Blame - private/flags_health_check.te - android_system_sepolicy

blob: db7f08f58416408e3caea73534efc4e08a429a11 [file] [log] [blame]

Hongyi Zhang	a6f9892	2018-10-25 20:09:55 -0700	[diff] [blame]	1	typeattribute flags_health_check coredomain;
				2
				3	init_daemon_domain(flags_health_check)
Inseob Kim	55e5c9b	2020-03-04 17:20:35 +0900	[diff] [blame]	4
				5	set_prop(flags_health_check, device_config_boot_count_prop)
Dennis Shen	3b8c57f	2023-07-25 20:15:02 +0000	[diff] [blame]	6	set_prop(flags_health_check, device_config_core_experiments_team_internal_prop)
feiyuchen	70e1942	2023-02-13 21:55:57 +0000	[diff] [blame]	7	set_prop(flags_health_check, device_config_edgetpu_native_prop)
Inseob Kim	55e5c9b	2020-03-04 17:20:35 +0900	[diff] [blame]	8	set_prop(flags_health_check, device_config_reset_performed_prop)
				9	set_prop(flags_health_check, device_config_runtime_native_boot_prop)
				10	set_prop(flags_health_check, device_config_runtime_native_prop)
				11	set_prop(flags_health_check, device_config_input_native_boot_prop)
Suren Baghdasaryan	592e06c	2021-08-04 12:31:43 -0700	[diff] [blame]	12	set_prop(flags_health_check, device_config_lmkd_native_prop)
Inseob Kim	55e5c9b	2020-03-04 17:20:35 +0900	[diff] [blame]	13	set_prop(flags_health_check, device_config_netd_native_prop)
Ian Hua	91d153e	2021-10-05 15:23:18 +0100	[diff] [blame]	14	set_prop(flags_health_check, device_config_nnapi_native_prop)
Inseob Kim	55e5c9b	2020-03-04 17:20:35 +0900	[diff] [blame]	15	set_prop(flags_health_check, device_config_activity_manager_native_boot_prop)
				16	set_prop(flags_health_check, device_config_media_native_prop)
Kalesh Singh	9e25714	2022-04-06 14:31:26 -0700	[diff] [blame]	17	set_prop(flags_health_check, device_config_mglru_native_prop)
Yi Kong	0ac0072	2020-10-27 02:29:52 +0800	[diff] [blame]	18	set_prop(flags_health_check, device_config_profcollect_native_boot_prop)
Tej Singh	dd0988f	2020-11-17 19:26:23 -0800	[diff] [blame]	19	set_prop(flags_health_check, device_config_statsd_native_prop)
				20	set_prop(flags_health_check, device_config_statsd_native_boot_prop)
Inseob Kim	55e5c9b	2020-03-04 17:20:35 +0900	[diff] [blame]	21	set_prop(flags_health_check, device_config_storage_native_boot_prop)
Nick Chalko	81a4dd4	2021-02-11 09:12:51 -0800	[diff] [blame]	22	set_prop(flags_health_check, device_config_swcodec_native_prop)
Inseob Kim	55e5c9b	2020-03-04 17:20:35 +0900	[diff] [blame]	23	set_prop(flags_health_check, device_config_sys_traced_prop)
				24	set_prop(flags_health_check, device_config_window_manager_native_boot_prop)
				25	set_prop(flags_health_check, device_config_configuration_prop)
Xiao Ma	2d6c9f0	2021-02-02 10:27:38 +0000	[diff] [blame]	26	set_prop(flags_health_check, device_config_connectivity_prop)
rnlee	b6142ec	2021-06-29 13:48:27 -0700	[diff] [blame]	27	set_prop(flags_health_check, device_config_surface_flinger_native_boot_prop)
Dennis Shen	df3a168	2023-08-16 19:10:13 +0000	[diff] [blame]	28	set_prop(flags_health_check, device_config_aconfig_flags_prop)
Richard Chang	7057e4a	2022-04-12 08:11:53 +0000	[diff] [blame]	29	set_prop(flags_health_check, device_config_vendor_system_native_prop)
Richard Chang	74334ef	2022-08-08 09:26:22 +0000	[diff] [blame]	30	set_prop(flags_health_check, device_config_vendor_system_native_boot_prop)
Andrew Scull	d7bed77	2021-10-29 15:20:02 +0100	[diff] [blame]	31	set_prop(flags_health_check, device_config_virtualization_framework_native_prop)
Florian Mayer	94926f5	2023-01-31 15:47:07 -0800	[diff] [blame]	32	set_prop(flags_health_check, device_config_memory_safety_native_boot_prop)
Florian Mayer	5b3a833	2022-06-08 10:45:18 -0700	[diff] [blame]	33	set_prop(flags_health_check, device_config_memory_safety_native_prop)
Vikram Gaur	e1c49f5	2022-09-29 21:20:22 +0000	[diff] [blame]	34	set_prop(flags_health_check, device_config_remote_key_provisioning_native_prop)
Mohi Montazer	ad05940	2022-12-09 10:23:37 -0800	[diff] [blame]	35	set_prop(flags_health_check, device_config_camera_native_prop)
Motomu Utsumi	2473262	2023-05-11 19:36:18 +0900	[diff] [blame]	36	set_prop(flags_health_check, device_config_tethering_u_or_later_native_prop)
Shintaro Kawamura	81c4bae	2024-11-22 17:37:03 +0900	[diff] [blame]	37	set_prop(flags_health_check, device_config_mmd_native_prop)
Dennis Shen	bb028e3	2023-09-29 17:28:28 +0000	[diff] [blame]	38	set_prop(flags_health_check, next_boot_prop)
Inseob Kim	55e5c9b	2020-03-04 17:20:35 +0900	[diff] [blame]	39
Inseob Kim	75806ef	2024-03-27 17:18:41 +0900	[diff] [blame]	40	allow flags_health_check server_configurable_flags_data_file:dir rw_dir_perms;
				41	allow flags_health_check server_configurable_flags_data_file:file create_file_perms;
				42
				43	###
				44	### Neverallow rules
				45	###
				46
				47	# server_configurable_flags_data_file is used for storing whether server configurable flags which
				48	# have been reset during current booting. Mistakenly modified by unrelated components can
				49	# cause bad server configurable flags synced back to device.
				50	neverallow { domain -init -flags_health_check } server_configurable_flags_data_file:file no_w_file_perms;
				51
Inseob Kim	55e5c9b	2020-03-04 17:20:35 +0900	[diff] [blame]	52	# system property device_config_boot_count_prop is used for deciding when to perform server
				53	# configurable flags related disaster recovery. Mistakenly set up by unrelated components can, at a
				54	# wrong timing, trigger server configurable flag related disaster recovery, which will override
				55	# server configured values of all flags with default values.
				56	neverallow { domain -init -flags_health_check } device_config_boot_count_prop:property_service set;
				57
				58	# system property device_config_reset_performed_prop is used for indicating whether server
				59	# configurable flags have been reset during booting. Mistakenly modified by unrelated components can
				60	# cause bad server configurable flags synced back to device.
				61	neverallow { domain -init -flags_health_check } device_config_reset_performed_prop:property_service set;