Skip to content
Snippets Groups Projects
Select Git revision
  • test default
1 result
Blame History Permalink
  • Tri Vo's avatar
    Explicitly label system_server's dependencies in /proc · 8c2323d3
    Tri Vo authored 
    Labeled:
/proc/asound/cards -> proc_asound_cards
/proc/loadavg -> proc_loadavg
/proc/pagetypeinfo -> proc_pagetypeinfo
/proc/version -> proc_version
/proc/vmallocinfo -> proc_vmallocinfo

system_server: added access to all new types  and removed access to proc label.
init: added access to proc_version.
dumpstate: added access to proc_pagetypeinfo, proc_version,
proc_vmallocinfo.
hal_audio: added access to proc_asound_cards.
all_untrusted_apps: extended neverallow rule to include new labels.

Bug: 65980789
Test: device boots without selinux denials to the newly introduced
labels.
Test: "adb shell dumpstate" throws no violations to new labels.
Change-Id: Ic60facd3d4776e38d5e3ba003d06ada4e52c7dca
    8c2323d3