2017-03-23 22:27:32 +01:00
|
|
|
typeattribute recovery coredomain;
|
2020-03-04 09:20:35 +01:00
|
|
|
|
|
|
|
|
# The allow rules are only included in the recovery policy.
|
|
|
|
|
# Otherwise recovery is only allowed the domain rules.
|
|
|
|
|
recovery_only(`
|
|
|
|
|
# Reboot the device
|
|
|
|
|
set_prop(recovery, powerctl_prop)
|
|
|
|
|
|
|
|
|
|
# Read serial number of the device from system properties
|
|
|
|
|
get_prop(recovery, serialno_prop)
|
|
|
|
|
|
|
|
|
|
# Set sys.usb.ffs.ready when starting minadbd for sideload.
|
2020-04-27 16:49:15 +02:00
|
|
|
get_prop(recovery, ffs_config_prop)
|
|
|
|
|
set_prop(recovery, ffs_control_prop)
|
2020-03-04 09:20:35 +01:00
|
|
|
|
|
|
|
|
# Set sys.usb.config when switching into fastboot.
|
2020-04-27 14:13:01 +02:00
|
|
|
set_prop(recovery, usb_control_prop)
|
|
|
|
|
set_prop(recovery, usb_prop)
|
2020-03-04 09:20:35 +01:00
|
|
|
|
|
|
|
|
# Read ro.boot.bootreason
|
|
|
|
|
get_prop(recovery, bootloader_boot_reason_prop)
|
|
|
|
|
|
2020-04-10 14:11:49 +02:00
|
|
|
# Read storage properties (for correctly formatting filesystems)
|
|
|
|
|
get_prop(recovery, storage_config_prop)
|
|
|
|
|
|
2020-03-04 09:20:35 +01:00
|
|
|
set_prop(recovery, gsid_prop)
|
2020-04-24 08:43:13 +02:00
|
|
|
|
|
|
|
|
# These are needed to allow recovery to manage network
|
|
|
|
|
allow recovery self:netlink_route_socket { create write read nlmsg_readpriv nlmsg_read };
|
|
|
|
|
allow recovery self:global_capability_class_set net_admin;
|
|
|
|
|
allow recovery self:tcp_socket { create ioctl };
|
|
|
|
|
allowxperm recovery self:tcp_socket ioctl { SIOCGIFFLAGS SIOCSIFFLAGS };
|
|
|
|
|
|
2021-02-05 05:24:23 +01:00
|
|
|
# Start snapuserd for merging VABC updates
|
|
|
|
|
set_prop(recovery, ctl_snapuserd_prop)
|
|
|
|
|
|
|
|
|
|
# Needed to communicate with snapuserd to complete merges.
|
|
|
|
|
allow recovery snapuserd_socket:sock_file write;
|
|
|
|
|
allow recovery snapuserd:unix_stream_socket connectto;
|
|
|
|
|
allow recovery dm_user_device:dir r_dir_perms;
|
2021-07-28 03:51:18 +02:00
|
|
|
get_prop(recovery, snapuserd_prop)
|
2021-02-05 05:24:23 +01:00
|
|
|
|
2020-04-24 08:43:13 +02:00
|
|
|
# Set fastbootd protocol property
|
|
|
|
|
set_prop(recovery, fastbootd_protocol_prop)
|
2020-06-16 12:18:24 +02:00
|
|
|
|
|
|
|
|
get_prop(recovery, recovery_config_prop)
|
2021-06-23 22:43:42 +02:00
|
|
|
|
|
|
|
|
# Needed to read bootconfig parameters through libfs_mgr
|
|
|
|
|
allow recovery proc_bootconfig:file r_file_perms;
|
2020-03-04 09:20:35 +01:00
|
|
|
')
|
