From 4eca81948385e18aa44af2135e01ef998cb9f3bf Mon Sep 17 00:00:00 2001
From: Daniel Norman <danielnorman@google.com>
Date: Thu, 25 Jul 2019 11:29:17 -0700
Subject: [PATCH] Adds new policy for init_svc_debug_prop.

Used to restrict properties init.svc_debug_pid.*

Bug: 138114550
Test: getprop | grep init.svc_debug_pid  only shows results on root
Change-Id: I0c10699deec4c548a2463a934e96b897ddee1678
---
 private/compat/29.0/29.0.ignore.cil |  1 +
 private/property_contexts           |  1 +
 public/property.te                  | 13 +++++++++++++
 public/vendor_init.te               |  1 +
 4 files changed, 16 insertions(+)

diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index 83c8eee0b..5a9706a03 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil
@@ -12,6 +12,7 @@
     device_config_sys_traced_prop
     hal_can_bus_hwservice
     hal_can_controller_hwservice
+    init_svc_debug_prop
     ota_metadata_file
     runtime_apex_dir
     system_ashmem_hwservice
diff --git a/private/property_contexts b/private/property_contexts
index c31940c95..254c55a85 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -35,6 +35,7 @@ debug.                  u:object_r:debug_prop:s0
 debug.db.               u:object_r:debuggerd_prop:s0
 dumpstate.              u:object_r:dumpstate_prop:s0
 dumpstate.options       u:object_r:dumpstate_options_prop:s0
+init.svc_debug_pid.     u:object_r:init_svc_debug_prop:s0
 llk.                    u:object_r:llkd_prop:s0
 khungtask.              u:object_r:llkd_prop:s0
 ro.llk.                 u:object_r:llkd_prop:s0
diff --git a/public/property.te b/public/property.te
index fa397d715..1bac6133a 100644
--- a/public/property.te
+++ b/public/property.te
@@ -55,6 +55,7 @@ type gsid_prop, property_type;
 type heapprofd_enabled_prop, property_type;
 type heapprofd_prop, property_type;
 type hwservicemanager_prop, property_type;
+type init_svc_debug_prop, property_type;
 type last_boot_reason_prop, property_type;
 type system_lmk_prop, property_type;
 type llkd_prop, property_type;
@@ -190,6 +191,18 @@ dontaudit domain {
   ctl_rildaemon_prop
 }:property_service set;
 
+neverallow {
+  domain
+  -init
+} init_svc_debug_prop:property_service set;
+
+neverallow {
+  domain
+  -init
+  -dumpstate
+  userdebug_or_eng(`-su')
+} init_svc_debug_prop:file no_rw_file_perms;
+
 compatible_property_only(`
 # Prevent properties from being set
   neverallow {
diff --git a/public/vendor_init.te b/public/vendor_init.te
index 3312ff8f1..da3651d2c 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -217,6 +217,7 @@ not_compatible_property(`
       -apexd_prop
       -gsid_prop
       -nnapi_ext_deny_product_prop
+      -init_svc_debug_prop
     })
 ')