Clean up the obsoleted dontaudit rules
Verify with the ROM: go/ab/7203892 oriole-userdebug
Test: $ make selinux_policy
Push selinux modules. Check the denials during boot.
$ pts-tradefed run commandAndExit pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanBugreport
$ pts-tradefed run commandAndExit pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Bug: 171760597
Bug: 171760846
Bug: 173969190
Bug: 174443175
Bug: 176777145
Bug: 176868315
Bug: 177386448
Bug: 177389321
Bug: 177614659
Bug: 177616188
Bug: 177778551
Bug: 177778793
Bug: 177860838
Bug: 177862403
Bug: 177862777
Bug: 177966144
Bug: 178433506
Bug: 178433618
Bug: 178753151
Bug: 178752409
Bug: 178979985
Bug: 178980142
Bug: 179093352
Bug: 179310875
Bug: 179435036
Bug: 179437293
Bug: 179437737
Bug: 180551518
Bug: 180567612
Bug: 180655373
Bug: 180656244
Bug: 180874342
Bug: 180963328
Bug: 180963587
Change-Id: I19e19e49d36e5635629c1e68c7d23a98c714ebcf
This commit is contained in:
Alex Hong
parent
3b10aeadae
commit
abfa9355ee
13 changed files with 0 additions and 285 deletions
|
|
@ -1,9 +0,0 @@
|
|||
# b/177862403
|
||||
dontaudit init-thermal-symlinks-sh sysfs_thermal:lnk_file { read };
|
||||
dontaudit init-thermal-symlinks-sh sysfs_thermal:lnk_file { read };
|
||||
dontaudit init-thermal-symlinks-sh sysfs_thermal:lnk_file { read };
|
||||
dontaudit init-thermal-symlinks-sh sysfs_thermal:lnk_file { read };
|
||||
dontaudit init-thermal-symlinks-sh sysfs_thermal:lnk_file { read };
|
||||
dontaudit init-thermal-symlinks-sh sysfs_thermal:lnk_file { read };
|
||||
dontaudit init-thermal-symlinks-sh sysfs_thermal:lnk_file { read };
|
||||
dontaudit init-thermal-symlinks-sh sysfs_thermal:lnk_file { read };
|
||||
|
|
@ -1,17 +1,3 @@
|
|||
# b/177966144
|
||||
dontaudit init sysfs:file { open };
|
||||
dontaudit init sysfs:file { setattr };
|
||||
dontaudit init sysfs:file { open };
|
||||
dontaudit init sysfs:file { write };
|
||||
dontaudit init sysfs:file { setattr };
|
||||
dontaudit init sysfs:file { write };
|
||||
# b/178979985
|
||||
dontaudit init device:chr_file { ioctl };
|
||||
dontaudit init device:chr_file { open };
|
||||
dontaudit init device:chr_file { read write };
|
||||
dontaudit init device:chr_file { ioctl };
|
||||
dontaudit init device:chr_file { open };
|
||||
dontaudit init device:chr_file { read write };
|
||||
# b/180963348
|
||||
dontaudit init overlayfs_file:chr_file { unlink };
|
||||
dontaudit init overlayfs_file:file { rename };
|
||||
|
|
|
|||
|
|
@ -1,13 +0,0 @@
|
|||
# b/176777145
|
||||
dontaudit modem_logging_control vendor_sys_default_prop:property_service set ;
|
||||
# b/176851633
|
||||
dontaudit modem_logging_control vendor_sys_default_prop:file { read };
|
||||
dontaudit modem_logging_control vendor_sys_default_prop:file { read };
|
||||
dontaudit modem_logging_control vendor_sys_default_prop:file { open };
|
||||
dontaudit modem_logging_control vendor_sys_default_prop:file { getattr };
|
||||
dontaudit modem_logging_control vendor_sys_default_prop:file { map };
|
||||
dontaudit modem_logging_control vendor_sys_default_prop:file { open };
|
||||
dontaudit modem_logging_control vendor_sys_default_prop:file { getattr };
|
||||
dontaudit modem_logging_control vendor_sys_default_prop:file { map };
|
||||
# b/176868315
|
||||
dontaudit modem_logging_control vendor_sys_default_prop:property_service set ;
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
# b/178433506
|
||||
dontaudit platform_app property_type:file *;
|
||||
# b/179093352
|
||||
dontaudit platform_app hal_wlc:binder { transfer };
|
||||
dontaudit platform_app hal_wlc:binder { call };
|
||||
dontaudit platform_app hal_wlc_hwservice:hwservice_manager { find };
|
||||
dontaudit platform_app hal_wlc:binder { call };
|
||||
dontaudit platform_app hal_wlc:binder { transfer };
|
||||
|
|
@ -1,51 +1,3 @@
|
|||
# b/180551518
|
||||
dontaudit priv_app apk_verity_prop:file { getattr };
|
||||
dontaudit priv_app audio_config_prop:file { getattr };
|
||||
dontaudit priv_app apexd_prop:file { open };
|
||||
dontaudit priv_app apexd_prop:file { getattr };
|
||||
dontaudit priv_app apexd_prop:file { map };
|
||||
dontaudit priv_app apk_verity_prop:file { open };
|
||||
dontaudit priv_app audio_config_prop:file { open };
|
||||
dontaudit priv_app apk_verity_prop:file { map };
|
||||
dontaudit priv_app apk_verity_prop:file { getattr };
|
||||
dontaudit priv_app apk_verity_prop:file { open };
|
||||
dontaudit priv_app apexd_prop:file { map };
|
||||
dontaudit priv_app apexd_prop:file { getattr };
|
||||
dontaudit priv_app apexd_prop:file { open };
|
||||
dontaudit priv_app apexd_prop:file { open };
|
||||
dontaudit priv_app apexd_prop:file { getattr };
|
||||
dontaudit priv_app apexd_prop:file { map };
|
||||
dontaudit priv_app apk_verity_prop:file { open };
