1*e4a36f41SAndroid Build Coastguard Worker# Properties used only in /system 2*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(adbd_prop) 3*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(ctl_snapuserd_prop) 4*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(device_config_lmkd_native_prop) 5*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(device_config_profcollect_native_boot_prop) 6*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(device_config_statsd_native_prop) 7*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(device_config_statsd_native_boot_prop) 8*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(device_config_storage_native_boot_prop) 9*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(device_config_sys_traced_prop) 10*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(device_config_window_manager_native_boot_prop) 11*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(device_config_configuration_prop) 12*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(device_config_connectivity_prop) 13*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(device_config_swcodec_native_prop) 14*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(fastbootd_protocol_prop) 15*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(gsid_prop) 16*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(init_perf_lsm_hooks_prop) 17*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(init_service_status_private_prop) 18*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(init_svc_debug_prop) 19*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(keystore_crash_prop) 20*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(keystore_listen_prop) 21*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(last_boot_reason_prop) 22*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(localization_prop) 23*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(lower_kptr_restrict_prop) 24*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(net_464xlat_fromvendor_prop) 25*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(net_connectivity_prop) 26*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(netd_stable_secret_prop) 27*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(odsign_prop) 28*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(perf_drop_caches_prop) 29*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(pm_prop) 30*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(profcollectd_node_id_prop) 31*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(radio_cdma_ecm_prop) 32*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(rollback_test_prop) 33*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(setupwizard_prop) 34*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(system_adbd_prop) 35*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(traced_perf_enabled_prop) 36*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(userspace_reboot_log_prop) 37*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(userspace_reboot_test_prop) 38*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(verity_status_prop) 39*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(zygote_wrap_prop) 40*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(ctl_mediatranscoding_prop) 41*e4a36f41SAndroid Build Coastguard Workersystem_internal_prop(ctl_odsign_prop) 42*e4a36f41SAndroid Build Coastguard Worker 43*e4a36f41SAndroid Build Coastguard Worker### 44*e4a36f41SAndroid Build Coastguard Worker### Neverallow rules 45*e4a36f41SAndroid Build Coastguard Worker### 46*e4a36f41SAndroid Build Coastguard Worker 47*e4a36f41SAndroid Build Coastguard Workertreble_sysprop_neverallow(` 48*e4a36f41SAndroid Build Coastguard Worker 49*e4a36f41SAndroid Build Coastguard Workerenforce_sysprop_owner(` 50*e4a36f41SAndroid Build Coastguard Worker neverallow domain { 51*e4a36f41SAndroid Build Coastguard Worker property_type 52*e4a36f41SAndroid Build Coastguard Worker -system_property_type 53*e4a36f41SAndroid Build Coastguard Worker -product_property_type 54*e4a36f41SAndroid Build Coastguard Worker -vendor_property_type 55*e4a36f41SAndroid Build Coastguard Worker }:file no_rw_file_perms; 56*e4a36f41SAndroid Build Coastguard Worker') 57*e4a36f41SAndroid Build Coastguard Worker 58*e4a36f41SAndroid Build Coastguard Workerneverallow { domain -coredomain } { 59*e4a36f41SAndroid Build Coastguard Worker system_property_type 60*e4a36f41SAndroid Build Coastguard Worker system_internal_property_type 61*e4a36f41SAndroid Build Coastguard Worker -system_restricted_property_type 62*e4a36f41SAndroid Build Coastguard Worker -system_public_property_type 63*e4a36f41SAndroid Build Coastguard Worker}:file no_rw_file_perms; 64*e4a36f41SAndroid Build Coastguard Worker 65*e4a36f41SAndroid Build Coastguard Workerneverallow { domain -coredomain } { 66*e4a36f41SAndroid Build Coastguard Worker system_property_type 67*e4a36f41SAndroid Build Coastguard Worker -system_public_property_type 68*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 69*e4a36f41SAndroid Build Coastguard Worker 70*e4a36f41SAndroid Build Coastguard Worker# init is in coredomain, but should be able to read/write all props. 