aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--public/property.te69
1 files changed, 65 insertions, 4 deletions
diff --git a/public/property.te b/public/property.te
index 80453683..e5720d5e 100644
--- a/public/property.te
+++ b/public/property.te
@@ -155,7 +155,6 @@ compatible_property_only(`
155 -coredomain 155 -coredomain
156 -appdomain 156 -appdomain
157 -hal_nfc_server 157 -hal_nfc_server
158 -vendor_init
159 } { 158 } {
160 nfc_prop 159 nfc_prop
161 }:property_service set; 160 }:property_service set;
@@ -168,11 +167,57 @@ compatible_property_only(`
168 -vendor_init 167 -vendor_init
169 } { 168 } {
170 exported_radio_prop 169 exported_radio_prop
171 exported2_radio_prop
172 exported3_radio_prop 170 exported3_radio_prop
171 }:property_service set;
172
173 neverallow {
174 domain
175 -coredomain
176 -appdomain
177 -hal_telephony_server
178 } {
179 exported2_radio_prop
173 radio_prop 180 radio_prop
174 }:property_service set; 181 }:property_service set;
175 182
183 neverallow {
184 domain
185 -coredomain
186 -bluetooth
187 -hal_bluetooth
188 } {
189 bluetooth_prop
190 }:property_service set;
191
192 neverallow {
193 domain
194 -coredomain
195 -bluetooth
196 -hal_bluetooth
197 -vendor_init
198 } {
199 exported_bluetooth_prop
200 }:property_service set;
201
202 neverallow {
203 domain
204 -coredomain
205 -hal_wifi
206 -wificond
207 } {
208 wifi_prop
209 }:property_service set;
210
211 neverallow {
212 domain
213 -coredomain
214 -hal_wifi
215 -wificond
216 -vendor_init
217 } {
218 exported_wifi_prop
219 }:property_service set;
220
176# Prevent properties from being read 221# Prevent properties from being read
177 neverallow { 222 neverallow {
178 domain 223 domain
@@ -201,7 +246,6 @@ compatible_property_only(`
201 -coredomain 246 -coredomain
202 -appdomain 247 -appdomain
203 -hal_nfc_server 248 -hal_nfc_server
204 -vendor_init
205 } { 249 } {
206 nfc_prop 250 nfc_prop
207 }:file no_rw_file_perms; 251 }:file no_rw_file_perms;
@@ -211,8 +255,25 @@ compatible_property_only(`
211 -coredomain 255 -coredomain
212 -appdomain 256 -appdomain
213 -hal_telephony_server 257 -hal_telephony_server
214 -vendor_init
215 } { 258 } {
216 radio_prop 259 radio_prop
217 }:file no_rw_file_perms; 260 }:file no_rw_file_perms;
261
262 neverallow {
263 domain
264 -coredomain
265 -bluetooth
266 -hal_bluetooth
267 } {
268 bluetooth_prop
269 }:file no_rw_file_perms;
270
271 neverallow {
272 domain
273 -coredomain
274 -hal_wifi
275 -wificond
276 } {
277 wifi_prop
278 }:file no_rw_file_perms;
218') 279')