From eeda6c6106f784f3d76bb56b07e9f0776a87c41f Mon Sep 17 00:00:00 2001 From: Amit Mahajan Date: Wed, 7 Mar 2018 17:07:37 -0800 Subject: [PATCH] Move rild from public to vendor. Also change the neverallow exceptions to be for hal_telephony_server instead of rild. Test: Basic telephony sanity, treehugger Bug: 36427227 Change-Id: If892b28416d98ca1f9c241c5fcec70fbae35c82e --- private/compat/26.0/26.0.cil | 1 + private/compat/27.0/27.0.cil | 1 + public/domain.te | 1 - public/hal_neverallows.te | 6 ++--- public/hal_telephony.te | 39 +++++++++++++++++++++++++++++++ public/property.te | 4 ++-- public/radio.te | 4 ++-- public/rild.te | 45 ------------------------------------ vendor/rild.te | 5 ++++ 9 files changed, 53 insertions(+), 53 deletions(-) delete mode 100644 public/rild.te diff --git a/private/compat/26.0/26.0.cil b/private/compat/26.0/26.0.cil index 4cffaab00..06befe0bf 100644 --- a/private/compat/26.0/26.0.cil +++ b/private/compat/26.0/26.0.cil @@ -12,6 +12,7 @@ (type tracing_shell_writable_debug) (type vold_socket) (type webview_zygote_socket) +(type rild) (typeattributeset accessibility_service_26_0 (accessibility_service)) (typeattributeset account_service_26_0 (account_service)) diff --git a/private/compat/27.0/27.0.cil b/private/compat/27.0/27.0.cil index a9f485ef7..52760f791 100644 --- a/private/compat/27.0/27.0.cil +++ b/private/compat/27.0/27.0.cil @@ -2,6 +2,7 @@ (type webview_zygote_socket) (type reboot_data_file) (type vold_socket) +(type rild) (expandtypeattribute (accessibility_service_27_0) true) (expandtypeattribute (account_service_27_0) true) diff --git a/public/domain.te b/public/domain.te index f2b9f0c70..a8c8365cf 100644 --- a/public/domain.te +++ b/public/domain.te @@ -961,7 +961,6 @@ full_treble_only(` domain -coredomain -appdomain - -rild -vendor_executes_system_violators -vendor_init } { diff --git a/public/hal_neverallows.te b/public/hal_neverallows.te index 1ab28c5d7..017fcce7b 100644 --- a/public/hal_neverallows.te +++ b/public/hal_neverallows.te @@ -6,7 +6,7 @@ neverallow { -hal_wifi_server -hal_wifi_hostapd_server -hal_wifi_supplicant_server - -rild + -hal_telephony_server } self:global_capability_class_set { net_admin net_raw }; # Unless a HAL's job is to communicate over the network, or control network @@ -17,7 +17,7 @@ neverallow { -hal_wifi_server -hal_wifi_hostapd_server -hal_wifi_supplicant_server - -rild + -hal_telephony_server } domain:{ tcp_socket udp_socket rawip_socket } *; ### @@ -44,7 +44,7 @@ neverallow { neverallow { halserverdomain -hal_dumpstate_server - -rild + -hal_telephony_server } { file_type fs_type }:file execute_no_trans; # Do not allow a process other than init to transition into a HAL domain. neverallow { domain -init } halserverdomain:process transition; diff --git a/public/hal_telephony.te b/public/hal_telephony.te index 41cfd4bf3..86f41cbea 100644 --- a/public/hal_telephony.te +++ b/public/hal_telephony.te @@ -5,3 +5,42 @@ binder_call(hal_telephony_server, hal_telephony_client) add_hwservice(hal_telephony_server, hal_telephony_hwservice) allow hal_telephony_client hal_telephony_hwservice:hwservice_manager find; +allowxperm hal_telephony_server self:udp_socket ioctl priv_sock_ioctls; + +allow hal_telephony_server self:netlink_route_socket nlmsg_write; +allow hal_telephony_server kernel:system module_request; +allow hal_telephony_server self:global_capability_class_set { setpcap setgid setuid net_admin net_raw }; +allow hal_telephony_server alarm_device:chr_file rw_file_perms; +allow hal_telephony_server cgroup:dir create_dir_perms; +allow hal_telephony_server cgroup:{ file lnk_file } r_file_perms; +allow hal_telephony_server radio_device:chr_file rw_file_perms; +allow hal_telephony_server radio_device:blk_file r_file_perms; +allow hal_telephony_server mtd_device:dir search; +allow hal_telephony_server efs_file:dir create_dir_perms; +allow hal_telephony_server efs_file:file create_file_perms; +allow hal_telephony_server vendor_shell_exec:file rx_file_perms; +allow hal_telephony_server bluetooth_efs_file:file r_file_perms; +allow hal_telephony_server bluetooth_efs_file:dir r_dir_perms; +allow