Merge "Move domain_deprecated into private policy" into oc-dev

am: 02a101a6 Change-Id: I0140009cfbf316489db4994b414ac079776ead21

Merge "Move domain_deprecated into private policy" into oc-dev
am: 02a101a6 Change-Id: I0140009cfbf316489db4994b414ac079776ead21
35e09523 · Jeff Vander Stoep · android-build-merger · 270e70be · 02a101a6 · 35e09523
Commit 35e09523 authored 7 years ago by Jeff Vander Stoep Committed by android-build-merger 7 years ago
--- a/private/attributes
+++ b/private/attributes
+# Temporary attribute used for migrating permissions out of domain.
+# Motivation: Domain is overly permissive. Start removing permissions
+# from domain and assign them to the domain_deprecated attribute.
+# Domain_deprecated and domain can initially be assigned to all
+# domains. The goal is to not assign domain_deprecated to new domains
+# and to start removing domain_deprecated where it's not required or
+# reassigning the appropriate permissions to the inheriting domain
+# when necessary.
+attribute domain_deprecated;
--- a/private/clatd.te
+++ b/private/clatd.te
 typeattribute clatd coredomain;
+typeattribute clatd domain_deprecated;
--- a/private/dex2oat.te
+++ b/private/dex2oat.te
 typeattribute dex2oat coredomain;
+typeattribute dex2oat domain_deprecated;
--- a/private/dhcp.te
+++ b/private/dhcp.te
 typeattribute dhcp coredomain;
+typeattribute dhcp domain_deprecated;

 init_daemon_domain(dhcp)
 type_transition dhcp system_data_file:{ dir file } dhcp_data_file;
--- a/public/domain_deprecated.te
+++ b/public/domain_deprecated.te
@@ -79,7 +79,6 @@ auditallow {
  -fingerprintd
  -installd
  -keystore
-  -rild
  -surfaceflinger
  -system_server
  -update_engine
@@ -193,7 +192,6 @@ auditallow {
  domain_deprecated
  -fsck
  -fsck_untrusted
-  -rild
  -sdcardd
  -system_server
  -update_engine
@@ -203,7 +201,6 @@ auditallow {
  domain_deprecated
  -fsck
  -fsck_untrusted
-  -rild
  -system_server
  -vold
 } proc:lnk_file { open ioctl lock }; # getattr read granted in domain
@@ -212,7 +209,6 @@ auditallow {
  -fingerprintd
  -healthd
  -netd
-  -rild
  -system_app
  -surfaceflinger
  -system_server
@@ -225,7 +221,6 @@ auditallow {
  -fingerprintd
  -healthd
  -netd
-  -rild
  -system_app
  -surfaceflinger
  -system_server
@@ -238,7 +233,6 @@ auditallow {
  -fingerprintd
  -healthd
  -netd
-  -rild
  -system_app
  -surfaceflinger
  -system_server
@@ -256,7 +250,6 @@ auditallow {
  -installd
  -keystore
  -netd
-  -rild
  -surfaceflinger
  -system_server
  -zygote
@@ -271,7 +264,6 @@ auditallow {
  -installd
  -keystore
  -netd
-  -rild
  -surfaceflinger
  -system_server
  -zygote

--- a/private/dumpstate.te
+++ b/private/dumpstate.te
 typeattribute dumpstate coredomain;
+typeattribute dumpstate domain_deprecated;

 init_daemon_domain(dumpstate)


--- a/private/fingerprintd.te
+++ b/private/fingerprintd.te
 typeattribute fingerprintd coredomain;
+typeattribute fingerprintd domain_deprecated;

 init_daemon_domain(fingerprintd)
--- a/private/fsck.te
+++ b/private/fsck.te
 typeattribute fsck coredomain;
+typeattribute fsck domain_deprecated;

 init_daemon_domain(fsck)
--- a/private/fsck_untrusted.te
+++ b/private/fsck_untrusted.te
 typeattribute fsck_untrusted coredomain;
+typeattribute fsck_untrusted domain_deprecated;
--- a/private/installd.te
+++ b/private/installd.te
 typeattribute installd coredomain;
+typeattribute installd domain_deprecated;

 init_daemon_domain(installd)


--- a/private/keystore.te
+++ b/private/keystore.te
 typeattribute keystore coredomain;
+typeattribute keystore domain_deprecated;

 init_daemon_domain(keystore)


--- a/private/mtp.te
+++ b/private/mtp.te
 typeattribute mtp coredomain;
+typeattribute mtp domain_deprecated;

 init_daemon_domain(mtp)
--- a/private/netd.te
+++ b/private/netd.te
 typeattribute netd coredomain;
+typeattribute netd domain_deprecated;

 init_daemon_domain(netd)


--- a/private/perfprofd.te
+++ b/private/perfprofd.te
 userdebug_or_eng(`
  typeattribute perfprofd coredomain;
+  typeattribute perfprofd domain_deprecated;
  init_daemon_domain(perfprofd)
 ')
--- a/private/ppp.te
+++ b/private/ppp.te
 typeattribute ppp coredomain;
+typeattribute ppp domain_deprecated;

 domain_auto_trans(mtp, ppp_exec, ppp)
--- a/private/radio.te
+++ b/private/radio.te
 typeattribute radio coredomain;
+typeattribute radio domain_deprecated;

 app_domain(radio)


--- a/private/recovery.te
+++ b/private/recovery.te
 typeattribute recovery coredomain;
+typeattribute recovery domain_deprecated;
--- a/private/runas.te
+++ b/private/runas.te
 typeattribute runas coredomain;
+typeattribute runas domain_deprecated;

 # ndk-gdb invokes adb shell run-as.
 domain_auto_trans(shell, runas_exec, runas)
--- a/private/sdcardd.te
+++ b/private/sdcardd.te
 typeattribute sdcardd coredomain;
+typeattribute sdcardd domain_deprecated;

 type_transition sdcardd system_data_file:{ dir file } media_rw_data_file;
--- a/private/shared_relro.te
+++ b/private/shared_relro.te
 typeattribute shared_relro coredomain;
+typeattribute shared_relro domain_deprecated;

 # The shared relro process is a Java program forked from the zygote, so it
 # inherits from app to get basic permissions it needs to run.