb37082020-04-27 23:49:15 +0900[diff] [blame]479 -coredomain
480 -vendor_init
481} {
482 ffs_config_prop
483 ffs_control_prop
484}:file no_rw_file_perms;
485
486neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]487 domain
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]488 -init
489 -system_server
490} {
491 userspace_reboot_log_prop
492}:property_service set;
493
494neverallow {
495 # Only allow init and system_server to set system_adbd_prop
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]496 domain
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]497 -init
498 -system_server
499} {
500 system_adbd_prop
501}:property_service set;
502
Josh Gao0cac6fd2020-10-28 13:56:23 -0700[diff] [blame]503# Let (vendor_)init, adbd, and system_server set service.adb.tcp.port
504neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]505 domain
Josh Gao0cac6fd2020-10-28 13:56:23 -0700[diff] [blame]506 -init
507 -vendor_init
508 -adbd
509 -system_server
510} {
511 adbd_config_prop
512}:property_service set;
513
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]514neverallow {
515 # Only allow init and adbd to set adbd_prop
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]516 domain
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]517 -init
518 -adbd
519} {
520 adbd_prop
521}:property_service set;
522
523neverallow {
Richard Fung0c7c2672021-11-08 20:09:54 +0000[diff] [blame]524 # Only allow init to set apexd_payload_metadata_prop
525 domain
526 -init
527} {
528 apexd_payload_metadata_prop
529}:property_service set;
530
531
532neverallow {
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]533 # Only allow init and shell to set userspace_reboot_test_prop
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]534 domain
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]535 -init
536 -shell
537} {
538 userspace_reboot_test_prop
539}:property_service set;
Inseob Kim721d9212020-04-24 21:25:17 +0900[diff] [blame]540
541neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]542 domain
Inseob Kim721d9212020-04-24 21:25:17 +0900[diff] [blame]543 -init
544 -system_server
545 -vendor_init
546} {
547 surfaceflinger_color_prop
548}:property_service set;
Inseob Kim9add20f2020-05-06 22:20:35 +0900[diff] [blame]549
550neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]551 domain
Inseob Kim9add20f2020-05-06 22:20:35 +0900[diff] [blame]552 -init
553} {
554 libc_debug_prop
555}:property_service set;
Inseob Kim36aeb162020-05-08 20:42:25 +0900[diff] [blame]556
Mitch Phillips8cd32cd2022-03-22 15:59:57 -0700[diff] [blame]557# Allow the shell to set MTE & GWP-ASan props, so that non-root users with adb
558# shell access can control the settings on their device. Allow system apps to
559# set MTE props, so Developer Options can set them.
Mitch Phillipseaf14042020-12-03 17:23:06 -0800[diff] [blame]560neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]561 domain
Mitch Phillipseaf14042020-12-03 17:23:06 -0800[diff] [blame]562 -init
563 -shell
Florian Mayer39f29f72021-12-21 12:06:31 -0800[diff] [blame]564 -system_app
Florian Mayer152f8322022-12-16 16:50:13 -0800[diff] [blame]565 -system_server
Florian Mayer51382a32022-09-21 14:53:48 -0700[diff] [blame]566 -mtectrl
Mitch Phillipseaf14042020-12-03 17:23:06 -0800[diff] [blame]567} {
568 arm64_memtag_prop
Mitch Phillips8cd32cd2022-03-22 15:59:57 -0700[diff] [blame]569 gwp_asan_prop
Mitch Phillipseaf14042020-12-03 17:23:06 -0800[diff] [blame]570}:property_service set;
571
Inseob Kim36aeb162020-05-08 20:42:25 +0900[diff] [blame]572neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]573 domain
Inseob Kim36aeb162020-05-08 20:42:25 +0900[diff] [blame]574 -init
Alice Ryhl6b9aa6d2024-02-21 15:18:14 +0000[diff] [blame]575 -shell
576 -kcmdlinectrl
577} {
578 kcmdline_prop
579}:property_service set;
580
581neverallow {
582 domain
583 -init
Inseob Kim36aeb162020-05-08 20:42:25 +0900[diff] [blame]584 -system_server
585 -vendor_init
