android_system_sepolicy/public/hal_neverallows.te

# only HALs responsible for network hardware should have privileged
# network capabilities
neverallow {
  halserverdomain
  -hal_bluetooth_server
  -hal_wifi_server
  -hal_wifi_supplicant_server
  -rild
} self:capability { net_admin net_raw };

# Unless a HAL's job is to manage network hardware, it should not be
# using network sockets.
neverallow {
  halserverdomain
  -hal_gnss # TODO b/36085168 b/35757613
  -hal_wifi_server
  -hal_wifi_supplicant_server
  -rild
} domain:{ tcp_socket udp_socket rawip_socket } *;
Restrict HAL network access to HALS that manage network hardware Only HALs that manage networks need network capabilities and network sockets. Test: aosp_marlin and aosp_bullhead policy builds. Note: neverallow rules are compile time assertions and do not change the on-device policy. Bug: 36185625 Change-Id: Id64846eac24cf72ed91ce775cecb2c75f11b78df 2017-03-13 13:32:51 -07:00			`# only HALs responsible for network hardware should have privileged`
			`# network capabilities`
			`neverallow {`
			`halserverdomain`
			`-hal_bluetooth_server`
			`-hal_wifi_server`
			`-hal_wifi_supplicant_server`
			`-rild`
			`} self:capability { net_admin net_raw };`

			`# Unless a HAL's job is to manage network hardware, it should not be`
			`# using network sockets.`
			`neverallow {`
			`halserverdomain`
			`-hal_gnss # TODO b/36085168 b/35757613`
			`-hal_wifi_server`
			`-hal_wifi_supplicant_server`
			`-rild`
			`} domain:{ tcp_socket udp_socket rawip_socket } *;`