Evolution-x-devices/device_google_wahoo
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_wahoo synced 2026-01-31 00:16:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "Device SELinux policy for secure persistent netd storage" into oc-dr1-dev

Browse Source 
am: 4293069bf3

Change-Id: If3f2e474fc694ef6a0254846985ce0f059112a49
This commit is contained in:
Lorenzo Colitti
2017-07-12 14:01:48 +00:00
committed by android-build-merger
parent c0ac85d203 4293069bf3
commit 946dfb8ab5
3 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
sepolicy/private/netd.te Normal file
View File

@@ -0,0 +1,10 @@
# TODO: delete this once it's in common sepolicy.
set_prop(netd, netd_stable_secret_prop)
# persist.netd.stable_secret contains RFC 7217 secret key which should never be
# leaked to other processes. Make sure it never leaks.
neverallow { domain -netd -init } netd_stable_secret_prop:file r_file_perms;
# We want to ensure that no other process ever tries tampering with persist.netd.stable_secret,
# the RFC 7217 secret key managed by netd. Doing so could compromise user privacy.
neverallow { domain -netd -init } netd_stable_secret_prop:property_service set;

2
sepolicy/private/property.te Normal file
View File

@@ -0,0 +1,2 @@
# TODO: delete this once it's in common sepolicy.
type netd_stable_secret_prop, property_type;

2
sepolicy/private/property_contexts Normal file
View File

@@ -0,0 +1,2 @@
# TODO: delete this once it's in common sepolicy.
persist.netd.stable_secret u:object_r:netd_stable_secret_prop:s0