586} zram_control_prop:property_service set;
Inseob Kim1337e152020-05-12 22:51:48 +0900[diff] [blame]587
588neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]589 domain
Inseob Kim1337e152020-05-12 22:51:48 +0900[diff] [blame]590 -init
591 -system_server
592 -vendor_init
593} dalvik_runtime_prop:property_service set;
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]594
595neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]596 domain
Inseob Kimdc1e5012020-04-27 21:13:01 +0900[diff] [blame]597 -coredomain
598 -vendor_init
599} {
600 usb_config_prop
601 usb_control_prop
602}:property_service set;
Inseob Kim3b82aec2020-05-14 01:38:40 +0900[diff] [blame]603
604neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]605 domain
Inseob Kim3b82aec2020-05-14 01:38:40 +0900[diff] [blame]606 -init
607 -system_server
608} {
609 provisioned_prop
610 retaildemo_prop
611}:property_service set;
612
613neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]614 domain
Inseob Kim3b82aec2020-05-14 01:38:40 +0900[diff] [blame]615 -coredomain
616 -vendor_init
617} {
618 provisioned_prop
619 retaildemo_prop
620}:file no_rw_file_perms;
Inseob Kim15e5e0a2020-05-14 19:43:08 +0900[diff] [blame]621
622neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]623 domain
Inseob Kim15e5e0a2020-05-14 19:43:08 +0900[diff] [blame]624 -init
625} {
626 init_service_status_private_prop
627 init_service_status_prop
628}:property_service set;
Inseob Kimad631702020-05-14 21:47:43 +0900[diff] [blame]629
630neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]631 domain
Inseob Kimad631702020-05-14 21:47:43 +0900[diff] [blame]632 -init
633 -radio
634 -appdomain
635 -hal_telephony_server
Inseob Kim285da2f2020-06-04 20:29:43 +0900[diff] [blame]636 not_compatible_property(`-vendor_init')
Inseob Kimad631702020-05-14 21:47:43 +0900[diff] [blame]637} telephony_status_prop:property_service set;
Peiyong Lin37dea072020-06-03 12:20:41 -0700[diff] [blame]638
639neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]640 domain
Peiyong Lin37dea072020-06-03 12:20:41 -0700[diff] [blame]641 -init
642 -vendor_init
643} {
644 graphics_config_prop
645}:property_service set;
Inseob Kim6ffdf1b2020-06-16 20:00:41 +0900[diff] [blame]646
647neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]648 domain
Amy Hsu0f352fb2020-06-15 17:04:12 +0800[diff] [blame]649 -init
Midas Chien0d0391f2020-06-17 22:13:21 +0800[diff] [blame]650 -surfaceflinger
Amy Hsu0f352fb2020-06-15 17:04:12 +0800[diff] [blame]651} {
652 surfaceflinger_display_prop
653}:property_service set;
654
Inseob Kim072b0142020-06-16 20:00:41 +0900[diff] [blame]655neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]656 domain
Inseob Kim5eacf722020-07-01 01:27:49 +0900[diff] [blame]657 -coredomain
658 -appdomain
Inseob Kim6ffdf1b2020-06-16 20:00:41 +0900[diff] [blame]659 -vendor_init
Inseob Kim6ffdf1b2020-06-16 20:00:41 +0900[diff] [blame]660} packagemanager_config_prop:file no_rw_file_perms;
Inseob Kim04f435c2020-07-07 12:46:24 +0900[diff] [blame]661
662neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]663 domain
Inseob Kim04f435c2020-07-07 12:46:24 +0900[diff] [blame]664 -coredomain
665 -vendor_init
666} keyguard_config_prop:file no_rw_file_perms;
Alexander Mishkovetsf0be89b2020-07-08 23:11:03 +0200[diff] [blame]667
668neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]669 domain
Alexander Mishkovetsf0be89b2020-07-08 23:11:03 +0200[diff] [blame]670 -init
671} {
672 localization_prop
673}:property_service set;
Inseob Kimc80b0242020-07-16 22:25:47 +0900[diff] [blame]674
675neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]676 domain
Inseob Kimc80b0242020-07-16 22:25:47 +0900[diff] [blame]677 -init
678 -vendor_init
679 -dumpstate
680 -system_app
681} oem_unlock_prop:file no_rw_file_perms;
682
683neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]684 domain
Inseob Kimc80b0242020-07-16 22:25:47 +0900[diff] [blame]685 -coredomain
686 -vendor_init