|
||||
dontaudit priv_app apk_verity_prop:file { getattr };
|
||||
dontaudit priv_app apk_verity_prop:file { map };
|
||||
dontaudit priv_app audio_config_prop:file { open };
|
||||
dontaudit priv_app audio_config_prop:file { getattr };
|
||||
dontaudit priv_app apexd_prop:file { open };
|
||||
dontaudit priv_app apexd_prop:file { getattr };
|
||||
dontaudit priv_app apexd_prop:file { map };
|
||||
dontaudit priv_app apk_verity_prop:file { open };
|
||||
dontaudit priv_app apk_verity_prop:file { getattr };
|
||||
# b/180567612
|
||||
dontaudit priv_app audio_config_prop:file { map };
|
||||
dontaudit priv_app bluetooth_audio_hal_prop:file { getattr };
|
||||
dontaudit priv_app bluetooth_audio_hal_prop:file { map };
|
||||
dontaudit priv_app bluetooth_prop:file { open };
|
||||
dontaudit priv_app bluetooth_prop:file { getattr };
|
||||
dontaudit priv_app bluetooth_audio_hal_prop:file { open };
|
||||
dontaudit priv_app bluetooth_a2dp_offload_prop:file { map };
|
||||
dontaudit priv_app bluetooth_a2dp_offload_prop:file { getattr };
|
||||
dontaudit priv_app bluetooth_a2dp_offload_prop:file { open };
|
||||
dontaudit priv_app audio_config_prop:file { map };
|
||||
dontaudit priv_app bluetooth_a2dp_offload_prop:file { open };
|
||||
dontaudit priv_app bluetooth_a2dp_offload_prop:file { getattr };
|
||||
dontaudit priv_app bluetooth_a2dp_offload_prop:file { map };
|
||||
dontaudit priv_app bluetooth_audio_hal_prop:file { open };
|
||||
dontaudit priv_app bluetooth_audio_hal_prop:file { getattr };
|
||||
dontaudit priv_app bluetooth_audio_hal_prop:file { map };
|
||||
dontaudit priv_app bluetooth_prop:file { open };
|
||||
dontaudit priv_app bluetooth_prop:file { getattr };
|
||||
# b/180656244
|
||||
dontaudit priv_app property_type:file *;
|
||||
# b/180858511
|
||||
dontaudit priv_app hal_neuralnetworks_armnn:binder { call };
|
||||
dontaudit priv_app hal_neuralnetworks_armnn:binder { call };
|
||||
|
|
|
|||
|
|
@ -1,13 +0,0 @@
|
|||
# b/173969190
|
||||
dontaudit scd vendor_data_file:dir { write };
|
||||
dontaudit scd vendor_data_file:dir { add_name };
|
||||
dontaudit scd vendor_data_file:dir { write };
|
||||
dontaudit scd vendor_data_file:file { create };
|
||||
dontaudit scd vendor_data_file:file { lock };
|
||||
dontaudit scd vendor_data_file:file { create };
|
||||
dontaudit scd vendor_data_file:file { lock };
|
||||
dontaudit scd vendor_data_file:file { open };
|
||||
dontaudit scd vendor_data_file:file { write };
|
||||
dontaudit scd vendor_data_file:file { write };
|
||||
dontaudit scd vendor_data_file:file { open };
|
||||
dontaudit scd vendor_data_file:dir { add_name };
|
||||
|
|
@ -1,10 +1,4 @@
|
|||
# b/171760846
|
||||
dontaudit sced hwservicemanager:binder { call };
|
||||
dontaudit sced hidl_base_hwservice:hwservice_manager { add };
|
||||
dontaudit sced hal_vendor_oem_hwservice:hwservice_manager { add };
|
||||
dontaudit sced hal_vendor_oem_hwservice:hwservice_manager { find };
|
||||
dontaudit sced hwservicemanager_prop:file { read };
|
||||
dontaudit sced hwservicemanager_prop:file { open };
|
||||
dontaudit sced hwservicemanager:binder { transfer };
|
||||
dontaudit sced hwservicemanager_prop:file { map };
|
||||
dontaudit sced hwservicemanager_prop:file { getattr };
|
||||
|
|
|
|||
|
|
@ -1,7 +1,2 @@
|
|||
# b/171760597
|
||||
dontaudit shell property_type:file *;
|
||||
# b/178979984
|
||||
dontaudit shell device:chr_file { ioctl };
|
||||
dontaudit shell device:chr_file { read write };
|
||||
dontaudit shell device:chr_file { read write };
|
||||
dontaudit shell device:chr_file { ioctl };
|
||||
|
|
|
|||
|
|
@ -1,4 +0,0 @@
|
|||
# b/178433618
|
||||
dontaudit system_app property_type:file *;
|
||||
# b/179435036
|
||||
dontaudit system_app default_android_service:service_manager { add };
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
# b/178980142
|
||||
dontaudit system_server property_type:file *;
|
||||
|
|
@ -1,9 +0,0 @@
|
|||
# b/180874342
|
||||
dontaudit trusty_apploader dmabuf_system_heap_device:chr_file { read };
|
||||
dontaudit trusty_apploader dmabuf_system_heap_device:chr_file { open };
|
||||
dontaudit trusty_apploader dmabuf_system_heap_device:chr_file { ioctl };
|
||||
dontaudit trusty_apploader dmabuf_system_heap_device:chr_file { read };
|
||||
dontaudit trusty_apploader dmabuf_system_heap_device:chr_file { open };
|
||||
dontaudit trusty_apploader dmabuf_system_heap_device:chr_file { ioctl };
|
||||
dontaudit trusty_apploader trusty_apploader:capability { dac_override };
|
||||
dontaudit trusty_apploader trusty_apploader:capability { dac_override };
|
||||
|
|
@ -1,149 +0,0 @@
|
|||
# b/177389321
|
||||
dontaudit untrusted_app_25 ab_update_gki_prop:file { map };
|
||||
dontaudit untrusted_app_25 aac_drc_prop:file { open };
|
||||
