Reduce the number of processes that can start adbd

am: faebeaca Change-Id: I263f10cc06e23a01f1928d3c8dae3ab4e6357788

Reduce the number of processes that can start adbd
am: faebeaca Change-Id: I263f10cc06e23a01f1928d3c8dae3ab4e6357788
72bebcec · Luis Hector Chavez · android-build-merger · 67bd625c · faebeaca · 72bebcec
Commit 72bebcec authored 6 years ago by Luis Hector Chavez Committed by android-build-merger 6 years ago
--- a/private/compat/26.0/26.0.cil
+++ b/private/compat/26.0/26.0.cil
@@ -122,7 +122,7 @@
 (typeattributeset ctl_bootanim_prop_26_0 (ctl_bootanim_prop))
 (typeattributeset ctl_bugreport_prop_26_0 (ctl_bugreport_prop))
 (typeattributeset ctl_console_prop_26_0 (ctl_console_prop))
-(typeattributeset ctl_default_prop_26_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop))
+(typeattributeset ctl_default_prop_26_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop ctl_adbd_prop))
 (typeattributeset ctl_dumpstate_prop_26_0 (ctl_dumpstate_prop))
 (typeattributeset ctl_fuse_prop_26_0 (ctl_fuse_prop))
 (typeattributeset ctl_mdnsd_prop_26_0 (ctl_mdnsd_prop))

--- a/private/compat/27.0/27.0.cil
+++ b/private/compat/27.0/27.0.cil
@@ -826,7 +826,7 @@
 (typeattributeset ctl_bootanim_prop_27_0 (ctl_bootanim_prop))
 (typeattributeset ctl_bugreport_prop_27_0 (ctl_bugreport_prop))
 (typeattributeset ctl_console_prop_27_0 (ctl_console_prop))
-(typeattributeset ctl_default_prop_27_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop))
+(typeattributeset ctl_default_prop_27_0 (ctl_default_prop ctl_restart_prop ctl_start_prop ctl_stop_prop ctl_adbd_prop))
 (typeattributeset ctl_dumpstate_prop_27_0 (ctl_dumpstate_prop))
 (typeattributeset ctl_fuse_prop_27_0 (ctl_fuse_prop))
 (typeattributeset ctl_mdnsd_prop_27_0 (ctl_mdnsd_prop))

--- a/private/property_contexts
+++ b/private/property_contexts
@@ -115,6 +115,11 @@ ctl.interface_start$    u:object_r:ctl_interface_start_prop:s0
 ctl.interface_stop$     u:object_r:ctl_interface_stop_prop:s0
 ctl.interface_restart$  u:object_r:ctl_interface_restart_prop:s0

+ # Restrict access to starting/stopping adbd
+ctl.start$adbd             u:object_r:ctl_adbd_prop:s0
+ctl.stop$adbd              u:object_r:ctl_adbd_prop:s0
+ctl.restart$adbd           u:object_r:ctl_adbd_prop:s0
+
 # NFC properties
 nfc.                    u:object_r:nfc_prop:s0


--- a/public/adbd.te
+++ b/public/adbd.te
@@ -2,3 +2,7 @@
 # it lives in the rootfs and has no unique file type.
 type adbd, domain;
 type adbd_exec, exec_type, file_type;
+
+# Only init is allowed to enter the adbd domain via exec()
+neverallow { domain -init } adbd:process transition;
+neverallow * adbd:process dyntransition;
--- a/public/property.te
+++ b/public/property.te
@@ -5,6 +5,7 @@ type bluetooth_prop, property_type;
 type bootloader_boot_reason_prop, property_type;
 type config_prop, property_type, core_property_type;
 type cppreopt_prop, property_type, core_property_type;
+type ctl_adbd_prop, property_type;
 type ctl_bootanim_prop, property_type;
 type ctl_bugreport_prop, property_type;
 type ctl_console_prop, property_type;
@@ -327,6 +328,7 @@ compatible_property_only(`
    -boottime_prop
    -config_prop
    -cppreopt_prop
+    -ctl_adbd_prop
    -ctl_bootanim_prop
    -ctl_bugreport_prop
    -ctl_console_prop

--- a/public/recovery.te
+++ b/public/recovery.te
@@ -109,7 +109,7 @@ recovery_only(`
  set_prop(recovery, powerctl_prop)

  # Start/stop adbd via ctl.start adbd
-  set_prop(recovery, ctl_default_prop)
+  set_prop(recovery, ctl_adbd_prop)

  # Read serial number of the device from system properties
  get_prop(recovery, serialno_prop)

--- a/public/usbd.te
+++ b/public/usbd.te
 type usbd, domain;
 type usbd_exec, exec_type, file_type;

+# Start/stop adbd via ctl.start adbd
+set_prop(usbd, ctl_adbd_prop)