71*e4a36f41SAndroid Build Coastguard Worker# dumpstate is also in coredomain, but should be able to read all props. 72*e4a36f41SAndroid Build Coastguard Workerneverallow { coredomain -init -dumpstate } { 73*e4a36f41SAndroid Build Coastguard Worker vendor_property_type 74*e4a36f41SAndroid Build Coastguard Worker vendor_internal_property_type 75*e4a36f41SAndroid Build Coastguard Worker -vendor_restricted_property_type 76*e4a36f41SAndroid Build Coastguard Worker -vendor_public_property_type 77*e4a36f41SAndroid Build Coastguard Worker}:file no_rw_file_perms; 78*e4a36f41SAndroid Build Coastguard Worker 79*e4a36f41SAndroid Build Coastguard Workerneverallow { coredomain -init } { 80*e4a36f41SAndroid Build Coastguard Worker vendor_property_type 81*e4a36f41SAndroid Build Coastguard Worker -vendor_public_property_type 82*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 83*e4a36f41SAndroid Build Coastguard Worker 84*e4a36f41SAndroid Build Coastguard Worker') 85*e4a36f41SAndroid Build Coastguard Worker 86*e4a36f41SAndroid Build Coastguard Worker# There is no need to perform ioctl or advisory locking operations on 87*e4a36f41SAndroid Build Coastguard Worker# property files. If this neverallow is being triggered, it is 88*e4a36f41SAndroid Build Coastguard Worker# likely that the policy is using r_file_perms directly instead of 89*e4a36f41SAndroid Build Coastguard Worker# the get_prop() macro. 90*e4a36f41SAndroid Build Coastguard Workerneverallow domain property_type:file { ioctl lock }; 91*e4a36f41SAndroid Build Coastguard Worker 92*e4a36f41SAndroid Build Coastguard Workerneverallow * { 93*e4a36f41SAndroid Build Coastguard Worker core_property_type 94*e4a36f41SAndroid Build Coastguard Worker -audio_prop 95*e4a36f41SAndroid Build Coastguard Worker -config_prop 96*e4a36f41SAndroid Build Coastguard Worker -cppreopt_prop 97*e4a36f41SAndroid Build Coastguard Worker -dalvik_prop 98*e4a36f41SAndroid Build Coastguard Worker -debuggerd_prop 99*e4a36f41SAndroid Build Coastguard Worker -debug_prop 100*e4a36f41SAndroid Build Coastguard Worker -dhcp_prop 101*e4a36f41SAndroid Build Coastguard Worker -dumpstate_prop 102*e4a36f41SAndroid Build Coastguard Worker -fingerprint_prop 103*e4a36f41SAndroid Build Coastguard Worker -logd_prop 104*e4a36f41SAndroid Build Coastguard Worker -net_radio_prop 105*e4a36f41SAndroid Build Coastguard Worker -nfc_prop 106*e4a36f41SAndroid Build Coastguard Worker -ota_prop 107*e4a36f41SAndroid Build Coastguard Worker -pan_result_prop 108*e4a36f41SAndroid Build Coastguard Worker -persist_debug_prop 109*e4a36f41SAndroid Build Coastguard Worker -powerctl_prop 110*e4a36f41SAndroid Build Coastguard Worker -radio_prop 111*e4a36f41SAndroid Build Coastguard Worker -restorecon_prop 112*e4a36f41SAndroid Build Coastguard Worker -shell_prop 113*e4a36f41SAndroid Build Coastguard Worker -system_prop 114*e4a36f41SAndroid Build Coastguard Worker -usb_prop 115*e4a36f41SAndroid Build Coastguard Worker -vold_prop 116*e4a36f41SAndroid Build Coastguard Worker}:file no_rw_file_perms; 117*e4a36f41SAndroid Build Coastguard Worker 118*e4a36f41SAndroid Build Coastguard Worker# sigstop property is only used for debugging; should only be set by su which is permissive 119*e4a36f41SAndroid Build Coastguard Worker# for userdebug/eng 120*e4a36f41SAndroid Build Coastguard Workerneverallow { 121*e4a36f41SAndroid Build Coastguard Worker domain 122*e4a36f41SAndroid Build Coastguard Worker -init 123*e4a36f41SAndroid Build Coastguard Worker -vendor_init 124*e4a36f41SAndroid Build Coastguard Worker} ctl_sigstop_prop:property_service set; 125*e4a36f41SAndroid Build Coastguard Worker 126*e4a36f41SAndroid Build Coastguard Worker# Don't audit legacy ctl. property handling. We only want the newer permission check to appear 127*e4a36f41SAndroid Build Coastguard Worker# in the audit log 128*e4a36f41SAndroid Build Coastguard Workerdontaudit domain { 129*e4a36f41SAndroid Build Coastguard Worker ctl_bootanim_prop 130*e4a36f41SAndroid Build Coastguard Worker ctl_bugreport_prop 131*e4a36f41SAndroid Build Coastguard Worker ctl_console_prop 132*e4a36f41SAndroid Build Coastguard Worker ctl_default_prop 133*e4a36f41SAndroid Build Coastguard Worker ctl_dumpstate_prop 134*e4a36f41SAndroid Build Coastguard Worker ctl_fuse_prop 135*e4a36f41SAndroid Build Coastguard Worker ctl_mdnsd_prop 136*e4a36f41SAndroid Build Coastguard Worker ctl_rildaemon_prop 137*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 138*e4a36f41SAndroid Build Coastguard Worker 139*e4a36f41SAndroid Build Coastguard Workerneverallow { 140*e4a36f41SAndroid Build Coastguard Worker domain 141*e4a36f41SAndroid Build Coastguard Worker -init 142*e4a36f41SAndroid Build Coastguard Worker} init_svc_debug_prop:property_service set; 143*e4a36f41SAndroid Build Coastguard Worker 144*e4a36f41SAndroid Build Coastguard Workerneverallow { 145*e4a36f41SAndroid Build Coastguard Worker domain 146*e4a36f41SAndroid Build Coastguard Worker -init 147*e4a36f41SAndroid Build Coastguard Worker -dumpstate 148*e4a36f41SAndroid Build Coastguard Worker userdebug_or_eng(`-su') 149*e4a36f41SAndroid Build Coastguard Worker} init_svc_debug_prop:file no_rw_file_perms; 150*e4a36f41SAndroid Build Coastguard Worker 151*e4a36f41SAndroid Build Coastguard Workercompatible_property_only(` 152*e4a36f41SAndroid Build Coastguard Worker# Prevent properties from being set 153*e4a36f41SAndroid Build Coastguard Worker neverallow { 154*e4a36f41SAndroid Build Coastguard Worker domain 155*e4a36f41SAndroid Build Coastguard Worker -coredomain 156*e4a36f41SAndroid Build Coastguard Worker -appdomain 157*e4a36f41SAndroid Build Coastguard Worker -vendor_init 158*e4a36f41SAndroid Build Coastguard Worker } { 159*e4a36f41SAndroid Build Coastguard Worker core_property_type 160*e4a36f41SAndroid Build Coastguard Worker extended_core_property_type 161*e4a36f41SAndroid Build Coastguard Worker exported_config_prop 162*e4a36f41SAndroid Build Coastguard Worker exported_default_prop 163*e4a36f41SAndroid Build Coastguard Worker exported_dumpstate_prop 164*e4a36f41SAndroid Build Coastguard Worker exported_system_prop 165*e4a36f41SAndroid Build Coastguard Worker exported3_system_prop 166*e4a36f41SAndroid Build Coastguard Worker usb_control_prop 167*e4a36f41SAndroid Build Coastguard Worker -nfc_prop 168*e4a36f41SAndroid Build Coastguard Worker -powerctl_prop 169*e4a36f41SAndroid Build Coastguard Worker -radio_prop 170*e4a36f41SAndroid Build Coastguard Worker }:property_service set; 171*e4a36f41SAndroid Build Coastguard Worker 172*e4a36f41SAndroid Build Coastguard Worker neverallow { 173*e4a36f41SAndroid Build Coastguard Worker domain 174*e4a36f41SAndroid Build Coastguard Worker -coredomain 175*e4a36f41SAndroid Build Coastguard Worker -appdomain 176*e4a36f41SAndroid Build Coastguard Worker -hal_nfc_server 177*e4a36f41SAndroid Build Coastguard Worker } { 178*e4a36f41SAndroid Build Coastguard Worker nfc_prop 179*e4a36f41SAndroid Build Coastguard Worker }:property_service set; 180*e4a36f41SAndroid Build Coastguard Worker 181*e4a36f41SAndroid Build Coastguard Worker neverallow { 182*e4a36f41SAndroid Build Coastguard Worker domain 183*e4a36f41SAndroid Build Coastguard Worker -coredomain 184*e4a36f41SAndroid Build Coastguard Worker -appdomain 185*e4a36f41SAndroid Build Coastguard Worker -hal_telephony_server 186*e4a36f41SAndroid Build Coastguard Worker -vendor_init 187*e4a36f41SAndroid Build Coastguard Worker } { 188*e4a36f41SAndroid Build Coastguard Worker radio_control_prop 189*e4a36f41SAndroid Build Coastguard Worker }:property_service set; 190*e4a36f41SAndroid Build Coastguard Worker 191*e4a36f41SAndroid Build Coastguard Worker neverallow { 192*e4a36f41SAndroid Build Coastguard Worker domain 193*e4a36f41SAndroid Build Coastguard Worker -coredomain 194*e4a36f41SAndroid Build Coastguard Worker -appdomain 195*e4a36f41SAndroid Build Coastguard Worker -hal_telephony_server 196*e4a36f41SAndroid Build Coastguard Worker } { 197*e4a36f41SAndroid Build Coastguard Worker radio_prop 198*e4a36f41SAndroid Build Coastguard Worker }:property_service set; 199*e4a36f41SAndroid Build Coastguard Worker 200*e4a36f41SAndroid Build Coastguard Worker neverallow { 201*e4a36f41SAndroid Build Coastguard Worker domain 202*e4a36f41SAndroid Build Coastguard Worker -coredomain 203*e4a36f41SAndroid Build Coastguard Worker -bluetooth 204*e4a36f41SAndroid Build Coastguard Worker -hal_bluetooth_server 205*e4a36f41SAndroid Build Coastguard Worker } { 206*e4a36f41SAndroid Build Coastguard Worker bluetooth_prop 207*e4a36f41SAndroid Build Coastguard Worker }:property_service set; 208*e4a36f41SAndroid Build Coastguard Worker 209*e4a36f41SAndroid Build Coastguard Worker neverallow { 210*e4a36f41SAndroid Build Coastguard Worker domain 211*e4a36f41SAndroid Build Coastguard Worker -coredomain 212*e4a36f41SAndroid Build Coastguard Worker -bluetooth 213*e4a36f41SAndroid Build Coastguard Worker -hal_bluetooth_server 214*e4a36f41SAndroid