dontaudit untrusted_app_25 ab_update_gki_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ab_update_gki_prop:file { open };
|
||||
dontaudit untrusted_app_25 aac_drc_prop:file { map };
|
||||
dontaudit untrusted_app_25 aac_drc_prop:file { getattr };
|
||||
# b/177614659
|
||||
dontaudit untrusted_app_25 apk_verity_prop:file { open };
|
||||
dontaudit untrusted_app_25 apexd_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 apexd_prop:file { open };
|
||||
dontaudit untrusted_app_25 apexd_prop:file { map };
|
||||
dontaudit untrusted_app_25 apk_verity_prop:file { map };
|
||||
dontaudit untrusted_app_25 audio_config_prop:file { open };
|
||||
dontaudit untrusted_app_25 audio_config_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 audio_config_prop:file { map };
|
||||
dontaudit untrusted_app_25 apk_verity_prop:file { getattr };
|
||||
# b/177616188
|
||||
dontaudit untrusted_app_25 bluetooth_a2dp_offload_prop:file { open };
|
||||
dontaudit untrusted_app_25 bluetooth_a2dp_offload_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 bluetooth_a2dp_offload_prop:file { map };
|
||||
dontaudit untrusted_app_25 bluetooth_audio_hal_prop:file { open };
|
||||
dontaudit untrusted_app_25 bluetooth_audio_hal_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 bluetooth_audio_hal_prop:file { map };
|
||||
dontaudit untrusted_app_25 bluetooth_prop:file { open };
|
||||
dontaudit untrusted_app_25 bluetooth_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 bluetooth_prop:file { map };
|
||||
# b/177778551
|
||||
dontaudit untrusted_app_25 boottime_public_prop:file { open };
|
||||
dontaudit untrusted_app_25 bootloader_boot_reason_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 bootloader_boot_reason_prop:file { map };
|
||||
dontaudit untrusted_app_25 boottime_prop:file { open };
|
||||
dontaudit untrusted_app_25 boottime_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 boottime_prop:file { map };
|
||||
dontaudit untrusted_app_25 bootloader_boot_reason_prop:file { open };
|
||||
# b/177778793
|
||||
dontaudit untrusted_app_25 boottime_public_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 boottime_public_prop:file { map };
|
||||
dontaudit untrusted_app_25 bpf_progs_loaded_prop:file { open };
|
||||
dontaudit untrusted_app_25 bpf_progs_loaded_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 bpf_progs_loaded_prop:file { map };
|
||||
dontaudit untrusted_app_25 build_bootimage_prop:file { open };
|
||||
dontaudit untrusted_app_25 build_bootimage_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 build_bootimage_prop:file { map };
|
||||
dontaudit untrusted_app_25 build_config_prop:file { open };
|
||||
# b/177860838
|
||||
dontaudit untrusted_app_25 charger_status_prop:file { open };
|
||||
dontaudit untrusted_app_25 charger_prop:file { map };
|
||||
dontaudit untrusted_app_25 charger_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 charger_prop:file { open };
|
||||
dontaudit untrusted_app_25 charger_config_prop:file { map };
|
||||
dontaudit untrusted_app_25 charger_config_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 build_config_prop:file { map };
|
||||
dontaudit untrusted_app_25 build_config_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 charger_config_prop:file { open };
|
||||
# b/177862777
|
||||
dontaudit untrusted_app_25 charger_status_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 charger_status_prop:file { map };
|
||||
dontaudit untrusted_app_25 cold_boot_done_prop:file { open };
|
||||
dontaudit untrusted_app_25 cold_boot_done_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 cold_boot_done_prop:file { map };
|
||||
dontaudit untrusted_app_25 cpu_variant_prop:file { open };
|
||||
dontaudit untrusted_app_25 cpu_variant_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 cpu_variant_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_adbd_prop:file { open };
|
||||
# b/178752409
|
||||
dontaudit untrusted_app_25 ctl_adbd_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_apexd_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_adbd_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_apexd_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_apexd_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_apexd_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_adbd_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_adbd_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_apexd_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_bootanim_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_bootanim_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_bootanim_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_apexd_prop:file { getattr };
|
||||
# b/178753151
|
||||
