From 08d6f566491f476b1d7e68895e455da1566498e2 Mon Sep 17 00:00:00 2001 From: Alex Klyubin Date: Fri, 17 Mar 2017 16:51:56 -0700 Subject: [PATCH] Switch Allocator HAL policy to _client/_server This switches Allocator HAL policy to the design which enables us to identify all SELinux domains which host HALs and all domains which are clients of HALs. Allocator HAL is special in the sense that it's assumed to be always binderized. As a result, rules in Camera HAL target hal_allocator_server rather than hal_allocator (which would be the server and any client, if the Allocator HAL runs in passthrough mode). Test: Device boots up, no new denials Test: YouTube video plays back Test: Take photo using Google Camera app, recover a video, record a slow motion video Bug: 34170079 Change-Id: Ifbbca554ec221712361ee6cda94c82f254d84936 --- private/file_contexts | 2 +- private/hal_allocator.te | 1 - private/hal_allocator_default.te | 5 +++++ public/attributes | 3 +++ public/hal_allocator.te | 5 ----- public/hal_camera.te | 2 +- public/te_macros | 2 +- 7 files changed, 11 insertions(+), 9 deletions(-) delete mode 100644 private/hal_allocator.te create mode 100644 private/hal_allocator_default.te delete mode 100644 public/hal_allocator.te diff --git a/private/file_contexts b/private/file_contexts index 1e7345ae4..94a2a5304 100644 --- a/private/file_contexts +++ b/private/file_contexts @@ -247,7 +247,7 @@ /system/bin/webview_zygote32 u:object_r:webview_zygote_exec:s0 /system/bin/webview_zygote64 u:object_r:webview_zygote_exec:s0 /system/bin/virtual_touchpad u:object_r:virtual_touchpad_exec:s0 -/system/bin/hw/android\.hidl\.allocator@1\.0-service u:object_r:hal_allocator_exec:s0 +/system/bin/hw/android\.hidl\.allocator@1\.0-service u:object_r:hal_allocator_default_exec:s0 ############################# # Vendor files diff --git a/private/hal_allocator.te b/private/hal_allocator.te deleted file mode 100644 index d185d490d..000000000 --- a/private/hal_allocator.te +++ /dev/null @@ -1 +0,0 @@ -init_daemon_domain(hal_allocator) diff --git a/private/hal_allocator_default.te b/private/hal_allocator_default.te new file mode 100644 index 000000000..ff407d5a6 --- /dev/null +++ b/private/hal_allocator_default.te @@ -0,0 +1,5 @@ +type hal_allocator_default, domain; +hal_server_domain(hal_allocator_default, hal_allocator) + +type hal_allocator_default_exec, exec_type, file_type; +init_daemon_domain(hal_allocator_default) diff --git a/public/attributes b/public/attributes index 799a4fd78..b9360a6c6 100644 --- a/public/attributes +++ b/public/attributes @@ -121,6 +121,9 @@ attribute halserverdomain; attribute halclientdomain; # HALs +attribute hal_allocator; +attribute hal_allocator_client; +attribute hal_allocator_server; attribute hal_audio; attribute hal_audio_client; attribute hal_audio_server; diff --git a/public/hal_allocator.te b/public/hal_allocator.te deleted file mode 100644 index cab014543..000000000 --- a/public/hal_allocator.te +++ /dev/null @@ -1,5 +0,0 @@ -# allocator subsystem -type hal_allocator, domain; -hal_impl_domain(hal_allocator) - -type hal_allocator_exec, exec_type, file_type; diff --git a/public/hal_camera.te b/public/hal_camera.te index 6ed06b79a..b05239b78 100644 --- a/public/hal_camera.te +++ b/public/hal_camera.te @@ -16,7 +16,7 @@ allow { hal_camera_client hal_camera_server } hal_graphics_allocator:fd use; # Allow hal_camera to use fd from app,gralloc,and ashmem HAL allow hal_camera { appdomain -isolated_app }:fd use; allow hal_camera surfaceflinger:fd use; -allow hal_camera hal_allocator:fd use; +allow hal_camera hal_allocator_server:fd use; ### ### neverallow rules diff --git a/public/te_macros b/public/te_macros index 97dd948fc..60de5684e 100644 --- a/public/te_macros +++ b/public/te_macros @@ -338,7 +338,7 @@ typeattribute $1 binderservicedomain; # Allow a domain to use Hidl shared memory define(`hwallocator_use', ` # Call into the allocator hal -binder_call($1, hal_allocator); +binder_call($1, hal_allocator_server); ') #####################################