Build Coastguard Worker -vendor_init 215*e4a36f41SAndroid Build Coastguard Worker } { 216*e4a36f41SAndroid Build Coastguard Worker exported_bluetooth_prop 217*e4a36f41SAndroid Build Coastguard Worker }:property_service set; 218*e4a36f41SAndroid Build Coastguard Worker 219*e4a36f41SAndroid Build Coastguard Worker neverallow { 220*e4a36f41SAndroid Build Coastguard Worker domain 221*e4a36f41SAndroid Build Coastguard Worker -coredomain 222*e4a36f41SAndroid Build Coastguard Worker -hal_camera_server 223*e4a36f41SAndroid Build Coastguard Worker -cameraserver 224*e4a36f41SAndroid Build Coastguard Worker -vendor_init 225*e4a36f41SAndroid Build Coastguard Worker } { 226*e4a36f41SAndroid Build Coastguard Worker exported_camera_prop 227*e4a36f41SAndroid Build Coastguard Worker }:property_service set; 228*e4a36f41SAndroid Build Coastguard Worker 229*e4a36f41SAndroid Build Coastguard Worker neverallow { 230*e4a36f41SAndroid Build Coastguard Worker domain 231*e4a36f41SAndroid Build Coastguard Worker -coredomain 232*e4a36f41SAndroid Build Coastguard Worker -hal_wifi_server 233*e4a36f41SAndroid Build Coastguard Worker -wificond 234*e4a36f41SAndroid Build Coastguard Worker } { 235*e4a36f41SAndroid Build Coastguard Worker wifi_prop 236*e4a36f41SAndroid Build Coastguard Worker }:property_service set; 237*e4a36f41SAndroid Build Coastguard Worker 238*e4a36f41SAndroid Build Coastguard Worker neverallow { 239*e4a36f41SAndroid Build Coastguard Worker domain 240*e4a36f41SAndroid Build Coastguard Worker -init 241*e4a36f41SAndroid Build Coastguard Worker -dumpstate 242*e4a36f41SAndroid Build Coastguard Worker -hal_wifi_server 243*e4a36f41SAndroid Build Coastguard Worker -wificond 244*e4a36f41SAndroid Build Coastguard Worker -vendor_init 245*e4a36f41SAndroid Build Coastguard Worker } { 246*e4a36f41SAndroid Build Coastguard Worker wifi_hal_prop 247*e4a36f41SAndroid Build Coastguard Worker }:property_service set; 248*e4a36f41SAndroid Build Coastguard Worker 249*e4a36f41SAndroid Build Coastguard Worker# Prevent properties from being read 250*e4a36f41SAndroid Build Coastguard Worker neverallow { 251*e4a36f41SAndroid Build Coastguard Worker domain 252*e4a36f41SAndroid Build Coastguard Worker -coredomain 253*e4a36f41SAndroid Build Coastguard Worker -appdomain 254*e4a36f41SAndroid Build Coastguard Worker -vendor_init 255*e4a36f41SAndroid Build Coastguard Worker } { 256*e4a36f41SAndroid Build Coastguard Worker core_property_type 257*e4a36f41SAndroid Build Coastguard Worker dalvik_config_prop 258*e4a36f41SAndroid Build Coastguard Worker extended_core_property_type 259*e4a36f41SAndroid Build Coastguard Worker exported3_system_prop 260*e4a36f41SAndroid Build Coastguard Worker systemsound_config_prop 261*e4a36f41SAndroid Build Coastguard Worker -debug_prop 262*e4a36f41SAndroid Build Coastguard Worker -logd_prop 263*e4a36f41SAndroid Build Coastguard Worker -nfc_prop 264*e4a36f41SAndroid Build Coastguard Worker -powerctl_prop 265*e4a36f41SAndroid Build Coastguard Worker -radio_prop 266*e4a36f41SAndroid Build Coastguard Worker }:file no_rw_file_perms; 267*e4a36f41SAndroid Build Coastguard Worker 268*e4a36f41SAndroid Build Coastguard Worker neverallow { 269*e4a36f41SAndroid Build Coastguard Worker domain 270*e4a36f41SAndroid Build Coastguard Worker -coredomain 271*e4a36f41SAndroid Build Coastguard Worker -appdomain 272*e4a36f41SAndroid Build Coastguard Worker -hal_nfc_server 273*e4a36f41SAndroid Build Coastguard Worker } { 274*e4a36f41SAndroid Build Coastguard Worker nfc_prop 275*e4a36f41SAndroid Build Coastguard Worker }:file no_rw_file_perms; 276*e4a36f41SAndroid Build Coastguard Worker 277*e4a36f41SAndroid Build Coastguard Worker neverallow { 278*e4a36f41SAndroid Build Coastguard Worker domain 279*e4a36f41SAndroid Build Coastguard Worker -coredomain 280*e4a36f41SAndroid Build Coastguard Worker -appdomain 281*e4a36f41SAndroid Build Coastguard Worker -hal_telephony_server 282*e4a36f41SAndroid Build Coastguard Worker } { 283*e4a36f41SAndroid Build Coastguard Worker radio_prop 284*e4a36f41SAndroid Build Coastguard Worker }:file no_rw_file_perms; 285*e4a36f41SAndroid Build Coastguard Worker 286*e4a36f41SAndroid Build Coastguard Worker neverallow { 287*e4a36f41SAndroid Build Coastguard Worker domain 288*e4a36f41SAndroid Build Coastguard Worker -coredomain 289*e4a36f41SAndroid Build Coastguard Worker -bluetooth 290*e4a36f41SAndroid Build Coastguard Worker -hal_bluetooth_server 291*e4a36f41SAndroid Build Coastguard Worker } { 292*e4a36f41SAndroid Build Coastguard Worker bluetooth_prop 293*e4a36f41SAndroid Build Coastguard Worker }:file no_rw_file_perms; 294*e4a36f41SAndroid Build Coastguard Worker 295*e4a36f41SAndroid Build Coastguard Worker neverallow { 296*e4a36f41SAndroid Build Coastguard Worker domain 297*e4a36f41SAndroid Build Coastguard Worker -coredomain 298*e4a36f41SAndroid Build Coastguard Worker -hal_wifi_server 299*e4a36f41SAndroid Build Coastguard Worker -wificond 300*e4a36f41SAndroid Build Coastguard Worker } { 301*e4a36f41SAndroid Build Coastguard Worker wifi_prop 302*e4a36f41SAndroid Build Coastguard Worker }:file no_rw_file_perms; 303*e4a36f41SAndroid Build Coastguard Worker 304*e4a36f41SAndroid Build Coastguard Worker neverallow { 305*e4a36f41SAndroid Build Coastguard Worker domain 306*e4a36f41SAndroid Build Coastguard Worker -coredomain 307*e4a36f41SAndroid Build Coastguard Worker -vendor_init 308*e4a36f41SAndroid Build Coastguard Worker } { 309*e4a36f41SAndroid Build Coastguard Worker suspend_prop 310*e4a36f41SAndroid Build Coastguard Worker }:property_service set; 311*e4a36f41SAndroid Build Coastguard Worker') 312*e4a36f41SAndroid Build Coastguard Worker 313*e4a36f41SAndroid Build Coastguard Workercompatible_property_only(` 314*e4a36f41SAndroid Build Coastguard Worker # Neverallow coredomain to set vendor properties 315*e4a36f41SAndroid Build Coastguard Worker neverallow { 316*e4a36f41SAndroid Build Coastguard Worker coredomain 317*e4a36f41SAndroid Build Coastguard Worker -init 318*e4a36f41SAndroid Build Coastguard Worker -system_writes_vendor_properties_violators 319*e4a36f41SAndroid Build Coastguard Worker } { 320*e4a36f41SAndroid Build Coastguard Worker property_type 321*e4a36f41SAndroid Build Coastguard Worker -system_property_type 322*e4a36f41SAndroid Build Coastguard Worker -extended_core_property_type 323*e4a36f41SAndroid Build Coastguard Worker }:property_service set; 324*e4a36f41SAndroid Build Coastguard Worker') 325*e4a36f41SAndroid Build Coastguard Worker 326*e4a36f41SAndroid Build Coastguard Workerneverallow { 327*e4a36f41SAndroid Build Coastguard Worker domain 328*e4a36f41SAndroid Build Coastguard Worker -coredomain 329*e4a36f41SAndroid Build Coastguard Worker -vendor_init 330*e4a36f41SAndroid Build Coastguard Worker} { 331*e4a36f41SAndroid Build Coastguard Worker ffs_config_prop 332*e4a36f41SAndroid Build Coastguard Worker ffs_control_prop 333*e4a36f41SAndroid Build Coastguard Worker}:file no_rw_file_perms; 334*e4a36f41SAndroid Build Coastguard Worker 335*e4a36f41SAndroid Build Coastguard Workerneverallow { 336*e4a36f41SAndroid Build Coastguard Worker domain 337*e4a36f41SAndroid Build Coastguard Worker -init 338*e4a36f41SAndroid Build Coastguard Worker -system_server 339*e4a36f41SAndroid Build Coastguard Worker} { 340*e4a36f41SAndroid Build Coastguard Worker userspace_reboot_log_prop 341*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 342*e4a36f41SAndroid Build Coastguard Worker 343*e4a36f41SAndroid Build Coastguard Workerneverallow { 344*e4a36f41SAndroid Build Coastguard Worker # Only allow init and system_server to set system_adbd_prop 345*e4a36f41SAndroid Build Coastguard Worker domain 346*e4a36f41SAndroid Build Coastguard Worker -init 347*e4a36f41SAndroid Build Coastguard Worker -system_server 348*e4a36f41SAndroid Build Coastguard Worker} { 349*e4a36f41SAndroid Build Coastguard Worker system_adbd_prop 350*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 351*e4a36f41SAndroid Build Coastguard Worker 352*e4a36f41SAndroid Build Coastguard Worker# Let (vendor_)init, adbd, and system_server set service.adb.tcp.port 353*e4a36f41SAndroid Build Coastguard Workerneverallow { 354*e4a36f41SAndroid Build Coastguard Worker domain 355*e4a36f41SAndroid Build Coastguard Worker -init 356*e4a36f41SAndroid Build Coastguard Worker -vendor_init 357*e4a36f41SAndroid Build Coastguard Worker -adbd 358*e4a36f41SAndroid Build Coastguard Worker -system_server 359*e4a36f41SAndroid Build Coastguard Worker} { 360*e4a36f41SAndroid Build Coastguard Worker adbd_config_prop 361*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 362*e4a36f41SAndroid Build Coastguard Worker 363*e4a36f41SAndroid Build Coastguard Workerneverallow { 364*e4a36f41SAndroid Build Coastguard Worker # Only allow init and adbd to set adbd_prop 365*e4a36f41SAndroid Build Coastguard Worker domain 366*e4a36f41SAndroid Build Coastguard Worker -init 367*e4a36f41SAndroid Build Coastguard Worker -adbd 368*e4a36f41SAndroid Build Coastguard Worker} { 369*e4a36f41SAndroid Build Coastguard Worker adbd_prop 370*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 371*e4a36f41SAndroid Build Coastguard Worker 372*e4a36f41SAndroid Build Coastguard Workerneverallow { 373*e4a36f41SAndroid Build Coastguard Worker # Only allow init and shell to set userspace_reboot_test_prop 374*e4a36f41SAndroid Build Coastguard Worker domain 375*e4a36f41SAndroid Build Coastguard Worker -init 