dontaudit untrusted_app_25 ctl_bugreport_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_bugreport_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_bugreport_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_console_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_console_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_console_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_default_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_default_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_bugreport_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_bugreport_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_bugreport_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_console_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_console_prop:file { getattr };
|
||||
# b/179310875
|
||||
dontaudit untrusted_app_25 ctl_dumpstate_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_fuse_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_dumpstate_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_dumpstate_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_default_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_dumpstate_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_dumpstate_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_default_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_gsid_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_fuse_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_fuse_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_fuse_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_dumpstate_prop:file { getattr };
|
||||
# b/179437293
|
||||
dontaudit untrusted_app_25 ctl_interface_stop_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_interface_restart_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_interface_restart_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_interface_restart_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_gsid_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_gsid_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_interface_start_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_interface_start_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_interface_start_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_interface_restart_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_interface_restart_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_interface_restart_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_gsid_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_gsid_prop:file { map };
|
||||
# b/179437737
|
||||
dontaudit untrusted_app_25 ctl_interface_restart_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_gsid_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_gsid_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_interface_restart_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_interface_restart_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_interface_start_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_interface_start_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_interface_start_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_gsid_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_gsid_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_interface_restart_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_interface_restart_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_interface_restart_prop:file { map };
|
||||
# b/180963328
|
||||
dontaudit untrusted_app_25 ctl_mdnsd_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_interface_stop_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_interface_stop_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_mdnsd_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_mdnsd_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_mdnsd_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_mdnsd_prop:file { getattr };
|
||||
dontaudit untrusted_app_25 ctl_mdnsd_prop:file { open };
|
||||
dontaudit untrusted_app_25 ctl_interface_stop_prop:file { map };
|
||||
dontaudit untrusted_app_25 ctl_interface_stop_prop:file { getattr };
|
||||
# b/180963587
|
||||
dontaudit untrusted_app_25 property_type:file *;
|
||||
|
|
@ -5,11 +5,6 @@ dontaudit vendor_init debugfs_trace_marker:file { getattr };
|
|||
userdebug_or_eng(`
|
||||
permissive vendor_init;
|
||||
')
|
||||
# b/174443175
|
||||
dontaudit vendor_init vendor_power_prop:property_service { set };
|
||||
# b/177386448
|
||||
dontaudit vendor_init device:file { create };
|
||||
dontaudit vendor_init device:file { create };
|
||||
# b/178980032
|
||||
dontaudit vendor_init unlabeled:dir { setattr };
|
||||
dontaudit vendor_init unlabeled:dir { read };
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue