Define sepolicy for redirect-socket-calls feature
Define two property_context. 1. vendor_socket_hook_prop - for ro.vendor.redirect_socket_calls. The property set once in vendor_init context. It's evaluated at process start time and is cannot change at runtime on a given device. The set permission is restricted to vendor_init. The read permission is unrestricted. 2. socket_hook_prop - for net.redirect_socket_calls.hooked. The property can be changed by System Server at runtime. It's evaluated when shimmed socket functions is called. The set permission is restricted to System Server. The read permission is unrestricted. Bug: Bug: 141611769 Test: System Server can set net.redirect_socket_calls.hooked libnetd_client can read both properties libnetd_client can't set both properties Change-Id: Ic42269539923e6930cc0ee3df8ba032797212395
This commit is contained in:
parent
036eb2518d
commit
64f0be204b
@ -146,6 +146,7 @@
|
||||
simpleperf_app_runner
|
||||
simpleperf_app_runner_exec
|
||||
slice_service
|
||||
socket_hook_prop
|
||||
staging_data_file
|
||||
stats
|
||||
stats_data_file
|
||||
@ -199,6 +200,7 @@
|
||||
vendor_apex_file
|
||||
vendor_init
|
||||
vendor_shell
|
||||
vendor_socket_hook_prop
|
||||
vndk_prop
|
||||
vold_metadata_file
|
||||
vold_prepare_subdirs
|
||||
|
@ -133,6 +133,7 @@
|
||||
simpleperf_app_runner
|
||||
simpleperf_app_runner_exec
|
||||
slice_service
|
||||
socket_hook_prop
|
||||
stats
|
||||
stats_data_file
|
||||
stats_exec
|
||||
@ -177,6 +178,7 @@
|
||||
vendor_init
|
||||
vendor_security_patch_level_prop
|
||||
vendor_shell
|
||||
vendor_socket_hook_prop
|
||||
vndk_prop
|
||||
vold_metadata_file
|
||||
vold_prepare_subdirs
|
||||
|
@ -123,6 +123,7 @@
|
||||
server_configurable_flags_data_file
|
||||
simpleperf_app_runner
|
||||
simpleperf_app_runner_exec
|
||||
socket_hook_prop
|
||||
su_tmpfs
|
||||
super_block_device
|
||||
sysfs_fs_f2fs
|
||||
@ -150,6 +151,7 @@
|
||||
vendor_keylayout_file
|
||||
vendor_misc_writer
|
||||
vendor_misc_writer_exec
|
||||
vendor_socket_hook_prop
|
||||
vendor_task_profiles_file
|
||||
vndk_prop
|
||||
vrflinger_vsync_service
|
||||
|
@ -70,6 +70,7 @@
|
||||
service_manager_service
|
||||
simpleperf
|
||||
snapshotctl_log_data_file
|
||||
socket_hook_prop
|
||||
soundtrigger_middleware_service
|
||||
sysfs_dm_verity
|
||||
system_config_service
|
||||
@ -92,4 +93,5 @@
|
||||
vendor_incremental_module
|
||||
vendor_install_recovery
|
||||
vendor_install_recovery_exec
|
||||
vendor_socket_hook_prop
|
||||
virtual_ab_prop))
|
||||
|
@ -604,6 +604,7 @@ set_prop(system_server, overlay_prop)
|
||||
set_prop(system_server, exported_overlay_prop)
|
||||
set_prop(system_server, pm_prop)
|
||||
set_prop(system_server, exported_pm_prop)
|
||||
set_prop(system_server, socket_hook_prop)
|
||||
userdebug_or_eng(`set_prop(system_server, wifi_log_prop)')
|
||||
|
||||
# ctl interface
|
||||
@ -1135,3 +1136,6 @@ neverallow { domain -system_server -init }
|
||||
# system_server cannot use this access to read perf event data like process stacks.
|
||||
allow system_server self:perf_event { open write cpu kernel };
|
||||
neverallow system_server self:perf_event ~{ open write cpu kernel };
|
||||
|
||||
# Do not allow any domain other than init or system server to set the property
|
||||
neverallow { domain -init -system_server } socket_hook_prop:property_service set;
|
||||
|
@ -105,6 +105,8 @@ get_prop(domain, exported_system_prop)
|
||||
get_prop(domain, exported_vold_prop)
|
||||
get_prop(domain, exported2_default_prop)
|
||||
get_prop(domain, logd_prop)
|
||||
get_prop(domain, socket_hook_prop)
|
||||
get_prop(domain, vendor_socket_hook_prop)
|
||||
get_prop(domain, vndk_prop)
|
||||
|
||||
# Binder cache properties are world-readable
|
||||
|
@ -68,6 +68,7 @@ system_restricted_prop(linker_prop)
|
||||
system_restricted_prop(module_sdkextensions_prop)
|
||||
system_restricted_prop(nnapi_ext_deny_product_prop)
|
||||
system_restricted_prop(restorecon_prop)
|
||||
system_restricted_prop(socket_hook_prop)
|
||||
system_restricted_prop(system_boot_reason_prop)
|
||||
system_restricted_prop(system_jvmti_agent_prop)
|
||||
system_restricted_prop(userspace_reboot_exported_prop)
|
||||
@ -113,6 +114,7 @@ system_vendor_config_prop(exported3_default_prop)
|
||||
system_vendor_config_prop(userspace_reboot_config_prop)
|
||||
system_vendor_config_prop(vehicle_hal_prop)
|
||||
system_vendor_config_prop(vendor_security_patch_level_prop)
|
||||
system_vendor_config_prop(vendor_socket_hook_prop)
|
||||
system_vendor_config_prop(vndk_prop)
|
||||
system_vendor_config_prop(virtual_ab_prop)
|
||||
|
||||
|
@ -218,6 +218,7 @@ init.svc.zygote u:object_r:exported2_default_prop:s0 exact string
|
||||
libc.debug.malloc.options u:object_r:exported2_default_prop:s0 exact string
|
||||
libc.debug.malloc.program u:object_r:exported2_default_prop:s0 exact string
|
||||
libc.debug.hooks.enable u:object_r:exported2_default_prop:s0 exact string
|
||||
net.redirect_socket_calls.hooked u:object_r:socket_hook_prop:s0 exact bool
|
||||
persist.sys.locale u:object_r:exported_system_prop:s0 exact string
|
||||
persist.sys.timezone u:object_r:exported_system_prop:s0 exact string
|
||||
persist.sys.test_harness u:object_r:test_harness_prop:s0 exact bool
|
||||
@ -274,6 +275,7 @@ ro.product.name u:object_r:exported2_default_prop:s0 exact string
|
||||
ro.property_service.version u:object_r:exported2_default_prop:s0 exact int
|
||||
ro.revision u:object_r:exported2_default_prop:s0 exact string
|
||||
ro.secure u:object_r:exported_secure_prop:s0 exact int
|
||||
ro.vendor.redirect_socket_calls u:object_r:vendor_socket_hook_prop:s0 exact bool
|
||||
service.bootanim.exit u:object_r:exported_system_prop:s0 exact int
|
||||
sys.boot_from_charger_mode u:object_r:exported_system_prop:s0 exact int
|
||||
sys.init.userspace_reboot.in_progress u:object_r:userspace_reboot_exported_prop:s0 exact bool
|
||||
|
Loading…
Reference in New Issue
Block a user