376*e4a36f41SAndroid Build Coastguard Worker -shell 377*e4a36f41SAndroid Build Coastguard Worker} { 378*e4a36f41SAndroid Build Coastguard Worker userspace_reboot_test_prop 379*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 380*e4a36f41SAndroid Build Coastguard Worker 381*e4a36f41SAndroid Build Coastguard Workerneverallow { 382*e4a36f41SAndroid Build Coastguard Worker domain 383*e4a36f41SAndroid Build Coastguard Worker -init 384*e4a36f41SAndroid Build Coastguard Worker -system_server 385*e4a36f41SAndroid Build Coastguard Worker -vendor_init 386*e4a36f41SAndroid Build Coastguard Worker} { 387*e4a36f41SAndroid Build Coastguard Worker surfaceflinger_color_prop 388*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 389*e4a36f41SAndroid Build Coastguard Worker 390*e4a36f41SAndroid Build Coastguard Workerneverallow { 391*e4a36f41SAndroid Build Coastguard Worker domain 392*e4a36f41SAndroid Build Coastguard Worker -init 393*e4a36f41SAndroid Build Coastguard Worker} { 394*e4a36f41SAndroid Build Coastguard Worker libc_debug_prop 395*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 396*e4a36f41SAndroid Build Coastguard Worker 397*e4a36f41SAndroid Build Coastguard Worker# Allow the shell to set MTE props, so that non-root users with adb shell 398*e4a36f41SAndroid Build Coastguard Worker# access can control the settings on their device. 399*e4a36f41SAndroid Build Coastguard Worker# Allow system apps to set MTE props, so Developer Options can set them. 400*e4a36f41SAndroid Build Coastguard Workerneverallow { 401*e4a36f41SAndroid Build Coastguard Worker domain 402*e4a36f41SAndroid Build Coastguard Worker -init 403*e4a36f41SAndroid Build Coastguard Worker -shell 404*e4a36f41SAndroid Build Coastguard Worker -system_app 405*e4a36f41SAndroid Build Coastguard Worker} { 406*e4a36f41SAndroid Build Coastguard Worker arm64_memtag_prop 407*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 408*e4a36f41SAndroid Build Coastguard Worker 409*e4a36f41SAndroid Build Coastguard Workerneverallow { 410*e4a36f41SAndroid Build Coastguard Worker domain 411*e4a36f41SAndroid Build Coastguard Worker -init 412*e4a36f41SAndroid Build Coastguard Worker -system_server 413*e4a36f41SAndroid Build Coastguard Worker -vendor_init 414*e4a36f41SAndroid Build Coastguard Worker} zram_control_prop:property_service set; 415*e4a36f41SAndroid Build Coastguard Worker 416*e4a36f41SAndroid Build Coastguard Workerneverallow { 417*e4a36f41SAndroid Build Coastguard Worker domain 418*e4a36f41SAndroid Build Coastguard Worker -init 419*e4a36f41SAndroid Build Coastguard Worker -system_server 420*e4a36f41SAndroid Build Coastguard Worker -vendor_init 421*e4a36f41SAndroid Build Coastguard Worker} dalvik_runtime_prop:property_service set; 422*e4a36f41SAndroid Build Coastguard Worker 423*e4a36f41SAndroid Build Coastguard Workerneverallow { 424*e4a36f41SAndroid Build Coastguard Worker domain 425*e4a36f41SAndroid Build Coastguard Worker -coredomain 426*e4a36f41SAndroid Build Coastguard Worker -vendor_init 427*e4a36f41SAndroid Build Coastguard Worker} { 428*e4a36f41SAndroid Build Coastguard Worker usb_config_prop 429*e4a36f41SAndroid Build Coastguard Worker usb_control_prop 430*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 431*e4a36f41SAndroid Build Coastguard Worker 432*e4a36f41SAndroid Build Coastguard Workerneverallow { 433*e4a36f41SAndroid Build Coastguard Worker domain 434*e4a36f41SAndroid Build Coastguard Worker -init 435*e4a36f41SAndroid Build Coastguard Worker -system_server 436*e4a36f41SAndroid Build Coastguard Worker} { 437*e4a36f41SAndroid Build Coastguard Worker provisioned_prop 438*e4a36f41SAndroid Build Coastguard Worker retaildemo_prop 439*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 440*e4a36f41SAndroid Build Coastguard Worker 441*e4a36f41SAndroid Build Coastguard Workerneverallow { 442*e4a36f41SAndroid Build Coastguard Worker domain 443*e4a36f41SAndroid Build Coastguard Worker -coredomain 444*e4a36f41SAndroid Build Coastguard Worker -vendor_init 445*e4a36f41SAndroid Build Coastguard Worker} { 446*e4a36f41SAndroid Build Coastguard Worker provisioned_prop 447*e4a36f41SAndroid Build Coastguard Worker retaildemo_prop 448*e4a36f41SAndroid Build Coastguard Worker}:file no_rw_file_perms; 449*e4a36f41SAndroid Build Coastguard Worker 450*e4a36f41SAndroid Build Coastguard Workerneverallow { 451*e4a36f41SAndroid Build Coastguard Worker domain 452*e4a36f41SAndroid Build Coastguard Worker -init 453*e4a36f41SAndroid Build Coastguard Worker} { 454*e4a36f41SAndroid Build Coastguard Worker init_service_status_private_prop 455*e4a36f41SAndroid Build Coastguard Worker init_service_status_prop 456*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 