am 9e8b8d9f: Revert "Allow kernel domain, not init domain, to set SELinux enforcing mode."

* commit '9e8b8d9fdfcdb6b3e8af3349df186c2ab81a9733': Revert "Allow kernel domain, not init domain, to set SELinux enforcing mode."
author: Nick Kralevich <nnk@google.com> 2013-12-06 08:54:57 -0800
committer: Android Git Automerger <android-git-automerger@android.com> 2013-12-06 08:54:57 -0800
commit: a6c9cdfff24d113f0d99c9572a0e5623deb593b0 (patch)
tree: 13a892395e6bbfbd7a763c51be5a0dd0247d8299
parent: 6c8cbac334b4d7936955a509a740d2e31c794d75 (diff)
parent: 9e8b8d9fdfcdb6b3e8af3349df186c2ab81a9733 (diff)
download: sepolicy-a6c9cdfff24d113f0d99c9572a0e5623deb593b0.tar.gz
3 files changed, 2 insertions, 15 deletions
diff --git a/domain.te b/domain.te
index 2b7c0a6..4297bad 100644
--- a/domain.te
+++ b/domain.te
@@ -130,17 +130,8 @@ neverallow { domain -relabeltodomain } *:dir_file_class_set relabelto;
 ### neverallow rules
 ###
 
-# Only init should be able to load SELinux policies.
-# The first load technically occurs while still in the kernel domain,
-# but this does not trigger a denial since there is no policy yet.
-# Policy reload requires allowing this to the init domain.
-neverallow { domain -init } kernel:security load_policy;
-
-# Only init prior to switching context should be able to set enforcing mode.
-# init starts in kernel domain and switches to init domain via setcon in
-# the init.rc, so the setenforce occurs while still in kernel. After
-# switching domains, there is never any need to setenforce again by init.
-neverallow { domain -kernel } kernel:security setenforce;
+# Only init should be able to load SELinux policies and set enforcing mode.
+neverallow { domain -init } kernel:security { load_policy setenforce };
 
 # Only init, ueventd and system_server should be able to access HW RNG
 neverallow { domain -init -system_server -ueventd -unconfineddomain } hw_random_device:chr_file *;
diff --git a/init.te b/init.te
index 1c76e72..b2d99fb 100644
--- a/init.te
+++ b/init.te
@@ -11,4 +11,3 @@ allow init {fs_type dev_type file_type}:dir_file_class_set relabelto;
 allow init kernel:security { load_policy setenforce };
 allow init usermodehelper:file rw_file_perms;
 allow init proc_security:file rw_file_perms;
-allow init kernel:security load_policy;
diff --git a/kernel.te b/kernel.te
index 089786b..d1c1b7f 100644
--- a/kernel.te
+++ b/kernel.te
@@ -6,6 +6,3 @@ relabelto_domain(kernel)
 
 allow kernel {fs_type dev_type file_type}:dir_file_class_set relabelto;
 allow kernel unlabeled:filesystem mount;
-
-# Initial setenforce by init prior to switching to init domain.
-allow kernel self:security setenforce;
author	Nick Kralevich <nnk@google.com>	2013-12-06 08:54:57 -0800
committer	Android Git Automerger <android-git-automerger@android.com>	2013-12-06 08:54:57 -0800
commit	a6c9cdfff24d113f0d99c9572a0e5623deb593b0 (patch)
tree	13a892395e6bbfbd7a763c51be5a0dd0247d8299
parent	6c8cbac334b4d7936955a509a740d2e31c794d75 (diff)
parent	9e8b8d9fdfcdb6b3e8af3349df186c2ab81a9733 (diff)
download	sepolicy-a6c9cdfff24d113f0d99c9572a0e5623deb593b0.tar.gz