Merge "Add /data/fonts/files directory"

2021-01-25 05:47:03 +00:00 · 2021-01-25 05:47:03 +00:00 · 1237d422ef
commit 1237d422ef
parent 1e6e1bd7b5 9c3707f76a
5 changed files with 20 additions and 0 deletions
--- a/private/app.te
+++ b/private/app.te
@ -63,6 +63,10 @@ get_prop(appdomain, camera_calibration_prop)
 # Allow to read db.log.detailed, db.log.slow_query_threshold*
 get_prop(appdomain, sqlite_log_prop)

+# Allow font file read by apps.
+allow appdomain font_data_file:file r_file_perms;
+allow appdomain font_data_file:dir r_dir_perms;
+
 # Read /data/misc/apexdata/com.android.art
 allow appdomain { apex_art_data_file apex_module_data_file }:dir search;
 allow appdomain apex_art_data_file:file r_file_perms;
--- a/private/compat/30.0/30.0.ignore.cil
+++ b/private/compat/30.0/30.0.ignore.cil
@ -26,6 +26,7 @@
    dumpstate_tmpfs
    framework_watchdog_config_prop
    game_service
+    font_data_file
    gki_apex_prepostinstall
    gki_apex_prepostinstall_exec
    hal_authsecret_service
--- a/private/file.te
+++ b/private/file.te
@ -41,3 +41,6 @@ type apex_art_data_file, file_type, data_file_type, core_data_file_type;

 # /data/misc/apexdata/com.android.art/staging
 type apex_art_staging_data_file, file_type, data_file_type, core_data_file_type;
+
+# /data/font/files
+type font_data_file, file_type, data_file_type, core_data_file_type;
--- a/private/file_contexts
+++ b/private/file_contexts
@ -551,6 +551,7 @@
 # to avoid restorecon conflicts
 /data/rollback/\d+/[^/]+/.*\.apk  u:object_r:apk_data_file:s0
 /data/rollback/\d+/[^/]+/.*\.apex u:object_r:staging_data_file:s0
+/data/fonts/files(/.*)?     u:object_r:font_data_file:s0

 # Misc data
 /data/misc/adb(/.*)?            u:object_r:adb_keys_file:s0
--- a/private/system_server.te
+++ b/private/system_server.te
@ -1045,6 +1045,13 @@ userdebug_or_eng(`
 # Watchdog reads sysprops framework_watchdog.fatal_* to handle watchdog timeout loop.
 get_prop(system_server, framework_watchdog_config_prop)

+
+# Font files are written by system server
+allow system_server font_data_file:file create_file_perms;
+allow system_server font_data_file:dir create_dir_perms;
+# Allow system process to setup fs-verity for font files
+allowxperm system_server font_data_file:file ioctl FS_IOC_ENABLE_VERITY;
+
 ###
 ### Neverallow rules
 ###
@ -1285,3 +1292,7 @@ neverallow {
 # BINDER_GET_FROZEN_INFO is used by system_server to determine the state of a frozen binder
 # interface
 neverallowxperm { domain -system_server } binder_device:chr_file ioctl { BINDER_FREEZE BINDER_GET_FROZEN_INFO };
+
+# Only system server can write the font files.
+neverallow { domain -init -system_server } font_data_file:file no_w_file_perms;
+neverallow { domain -init -system_server } font_data_file:dir no_w_dir_perms;