-
Alex Klyubin authored
This leaves only the existence of binderservicedomain attribute as public API. All other rules are implementation details of this attribute's policy and are thus now private. Test: No change to policy according to sesearch, except for disappearance of all allow rules to do with *_current targets referenced in binderservicedomain.te. Bug: 31364497 Change-Id: Ic830bcc5ffb6d624e0b3aec831071061cccc513c84aebd3c
binderservicedomain.te 1.00 KiB
# Rules common to all binder service domains
# Allow dumpstate and incidentd to collect information from binder services
allow binderservicedomain { dumpstate incidentd }:fd use;
allow binderservicedomain { dumpstate incidentd }:unix_stream_socket { read write getopt getattr };
allow binderservicedomain { dumpstate incidentd }:fifo_file { getattr write };
allow binderservicedomain shell_data_file:file { getattr write };
# Allow dumpsys to work from adb shell or the serial console
allow binderservicedomain devpts:chr_file rw_file_perms;
allow binderservicedomain console_device:chr_file rw_file_perms;
# Receive and write to a pipe received over Binder from an app.
allow binderservicedomain appdomain:fd use;
allow binderservicedomain appdomain:fifo_file write;
# allow all services to run permission checks
allow binderservicedomain permission_service:service_manager find;
allow binderservicedomain keystore:keystore_key { get_state get insert delete exist list sign verify };
use_keystore(binderservicedomain)