687} storagemanager_config_prop:file no_rw_file_perms;
688
689neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]690 domain
Inseob Kimc80b0242020-07-16 22:25:47 +0900[diff] [blame]691 -init
692 -vendor_init
693 -dumpstate
694 -appdomain
695} sendbug_config_prop:file no_rw_file_perms;
Inseob Kimc97a97c2020-07-20 20:26:07 +0900[diff] [blame]696
697neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]698 domain
Inseob Kimc97a97c2020-07-20 20:26:07 +0900[diff] [blame]699 -init
700 -vendor_init
701 -dumpstate
702 -appdomain
703} camera_calibration_prop:file no_rw_file_perms;
Inseob Kim46dd4be2020-08-18 11:25:32 +0900[diff] [blame]704
705neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]706 domain
Inseob Kim46dd4be2020-08-18 11:25:32 +0900[diff] [blame]707 -init
708 -dumpstate
Jeff Vander Stoep684d25b2020-08-25 11:41:00 +0200[diff] [blame]709 -hal_dumpstate_server
Inseob Kim46dd4be2020-08-18 11:25:32 +0900[diff] [blame]710 not_compatible_property(`-vendor_init')
711} hal_dumpstate_config_prop:file no_rw_file_perms;
Primiano Tuccicd452302020-10-09 09:15:10 +0100[diff] [blame]712
713neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]714 domain
Primiano Tuccicd452302020-10-09 09:15:10 +0100[diff] [blame]715 -init
Yabin Cuibd4c9e82021-03-18 11:15:36 -0700[diff] [blame]716 userdebug_or_eng(`-profcollectd')
Yabin Cuif17fb422021-11-24 14:06:07 -0800[diff] [blame]717 userdebug_or_eng(`-simpleperf_boot')
Primiano Tuccicd452302020-10-09 09:15:10 +0100[diff] [blame]718 userdebug_or_eng(`-traced_probes')
Florian Mayer167407d2020-11-11 11:01:36 +0000[diff] [blame]719 userdebug_or_eng(`-traced_perf')
Primiano Tuccicd452302020-10-09 09:15:10 +0100[diff] [blame]720} {
721 lower_kptr_restrict_prop
722}:property_service set;
Janis Danisevskis202e8632020-10-23 11:16:34 -0700[diff] [blame]723
Inseob Kimd5a04482020-11-05 22:17:26 +0900[diff] [blame]724neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]725 domain
Inseob Kimd5a04482020-11-05 22:17:26 +0900[diff] [blame]726 -init
727} zygote_wrap_prop:property_service set;
728
729neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]730 domain
Inseob Kimd5a04482020-11-05 22:17:26 +0900[diff] [blame]731 -init
732} verity_status_prop:property_service set;
733
734neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]735 domain
Inseob Kimd5a04482020-11-05 22:17:26 +0900[diff] [blame]736 -init
Jeongik Cha6cb91a02023-11-15 22:51:14 +0900[diff] [blame]737 -vendor_init
738} setupwizard_mode_prop:property_service set;
739
740neverallow {
741 domain
742 -init
Inseob Kimd5a04482020-11-05 22:17:26 +0900[diff] [blame]743} setupwizard_prop:property_service set;
Inseob Kim99855662020-11-12 22:21:51 +0900[diff] [blame]744
745# ro.product.property_source_order is useless after initialization of ro.product.* props.
746# So making it accessible only from init and vendor_init.
747neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]748 domain
Inseob Kim99855662020-11-12 22:21:51 +0900[diff] [blame]749 -init
750 -dumpstate
751 -vendor_init
752} build_config_prop:file no_rw_file_perms;
Inseob Kim0cef0fe2020-11-17 13:54:52 +0900[diff] [blame]753
754neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]755 domain
Inseob Kim0cef0fe2020-11-17 13:54:52 +0900[diff] [blame]756 -init
757 -shell
758} sqlite_log_prop:property_service set;
759
760neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]761 domain
Inseob Kim0cef0fe2020-11-17 13:54:52 +0900[diff] [blame]762 -coredomain
763 -appdomain
764} sqlite_log_prop:file no_rw_file_perms;
Inseob Kim4c110ff2020-11-26 21:50:23 +0900[diff] [blame]765
Inseob Kim5c011e52021-01-14 04:08:16 +0000[diff] [blame]766neverallow {
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]767 domain
Inseob Kim5c011e52021-01-14 04:08:16 +0000[diff] [blame]768 -init
769} default_prop:property_service set;
770
Inseob Kim4c110ff2020-11-26 21:50:23 +0900[diff] [blame]771# Only one of system_property_type and vendor_property_type can be assigned.