hal_telephony_server sdcard_type:dir r_dir_perms; + +# property service +set_prop(hal_telephony_server, radio_prop) +set_prop(hal_telephony_server, exported_radio_prop) +set_prop(hal_telephony_server, exported2_radio_prop) + +allow hal_telephony_server tty_device:chr_file rw_file_perms; + +# Allow hal_telephony_server to create and use netlink sockets. +allow hal_telephony_server self:netlink_socket create_socket_perms_no_ioctl; +allow hal_telephony_server self:netlink_generic_socket create_socket_perms_no_ioctl; +allow hal_telephony_server self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; + +# Access to wake locks +wakelock_use(hal_telephony_server) + +r_dir_file(hal_telephony_server, proc_net) +r_dir_file(hal_telephony_server, sysfs_type) +r_dir_file(hal_telephony_server, system_file) + +# granting the ioctl permission for hal_telephony_server should be device specific +allow hal_telephony_server self:socket create_socket_perms_no_ioctl; diff --git a/public/property.te b/public/property.te index e40033268..cb839c955 100644 --- a/public/property.te +++ b/public/property.te @@ -158,7 +158,7 @@ compatible_property_only(` domain -coredomain -appdomain - -rild + -hal_telephony_server -vendor_init } { exported_radio_prop @@ -203,7 +203,7 @@ compatible_property_only(` domain -coredomain -appdomain - -rild + -hal_telephony_server -vendor_init } { radio_prop diff --git a/public/radio.te b/public/radio.te index b66514c83..4998a61cd 100644 --- a/public/radio.te +++ b/public/radio.te @@ -5,8 +5,8 @@ net_domain(radio) bluetooth_domain(radio) binder_service(radio) -# Talks to rild via the rild socket only for devices without full treble -not_full_treble(`unix_socket_connect(radio, rild, rild)') +# Talks to hal_telephony_server via the rild socket only for devices without full treble +not_full_treble(`unix_socket_connect(radio, rild, hal_telephony_server)') # Data file accesses. allow radio radio_data_file:dir create_dir_perms; diff --git a/public/rild.te b/public/rild.te deleted file mode 100644 index 8cafd23e4..000000000 --- a/public/rild.te +++ /dev/null @@ -1,45 +0,0 @@ -# rild - radio interface layer daemon -type rild, domain; -hal_server_domain(rild, hal_telephony) - -net_domain(rild) -allowxperm rild self:udp_socket ioctl priv_sock_ioctls; - -allow rild self:netlink_route_socket nlmsg_write; -allow rild kernel:system module_request; -allow rild self:global_capability_class_set { setpcap setgid setuid net_admin net_raw }; -allow rild alarm_device:chr_file rw_file_perms; -allow rild cgroup:dir create_dir_perms; -allow rild cgroup:{ file lnk_file } r_file_perms; -allow rild radio_device:chr_file rw_file_perms; -allow rild radio_device:blk_file r_file_perms; -allow rild mtd_device:dir search; -allow rild efs_file:dir create_dir_perms; -allow rild efs_file:file create_file_perms; -allow rild shell_exec:file rx_file_perms; -allow rild bluetooth_efs_file:file r_file_perms; -allow rild bluetooth_efs_file:dir r_dir_perms; -allow rild sdcard_type:dir r_dir_perms; - -# property service -set_prop(rild, radio_prop) -set_prop(rild, exported_radio_prop) -set_prop(rild, exported2_radio_prop) - -allow rild tty_device:chr_file rw_file_perms; - -# Allow rild to create and use netlink sockets. -allow rild self:netlink_socket create_socket_perms_no_ioctl; -allow rild self:netlink_generic_socket create_socket_perms_no_ioctl; -allow rild self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; - -# Access to wake locks -wakelock_use(rild) - -r_dir_file(rild, proc_net) -r_dir_file(rild, sysfs_type) -r_dir_file(rild, system_file) - -# granting the ioctl permission for rild should be device specific -allow rild self:socket create_socket_perms_no_ioctl; - diff --git a/vendor/rild.te b/vendor/rild.te index 510a776c4..fc84ef706 100644 --- a/vendor/rild.te +++ b/vendor/rild.te @@ -1,3 +1,8 @@ +# rild - radio interface layer daemon +type rild, domain; +hal_server_domain(rild, hal_telephony) +net_domain(rild) + # type_transition must be private policy the domain_trans rules could stay # public, but conceptually should go with this type rild_exec, exec_type, vendor_file_type, file_type;