Merge "Revert "Allow callers of uevent_kernel_*() access to /proc/sys/kernel/overflowuid""
This commit is contained in:
commit
3ec0dbf7d1
@ -463,7 +463,6 @@
|
||||
proc_loadavg
|
||||
proc_max_map_count
|
||||
proc_mounts
|
||||
proc_overflowuid
|
||||
proc_page_cluster
|
||||
proc_pagetypeinfo
|
||||
proc_panic
|
||||
|
@ -38,7 +38,6 @@ genfscon proc /sys/kernel/hung_task_timeout_secs u:object_r:proc_hung_task:s0
|
||||
genfscon proc /sys/kernel/kptr_restrict u:object_r:proc_security:s0
|
||||
genfscon proc /sys/kernel/modprobe u:object_r:usermodehelper:s0
|
||||
genfscon proc /sys/kernel/modules_disabled u:object_r:proc_security:s0
|
||||
genfscon proc /sys/kernel/overflowuid u:object_r:proc_overflowuid:s0
|
||||
genfscon proc /sys/kernel/panic_on_oops u:object_r:proc_panic:s0
|
||||
genfscon proc /sys/kernel/perf_event_max_sample_rate u:object_r:proc_perf:s0
|
||||
genfscon proc /sys/kernel/perf_event_paranoid u:object_r:proc_perf:s0
|
||||
|
@ -33,7 +33,6 @@ type proc_misc, fs_type;
|
||||
type proc_modules, fs_type;
|
||||
type proc_mounts, fs_type;
|
||||
type proc_net, fs_type;
|
||||
type proc_overflowuid, fs_type;
|
||||
type proc_page_cluster, fs_type;
|
||||
type proc_pagetypeinfo, fs_type;
|
||||
type proc_panic, fs_type;
|
||||
|
@ -15,5 +15,4 @@ allow hal_usb sysfs:file read;
|
||||
allow hal_usb sysfs:file open;
|
||||
allow hal_usb sysfs:file write;
|
||||
allow hal_usb sysfs:file getattr;
|
||||
allow hal_usb proc_overflowuid:file r_file_perms;
|
||||
|
||||
|
@ -52,7 +52,6 @@ allow healthd tty_device:chr_file rw_file_perms;
|
||||
allow healthd ashmem_device:chr_file execute;
|
||||
allow healthd self:process execmem;
|
||||
allow healthd proc_sysrq:file rw_file_perms;
|
||||
allow healthd proc_overflowuid:file r_file_perms;
|
||||
|
||||
add_service(healthd, batteryproperties_service)
|
||||
|
||||
|
@ -274,7 +274,6 @@ allow init {
|
||||
proc_diskstats
|
||||
proc_kmsg # Open /proc/kmsg for logd service.
|
||||
proc_meminfo
|
||||
proc_overflowuid
|
||||
proc_stat # Read /proc/stat for bootchart.
|
||||
proc_uptime
|
||||
proc_version
|
||||
|
@ -45,9 +45,6 @@ r_dir_file(netd, proc_net)
|
||||
# For /proc/sys/net/ipv[46]/route/flush.
|
||||
allow netd proc_net:file rw_file_perms;
|
||||
|
||||
# Access for /proc/sys/kernel/overflowuid.
|
||||
allow netd proc_overflowuid:file r_file_perms;
|
||||
|
||||
# Enables PppController and interface enumeration (among others)
|
||||
allow netd sysfs:dir r_dir_perms;
|
||||
r_dir_file(netd, sysfs_net)
|
||||
|
@ -36,9 +36,6 @@ allow ueventd file_contexts_file:file r_file_perms;
|
||||
# Use setfscreatecon() to label /dev directories and files.
|
||||
allow ueventd self:process setfscreate;
|
||||
|
||||
# Access for /proc/sys/kernel/overflowuid.
|
||||
allow ueventd proc_overflowuid:file r_file_perms;
|
||||
|
||||
#####
|
||||
##### neverallow rules
|
||||
#####
|
||||
|
@ -24,7 +24,6 @@ allow vold {
|
||||
proc_filesystems
|
||||
proc_meminfo
|
||||
proc_mounts
|
||||
proc_overflowuid
|
||||
}:file r_file_perms;
|
||||
|
||||
#Get file contexts
|
||||
|
Loading…
Reference in New Issue
Block a user