457*e4a36f41SAndroid Build Coastguard Worker 458*e4a36f41SAndroid Build Coastguard Workerneverallow { 459*e4a36f41SAndroid Build Coastguard Worker domain 460*e4a36f41SAndroid Build Coastguard Worker -init 461*e4a36f41SAndroid Build Coastguard Worker -radio 462*e4a36f41SAndroid Build Coastguard Worker -appdomain 463*e4a36f41SAndroid Build Coastguard Worker -hal_telephony_server 464*e4a36f41SAndroid Build Coastguard Worker not_compatible_property(`-vendor_init') 465*e4a36f41SAndroid Build Coastguard Worker} telephony_status_prop:property_service set; 466*e4a36f41SAndroid Build Coastguard Worker 467*e4a36f41SAndroid Build Coastguard Workerneverallow { 468*e4a36f41SAndroid Build Coastguard Worker domain 469*e4a36f41SAndroid Build Coastguard Worker -init 470*e4a36f41SAndroid Build Coastguard Worker -vendor_init 471*e4a36f41SAndroid Build Coastguard Worker} { 472*e4a36f41SAndroid Build Coastguard Worker graphics_config_prop 473*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 474*e4a36f41SAndroid Build Coastguard Worker 475*e4a36f41SAndroid Build Coastguard Workerneverallow { 476*e4a36f41SAndroid Build Coastguard Worker domain 477*e4a36f41SAndroid Build Coastguard Worker -init 478*e4a36f41SAndroid Build Coastguard Worker -surfaceflinger 479*e4a36f41SAndroid Build Coastguard Worker} { 480*e4a36f41SAndroid Build Coastguard Worker surfaceflinger_display_prop 481*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 482*e4a36f41SAndroid Build Coastguard Worker 483*e4a36f41SAndroid Build Coastguard Workerneverallow { 484*e4a36f41SAndroid Build Coastguard Worker domain 485*e4a36f41SAndroid Build Coastguard Worker -coredomain 486*e4a36f41SAndroid Build Coastguard Worker -appdomain 487*e4a36f41SAndroid Build Coastguard Worker -vendor_init 488*e4a36f41SAndroid Build Coastguard Worker} packagemanager_config_prop:file no_rw_file_perms; 489*e4a36f41SAndroid Build Coastguard Worker 490*e4a36f41SAndroid Build Coastguard Workerneverallow { 491*e4a36f41SAndroid Build Coastguard Worker domain 492*e4a36f41SAndroid Build Coastguard Worker -coredomain 493*e4a36f41SAndroid Build Coastguard Worker -vendor_init 494*e4a36f41SAndroid Build Coastguard Worker} keyguard_config_prop:file no_rw_file_perms; 495*e4a36f41SAndroid Build Coastguard Worker 496*e4a36f41SAndroid Build Coastguard Workerneverallow { 497*e4a36f41SAndroid Build Coastguard Worker domain 498*e4a36f41SAndroid Build Coastguard Worker -init 499*e4a36f41SAndroid Build Coastguard Worker} { 500*e4a36f41SAndroid Build Coastguard Worker localization_prop 501*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 502*e4a36f41SAndroid Build Coastguard Worker 503*e4a36f41SAndroid Build Coastguard Workerneverallow { 504*e4a36f41SAndroid Build Coastguard Worker domain 505*e4a36f41SAndroid Build Coastguard Worker -init 506*e4a36f41SAndroid Build Coastguard Worker -vendor_init 507*e4a36f41SAndroid Build Coastguard Worker -dumpstate 508*e4a36f41SAndroid Build Coastguard Worker -system_app 509*e4a36f41SAndroid Build Coastguard Worker} oem_unlock_prop:file no_rw_file_perms; 510*e4a36f41SAndroid Build Coastguard Worker 511*e4a36f41SAndroid Build Coastguard Workerneverallow { 512*e4a36f41SAndroid Build Coastguard Worker domain 513*e4a36f41SAndroid Build Coastguard Worker -coredomain 514*e4a36f41SAndroid Build Coastguard Worker -vendor_init 515*e4a36f41SAndroid Build Coastguard Worker} storagemanager_config_prop:file no_rw_file_perms; 516*e4a36f41SAndroid Build Coastguard Worker 517*e4a36f41SAndroid Build Coastguard Workerneverallow { 518*e4a36f41SAndroid Build Coastguard Worker domain 519*e4a36f41SAndroid Build Coastguard Worker -init 520*e4a36f41SAndroid Build Coastguard Worker -vendor_init 521*e4a36f41SAndroid Build Coastguard Worker -dumpstate 522*e4a36f41SAndroid Build Coastguard Worker -appdomain 523*e4a36f41SAndroid Build Coastguard Worker} sendbug_config_prop:file no_rw_file_perms; 524*e4a36f41SAndroid Build Coastguard Worker 525*e4a36f41SAndroid Build Coastguard Workerneverallow { 526*e4a36f41SAndroid Build Coastguard Worker domain 527*e4a36f41SAndroid Build Coastguard Worker -init 528*e4a36f41SAndroid Build Coastguard Worker -vendor_init 529*e4a36f41SAndroid Build Coastguard Worker -dumpstate 530*e4a36f41SAndroid Build Coastguard Worker -appdomain 531*e4a36f41SAndroid Build Coastguard Worker} camera_calibration_prop:file no_rw_file_perms; 532*e4a36f41SAndroid Build Coastguard Worker 533*e4a36f41SAndroid Build Coastguard Workerneverallow { 534*e4a36f41SAndroid Build Coastguard Worker domain 535*e4a36f41SAndroid Build Coastguard Worker -init 536*e4a36f41SAndroid Build Coastguard Worker -dumpstate 537*e4a36f41SAndroid Build Coastguard Worker -hal_dumpstate_server 538*e4a36f41SAndroid Build