Merge "Move domain_deprecated into private policy" into oc-dev

02a101a6 · TreeHugger Robot · Android (Google) Code Review · 125a5a0c · 76aab82c · 02a101a6
Commit 02a101a6 authored 7 years ago by TreeHugger Robot Committed by Android (Google) Code Review 7 years ago
--- a/private/attributes
+++ b/private/attributes
+# Temporary attribute used for migrating permissions out of domain.
+# Motivation: Domain is overly permissive. Start removing permissions
+# from domain and assign them to the domain_deprecated attribute.
+# Domain_deprecated and domain can initially be assigned to all
+# domains. The goal is to not assign domain_deprecated to new domains
+# and to start removing domain_deprecated where it's not required or
+# reassigning the appropriate permissions to the inheriting domain
+# when necessary.
+attribute domain_deprecated;
--- a/private/clatd.te
+++ b/private/clatd.te
 typeattribute clatd coredomain;
+typeattribute clatd domain_deprecated;
--- a/private/dex2oat.te
+++ b/private/dex2oat.te
 typeattribute dex2oat coredomain;
+typeattribute dex2oat domain_deprecated;
--- a/private/dhcp.te
+++ b/private/dhcp.te
 typeattribute dhcp coredomain;
+typeattribute dhcp domain_deprecated;
 init_daemon_domain(dhcp)
 type_transition dhcp system_data_file:{ dir file } dhcp_data_file;
--- a/public/domain_deprecated.te
+++ b/public/domain_deprecated.te
@@ -79,7 +79,6 @@ auditallow {
  -fingerprintd
  -installd
  -keystore
-  -rild
  -surfaceflinger
  -system_server
  -update_engine
@@ -193,7 +192,6 @@ auditallow {
  domain_deprecated
  -fsck
  -fsck_untrusted
-  -rild
  -sdcardd
  -system_server
  -update_engine
@@ -203,7 +201,6 @@ auditallow {
  domain_deprecated
  -fsck
  -fsck_untrusted
-  -rild
  -system_server
  -vold
 } proc:lnk_file { open ioctl lock }; # getattr read granted in domain
@@ -213,7 +210,6 @@ auditallow {
  -fingerprintd
  -healthd
  -netd
-  -rild
  -system_app
  -surfaceflinger
  -system_server
@@ -227,7 +223,6 @@ auditallow {
  -fingerprintd
  -healthd
  -netd
-  -rild
  -system_app
  -surfaceflinger
  -system_server
@@ -241,7 +236,6 @@ auditallow {
  -fingerprintd
  -healthd
  -netd
-  -rild
  -system_app
  -surfaceflinger
  -system_server
@@ -259,7 +253,6 @@ auditallow {
  -installd
  -keystore
  -netd
-  -rild
  -surfaceflinger
  -system_server
  -zygote
@@ -274,7 +267,6 @@ auditallow {
  -installd
  -keystore
  -netd
-  -rild
  -surfaceflinger
  -system_server
  -zygote

--- a/private/dumpstate.te
+++ b/private/dumpstate.te
 typeattribute dumpstate coredomain;
+typeattribute dumpstate domain_deprecated;
 init_daemon_domain(dumpstate)

--- a/private/fingerprintd.te
+++ b/private/fingerprintd.te
 typeattribute fingerprintd coredomain;
+typeattribute fingerprintd domain_deprecated;
 init_daemon_domain(fingerprintd)
--- a/private/fsck.te
+++ b/private/fsck.te
 typeattribute fsck coredomain;
+typeattribute fsck domain_deprecated;
 init_daemon_domain(fsck)
--- a/private/fsck_untrusted.te
+++ b/private/fsck_untrusted.te
 typeattribute fsck_untrusted coredomain;
+typeattribute fsck_untrusted domain_deprecated;
--- a/private/installd.te
+++ b/private/installd.te
 typeattribute installd coredomain;
+typeattribute installd domain_deprecated;
 init_daemon_domain(installd)

--- a/private/keystore.te
+++ b/private/keystore.te
 typeattribute keystore coredomain;
+typeattribute keystore domain_deprecated;
 init_daemon_domain(keystore)

--- a/private/mtp.te
+++ b/private/mtp.te
 typeattribute mtp coredomain;
+typeattribute mtp domain_deprecated;
 init_daemon_domain(mtp)
--- a/private/netd.te
+++ b/private/netd.te
 typeattribute netd coredomain;
+typeattribute netd domain_deprecated;
 init_daemon_domain(netd)

--- a/private/perfprofd.te
+++ b/private/perfprofd.te
 userdebug_or_eng(`
  typeattribute perfprofd coredomain;
+  typeattribute perfprofd domain_deprecated;
  init_daemon_domain(perfprofd)
 ')
--- a/private/ppp.te
+++ b/private/ppp.te
 typeattribute ppp coredomain;
+typeattribute ppp domain_deprecated;
 domain_auto_trans(mtp, ppp_exec, ppp)
--- a/private/radio.te
+++ b/private/radio.te
 typeattribute radio coredomain;
+typeattribute radio domain_deprecated;
 app_domain(radio)

--- a/private/recovery.te
+++ b/private/recovery.te
 typeattribute recovery coredomain;
+typeattribute recovery domain_deprecated;
--- a/private/runas.te
+++ b/private/runas.te
 typeattribute runas coredomain;
+typeattribute runas domain_deprecated;
 # ndk-gdb invokes adb shell run-as.
 domain_auto_trans(shell, runas_exec, runas)
--- a/private/sdcardd.te
+++ b/private/sdcardd.te
 typeattribute sdcardd coredomain;
+typeattribute sdcardd domain_deprecated;
 type_transition sdcardd system_data_file:{ dir file } media_rw_data_file;
--- a/private/shared_relro.te
+++ b/private/shared_relro.te
 typeattribute shared_relro coredomain;
+typeattribute shared_relro domain_deprecated;
 # The shared relro process is a Java program forked from the zygote, so it
 # inherits from app to get basic permissions it needs to run.