772# Property types having both attributes won't be accessible from anywhere.
773neverallow domain system_and_vendor_property_type:{file property_service} *;
JW Wang0f8cf042021-02-24 14:29:06 +0800[diff] [blame]774
775neverallow {
Seth Moore8bfdd822022-04-20 10:10:49 -0700[diff] [blame]776 domain
777 -init
Max Bires9692ad42024-08-08 22:05:03 +0000[diff] [blame]778 -keystore
Seth Moored3bd6862023-02-24 11:50:51 -0800[diff] [blame]779 -shell
Max Bires9692ad42024-08-08 22:05:03 +0000[diff] [blame]780 -system_server
Vikram Gaur01390082023-03-16 01:41:29 +0000[diff] [blame]781 -rkpdapp
Seth Moore8bfdd822022-04-20 10:10:49 -0700[diff] [blame]782} remote_prov_prop:property_service set;
783
784neverallow {
JW Wang0f8cf042021-02-24 14:29:06 +0800[diff] [blame]785 # Only allow init and shell to set rollback_test_prop
Inseob Kim85acf6e2021-03-10 10:42:23 +0900[diff] [blame]786 domain
JW Wang0f8cf042021-02-24 14:29:06 +0800[diff] [blame]787 -init
788 -shell
789} rollback_test_prop:property_service set;
Yi Kong9b658452021-03-22 22:02:22 +0800[diff] [blame]790
791neverallow {
Jooyung Hanccfb0ef2022-07-07 15:42:39 +0900[diff] [blame]792 domain
793 -init
Jooyung Hanccfb0ef2022-07-07 15:42:39 +0900[diff] [blame]794 -apexd
795} ctl_apex_load_prop:property_service set;
796
797neverallow {
798 domain
799 -coredomain
800 -init
801 -dumpstate
802 -apexd
Deyao Ren3fab00f2022-08-30 19:14:51 +0000[diff] [blame]803} ctl_apex_load_prop:file no_rw_file_perms;
Jooyung Hanccfb0ef2022-07-07 15:42:39 +0900[diff] [blame]804
805neverallow {
Deyao Ren7848d3a2022-09-01 22:20:10 +0000[diff] [blame]806 domain
807 -init
808 -apexd
809} apex_ready_prop:property_service set;
810
811neverallow {
812 domain
813 -coredomain
814 -dumpstate
815 -apexd
Jooyung Hancae23682022-09-02 16:26:27 +0900[diff] [blame]816 -vendor_init
Deyao Ren7848d3a2022-09-01 22:20:10 +0000[diff] [blame]817} apex_ready_prop:file no_rw_file_perms;
Inseob Kim55e5c9b2020-03-04 17:20:35 +0900[diff] [blame]818
819neverallow {
820 # Only allow init and profcollectd to access profcollectd_node_id_prop
821 domain
822 -init
823 -dumpstate
824 -profcollectd
825} profcollectd_node_id_prop:file r_file_perms;
826
Jiyong Parkc4f84bc2022-09-18 23:09:53 +0900[diff] [blame]827neverallow {
828 domain
829 -init
830} log_file_logger_prop:property_service set;
Avichal Rakesha12d3102023-01-23 23:46:42 -0800[diff] [blame]831
832neverallow {
833 domain
834 -init
835 -vendor_init
836} usb_uvc_enabled_prop:property_service set;
Avichal Rakeshe2cb0f22023-02-01 15:56:40 -0800[diff] [blame]837
838# Disallow non system apps from reading ro.usb.uvc.enabled
839neverallow {
840 appdomain
841 -system_app
842 -device_as_webcam
843} usb_uvc_enabled_prop:file no_rw_file_perms;
Inseob Kime972e932024-04-11 00:56:13 +0000[diff] [blame]844
845neverallow {
846 domain
847 -init
848 -vendor_init
849} pm_archiving_enabled_prop:property_service set;
Kalesh Singhf3fb64a2024-08-28 16:53:37 +0000[diff] [blame]850
851neverallow {
852 domain
853 -init
854 userdebug_or_eng(`-su')
855} bionic_linker_16kb_app_compat_prop:property_service set;