From c2ab15b7980ceac76828077b69a8f71c143c2282 Mon Sep 17 00:00:00 2001 From: Florian Mayer Date: Wed, 15 Aug 2018 09:38:00 +0000 Subject: [PATCH] Revert "Add sepolicy for fastbootd" This reverts commit 0fd3ed3b8ba125ccaef8769a2acfff7d1fd71ebc. Reason for revert: Broke user builds. Change-Id: If95f1a25d22425a5a2b68a02d1561352fb5a52f0 --- private/adbd.te | 3 -- private/compat/26.0/26.0.ignore.cil | 2 - private/compat/27.0/27.0.ignore.cil | 2 - private/compat/28.0/28.0.ignore.cil | 2 - private/fastbootd.te | 1 - private/file_contexts | 1 - private/init.te | 1 - public/domain.te | 19 ++-------- public/fastbootd.te | 59 ----------------------------- public/file.te | 1 - public/recovery.te | 4 -- 11 files changed, 4 insertions(+), 91 deletions(-) delete mode 100644 private/fastbootd.te delete mode 100644 public/fastbootd.te diff --git a/private/adbd.te b/private/adbd.te index 864358a57..191c519f8 100644 --- a/private/adbd.te +++ b/private/adbd.te @@ -18,9 +18,6 @@ userdebug_or_eng(` recovery_only(` domain_trans(adbd, rootfs, shell) allow adbd shell:process dyntransition; - - # Allows reboot fastboot to enter fastboot directly - unix_socket_connect(adbd, recovery, recovery) ') # Do not sanitize the environment or open fds of the shell. Allow signaling diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil index d52b41b94..5a961076a 100644 --- a/private/compat/26.0/26.0.ignore.cil +++ b/private/compat/26.0/26.0.ignore.cil @@ -49,7 +49,6 @@ exported3_default_prop exported3_radio_prop exported3_system_prop - fastbootd fingerprint_vendor_data_file fs_bpf hal_audiocontrol_hwservice @@ -97,7 +96,6 @@ perfetto_traces_data_file perfprofd_service property_info - recovery_socket secure_element secure_element_device secure_element_tmpfs diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil index 8e5370ce5..9120694d8 100644 --- a/private/compat/27.0/27.0.ignore.cil +++ b/private/compat/27.0/27.0.ignore.cil @@ -45,7 +45,6 @@ exported_system_radio_prop exported_vold_prop exported_wifi_prop - fastbootd fingerprint_vendor_data_file fs_bpf hal_audiocontrol_hwservice @@ -84,7 +83,6 @@ perfetto_traces_data_file perfprofd_service property_info - recovery_socket secure_element secure_element_device secure_element_service diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil index 5386bee7d..18955b2ea 100644 --- a/private/compat/28.0/28.0.ignore.cil +++ b/private/compat/28.0/28.0.ignore.cil @@ -5,7 +5,6 @@ (typeattributeset new_objects ( activity_task_service adb_service - fastbootd hal_health_filesystem_hwservice hal_system_suspend_default hal_system_suspend_default_exec @@ -15,7 +14,6 @@ llkd_tmpfs mnt_product_file overlayfs_file - recovery_socket system_lmk_prop system_suspend_hwservice time_prop diff --git a/private/fastbootd.te b/private/fastbootd.te deleted file mode 100644 index 29a9157e6..000000000 --- a/private/fastbootd.te +++ /dev/null @@ -1 +0,0 @@ -typeattribute fastbootd coredomain; diff --git a/private/file_contexts b/private/file_contexts index 0a77f6b01..003d66c02 100644 --- a/private/file_contexts +++ b/private/file_contexts @@ -149,7 +149,6 @@ /dev/socket/pdx/system/vr/display/vsync u:object_r:pdx_display_vsync_endpoint_socket:s0 /dev/socket/property_service u:object_r:property_socket:s0 /dev/socket/racoon u:object_r:racoon_socket:s0 -/dev/socket/recovery u:object_r:recovery_socket:s0 /dev/socket/rild u:object_r:rild_socket:s0 /dev/socket/rild-debug u:object_r:rild_debug_socket:s0 /dev/socket/tombstoned_crash u:object_r:tombstoned_crash_socket:s0 diff --git a/private/init.te b/private/init.te index 30e5e3623..02686a3f4 100644 --- a/private/init.te +++ b/private/init.te @@ -9,7 +9,6 @@ domain_trans(init, rootfs, slideshow) domain_auto_trans(init, e2fs_exec, e2fs) recovery_only(` domain_trans(init, rootfs, adbd) - domain_trans(init, rootfs, fastbootd) domain_trans(init, rootfs, recovery) ') domain_trans(init, shell_exec, shell) diff --git a/public/domain.te b/public/domain.te index 5b6944ded..db2beefe5 100644 --- a/public/domain.te +++ b/public/domain.te @@ -557,7 +557,6 @@ neverallow { domain -adbd -dumpstate - -fastbootd -hal_drm_server -hal_cas_server -init @@ -592,21 +591,11 @@ neverallow { -fsck } metadata_block_device:blk_file { append link rename write open read ioctl lock }; -# No domain other than recovery, update_engine and fastbootd can write to system partition(s). -neverallow { - domain - -fastbootd - -recovery - -update_engine -} system_block_device:blk_file { write append }; +# No domain other than recovery and update_engine can write to system partition(s). +neverallow { domain -recovery -update_engine } system_block_device:blk_file { write append }; -# No domains other than install_recovery, recovery or fastbootd can write to recovery. -neverallow { - domain - -fastbootd - -install_recovery - -recovery -} recovery_block_device:blk_file { write append }; +# No domains other than install_recovery or recovery can write to recovery. +neverallow { domain -install_recovery -recovery } recovery_block_device:blk_file { write append }; # No domains other than a select few can access the misc_block_device. This # block device is reserved for OTA use. diff --git a/public/fastbootd.te b/public/fastbootd.te deleted file mode 100644 index 82ae47bc5..000000000 --- a/public/fastbootd.te +++ /dev/null @@ -1,59 +0,0 @@ -# fastbootd (used in recovery init.rc for /sbin/fastbootd) - -# Declare the domain unconditionally so we can always reference it -# in neverallow rules. -type fastbootd, domain; - -# But the allow rules are only included in the recovery policy. -# Otherwise fastbootd is only allowed the domain rules. -recovery_only(` - # fastbootd can only use HALs in passthrough mode - passthrough_hal_client_domain(fastbootd, hal_bootctl) - - # Access /dev/usb-ffs/fastbootd/ep0 - allow fastbootd functionfs:dir search; - allow fastbootd functionfs:file rw_file_perms; - - # Log to serial - allow fastbootd kmsg_device:chr_file { open write }; - - # battery info - allow fastbootd sysfs_batteryinfo:file r_file_perms; - - allow fastbootd device:dir r_dir_perms; - - # Reboot the device - set_prop(fastbootd, powerctl_prop) - - # Read serial number of the device from system properties - get_prop(fastbootd, serialno_prop) - - # Set sys.usb.ffs.ready. - set_prop(fastbootd, ffs_prop) - set_prop(fastbootd, exported_ffs_prop) - - unix_socket_connect(fastbootd, recovery, recovery) - - # Required for flashing - allow fastbootd dm_device:chr_file rw_file_perms; - allow fastbootd dm_device:blk_file rw_file_perms; - - allow fastbootd system_block_device:blk_file rw_file_perms; - allow fastbootd boot_block_device:blk_file rw_file_perms; - - allow fastbootd misc_block_device:blk_file rw_file_perms; - - allow fastbootd proc_cmdline:file r_file_perms; - allow fastbootd rootfs:dir r_dir_perms; - allow fastbootd sysfs_dt_firmware_android:file r_file_perms; -') - -### -### neverallow rules -### - -# Write permission is required to wipe userdata -# until recovery supports vold. -neverallow fastbootd { - data_file_type -}:file { no_x_file_perms }; diff --git a/public/file.te b/public/file.te index 4b0dc2dcb..75d1edcbb 100644 --- a/public/file.te +++ b/public/file.te @@ -342,7 +342,6 @@ type mtpd_socket, file_type, coredomain_socket; type netd_socket, file_type, coredomain_socket; type property_socket, file_type, coredomain_socket, mlstrustedobject; type racoon_socket, file_type, coredomain_socket; -type recovery_socket, file_type, coredomain_socket; type rild_socket, file_type; type rild_debug_socket, file_type; type system_wpa_socket, file_type, data_file_type, core_data_file_type, coredomain_socket; diff --git a/public/recovery.te b/public/recovery.te index 317cf32b7..dcec9705e 100644 --- a/public/recovery.te +++ b/public/recovery.te @@ -118,10 +118,6 @@ recovery_only(` set_prop(recovery, ffs_prop) set_prop(recovery, exported_ffs_prop) - # Set sys.usb.config when switching into fastboot. - set_prop(recovery, system_radio_prop) - set_prop(recovery, exported_system_radio_prop) - # Read ro.boot.bootreason get_prop(recovery, bootloader_boot_reason_prop)