Add SElinux policies to allow foreign dex usage tracking.
This is a special profile folder where apps will leave profile markers for the dex files they load and don't own. System server will read the markers and decide which apk should be fully compiled instead of profile guide compiled. Apps need only to be able to create (touch) files in this directory. System server needs only to be able to check wheter or not a file with a given name exists. Bug: 27334750 Bug: 26080105 Change-Id: I2256e4aba1ec0e5117de6497123223b9a74f404e
This commit is contained in:
parent
ba12da9572
commit
837bc42f5f
6 changed files with 19 additions and 0 deletions
7
app.te
7
app.te
|
@ -116,6 +116,9 @@ allow appdomain shell_data_file:file { write getattr };
|
|||
# Write profiles /data/misc/profiles
|
||||
allow appdomain user_profile_data_file:dir { search write add_name };
|
||||
allow appdomain user_profile_data_file:file create_file_perms;
|
||||
# Profiles for foreign dex files are just markers and only need create permissions.
|
||||
allow appdomain user_profile_foreign_dex_data_file:dir { search write add_name };
|
||||
allow appdomain user_profile_foreign_dex_data_file:file create;
|
||||
|
||||
# Send heap dumps to system_server via an already open file descriptor
|
||||
# % adb shell am set-watch-heap com.android.systemui 1048576
|
||||
|
@ -419,3 +422,7 @@ neverallow appdomain {
|
|||
security_file
|
||||
tmpfs
|
||||
}:lnk_file no_w_file_perms;
|
||||
|
||||
# Foreign dex profiles are just markers. Prevent apps to do anything but touch them.
|
||||
neverallow appdomain user_profile_foreign_dex_data_file:file rw_file_perms;
|
||||
neverallow appdomain user_profile_foreign_dex_data_file:dir { open getattr read ioctl remove_name };
|
||||
|
|
1
file.te
1
file.te
|
@ -88,6 +88,7 @@ type dalvikcache_data_file, file_type, data_file_type;
|
|||
type ota_data_file, file_type, data_file_type;
|
||||
# /data/misc/profiles
|
||||
type user_profile_data_file, file_type, data_file_type, mlstrustedobject;
|
||||
type user_profile_foreign_dex_data_file, file_type, data_file_type, mlstrustedobject;
|
||||
# /data/resource-cache
|
||||
type resourcecache_data_file, file_type, data_file_type;
|
||||
# /data/local - writable by shell
|
||||
|
|
|
@ -294,6 +294,7 @@
|
|||
# TODO(calin) label profile reference differently so that only
|
||||
# profman run as a special user can write to them
|
||||
/data/misc/profiles/cur(/.*)? u:object_r:user_profile_data_file:s0
|
||||
/data/misc/profiles/cur/[0-9]+/foreign-dex(/.*)? u:object_r:user_profile_foreign_dex_data_file:s0
|
||||
/data/misc/profiles/ref(/.*)? u:object_r:user_profile_data_file:s0
|
||||
|
||||
# Fingerprint data
|
||||
|
|
|
@ -115,6 +115,8 @@ allow installd {
|
|||
# Similar for the files under /data/misc/profiles/
|
||||
allow installd user_profile_data_file:dir create_dir_perms;
|
||||
allow installd user_profile_data_file:file create_file_perms;
|
||||
allow installd user_profile_data_file:dir rmdir;
|
||||
allow installd user_profile_data_file:file unlink;
|
||||
|
||||
# Create and use pty created by android_fork_execvp().
|
||||
allow installd devpts:chr_file rw_file_perms;
|
||||
|
|
|
@ -11,6 +11,13 @@ tmpfs_domain(system_server)
|
|||
allow system_server dalvikcache_data_file:file execute;
|
||||
allow system_server dalvikcache_data_file:dir r_dir_perms;
|
||||
|
||||
# Enable system server to check the foreign dex usage markers.
|
||||
# We need search on top level directories so that we can get to the files
|
||||
allow system_server user_profile_data_file:dir search;
|
||||
allow system_server user_profile_data_file:file getattr;
|
||||
allow system_server user_profile_foreign_dex_data_file:dir search;
|
||||
allow system_server user_profile_foreign_dex_data_file:file getattr;
|
||||
|
||||
# /data/resource-cache
|
||||
allow system_server resourcecache_data_file:file r_file_perms;
|
||||
allow system_server resourcecache_data_file:dir r_dir_perms;
|
||||
|
|
|
@ -173,6 +173,7 @@ neverallow untrusted_app {
|
|||
-media_rw_data_file # Internal storage. Known that apps can
|
||||
# leave artfacts here after uninstall.
|
||||
-user_profile_data_file # Access to profile files
|
||||
-user_profile_foreign_dex_data_file # Access to profile files
|
||||
userdebug_or_eng(`
|
||||
-method_trace_data_file # only on ro.debuggable=1
|
||||
-coredump_file # userdebug/eng only
|
||||
|
|
Loading…
Reference in a new issue