Merge "binder_use: Allow servicemanager callbacks" am: a2f0fdfddd am: 7f2d67e039 am: 8c9b9e4fff

Change-Id: Id822ed49e77e8bfdc5bcd0c1869b31940f95c992

private/lpdumpd.te

@@ -38,4 +38,5 @@ neverallow {
     -dumpstate
     -lpdumpd
     -shell
+    -servicemanager
 } lpdumpd:binder call;

public/apexd.te

@@ -7,7 +7,7 @@ add_service(apexd, apex_service)
 set_prop(apexd, apexd_prop)
 
 neverallow { domain -init -apexd -system_server } apex_service:service_manager find;
-neverallow { domain -init -apexd -system_server } apexd:binder call;
+neverallow { domain -init -apexd -system_server -servicemanager } apexd:binder call;
 
 neverallow { domain userdebug_or_eng(`-crash_dump') } apexd:process ptrace;
 

public/installd.te

@@ -173,9 +173,9 @@ allow installd preloads_media_file:dir { r_dir_perms write remove_name rmdir };
 ### Neverallow rules
 ###
 
-# only system_server, installd and dumpstate may interact with installd over binder
+# only system_server, installd, dumpstate, and servicemanager may interact with installd over binder
 neverallow { domain -system_server -dumpstate -installd } installd_service:service_manager find;
-neverallow { domain -system_server -dumpstate } installd:binder call;
+neverallow { domain -system_server -dumpstate -servicemanager } installd:binder call;
 neverallow installd {
     domain
     -system_server

public/te_macros

@@ -337,6 +337,8 @@ allow $1 $3:unix_dgram_socket sendto;
 define(`binder_use', `
 # Call the servicemanager and transfer references to it.
 allow $1 servicemanager:binder { call transfer };
+# Allow servicemanager to send out callbacks
+allow servicemanager $1:binder { call transfer };
 # servicemanager performs getpidcon on clients.
 allow servicemanager $1:dir search;
 allow servicemanager $1:file { read open };