Coastguard Worker not_compatible_property(`-vendor_init') 539*e4a36f41SAndroid Build Coastguard Worker} hal_dumpstate_config_prop:file no_rw_file_perms; 540*e4a36f41SAndroid Build Coastguard Worker 541*e4a36f41SAndroid Build Coastguard Workerneverallow { 542*e4a36f41SAndroid Build Coastguard Worker domain 543*e4a36f41SAndroid Build Coastguard Worker -init 544*e4a36f41SAndroid Build Coastguard Worker userdebug_or_eng(`-profcollectd') 545*e4a36f41SAndroid Build Coastguard Worker userdebug_or_eng(`-traced_probes') 546*e4a36f41SAndroid Build Coastguard Worker userdebug_or_eng(`-traced_perf') 547*e4a36f41SAndroid Build Coastguard Worker} { 548*e4a36f41SAndroid Build Coastguard Worker lower_kptr_restrict_prop 549*e4a36f41SAndroid Build Coastguard Worker}:property_service set; 550*e4a36f41SAndroid Build Coastguard Worker 551*e4a36f41SAndroid Build Coastguard Workerneverallow { 552*e4a36f41SAndroid Build Coastguard Worker domain 553*e4a36f41SAndroid Build Coastguard Worker -init 554*e4a36f41SAndroid Build Coastguard Worker} zygote_wrap_prop:property_service set; 555*e4a36f41SAndroid Build Coastguard Worker 556*e4a36f41SAndroid Build Coastguard Workerneverallow { 557*e4a36f41SAndroid Build Coastguard Worker domain 558*e4a36f41SAndroid Build Coastguard Worker -init 559*e4a36f41SAndroid Build Coastguard Worker} verity_status_prop:property_service set; 560*e4a36f41SAndroid Build Coastguard Worker 561*e4a36f41SAndroid Build Coastguard Workerneverallow { 562*e4a36f41SAndroid Build Coastguard Worker domain 563*e4a36f41SAndroid Build Coastguard Worker -init 564*e4a36f41SAndroid Build Coastguard Worker} setupwizard_prop:property_service set; 565*e4a36f41SAndroid Build Coastguard Worker 566*e4a36f41SAndroid Build Coastguard Worker# ro.product.property_source_order is useless after initialization of ro.product.* props. 567*e4a36f41SAndroid Build Coastguard Worker# So making it accessible only from init and vendor_init. 568*e4a36f41SAndroid Build Coastguard Workerneverallow { 569*e4a36f41SAndroid Build Coastguard Worker domain 570*e4a36f41SAndroid Build Coastguard Worker -init 571*e4a36f41SAndroid Build Coastguard Worker -dumpstate 572*e4a36f41SAndroid Build Coastguard Worker -vendor_init 573*e4a36f41SAndroid Build Coastguard Worker} build_config_prop:file no_rw_file_perms; 574*e4a36f41SAndroid Build Coastguard Worker 575*e4a36f41SAndroid Build Coastguard Workerneverallow { 576*e4a36f41SAndroid Build Coastguard Worker domain 577*e4a36f41SAndroid Build Coastguard Worker -init 578*e4a36f41SAndroid Build Coastguard Worker -shell 579*e4a36f41SAndroid Build Coastguard Worker} sqlite_log_prop:property_service set; 580*e4a36f41SAndroid Build Coastguard Worker 581*e4a36f41SAndroid Build Coastguard Workerneverallow { 582*e4a36f41SAndroid Build Coastguard Worker domain 583*e4a36f41SAndroid Build Coastguard Worker -coredomain 584*e4a36f41SAndroid Build Coastguard Worker -appdomain 585*e4a36f41SAndroid Build Coastguard Worker} sqlite_log_prop:file no_rw_file_perms; 586*e4a36f41SAndroid Build Coastguard Worker 587*e4a36f41SAndroid Build Coastguard Workerneverallow { 588*e4a36f41SAndroid Build Coastguard Worker domain 589*e4a36f41SAndroid Build Coastguard Worker -init 590*e4a36f41SAndroid Build Coastguard Worker} default_prop:property_service set; 591*e4a36f41SAndroid Build Coastguard Worker 592*e4a36f41SAndroid Build Coastguard Worker# Only one of system_property_type and vendor_property_type can be assigned. 593*e4a36f41SAndroid Build Coastguard Worker# Property types having both attributes won't be accessible from anywhere. 594*e4a36f41SAndroid Build Coastguard Workerneverallow domain system_and_vendor_property_type:{file property_service} *; 595*e4a36f41SAndroid Build Coastguard Worker 596*e4a36f41SAndroid Build Coastguard Workerneverallow { 597*e4a36f41SAndroid Build Coastguard Worker # Only allow init and shell to set rollback_test_prop 598*e4a36f41SAndroid Build Coastguard Worker domain 599*e4a36f41SAndroid Build Coastguard Worker -init 600*e4a36f41SAndroid Build Coastguard Worker -shell 601*e4a36f41SAndroid Build Coastguard Worker} rollback_test_prop:property_service set; 602*e4a36f41SAndroid Build Coastguard Worker 603*e4a36f41SAndroid Build Coastguard Workerneverallow { 604*e4a36f41SAndroid Build Coastguard Worker # Only allow init and profcollectd to access profcollectd_node_id_prop 605*e4a36f41SAndroid Build Coastguard Worker domain 606*e4a36f41SAndroid Build Coastguard Worker -init 607*e4a36f41SAndroid Build Coastguard Worker -dumpstate 608*e4a36f41SAndroid Build Coastguard Worker -profcollectd 609*e4a36f41SAndroid Build Coastguard Worker} profcollectd_node_id_prop:file r_file_perms; 610*e4a36f41SAndroid Build Coastguard Worker 611