From dd57e698869ace5d13bcffa377aa7068d0031b20 Mon Sep 17 00:00:00 2001 From: Jeff Sharkey Date: Wed, 3 May 2017 10:52:59 -0600 Subject: [PATCH] Allow installd to delete files via sdcardfs. When installd clears cached files on external storage, the sdcardfs kernel filesystem needs to be kept in the loop to release any cached dentries that it's holding onto. (Otherwise the underlying disk space isn't actually released.) installd can already delete the underlying files directly (via the media_rw_data_file rules), so this technically isn't expanding its capabilities. avc: granted { search } for name="/" dev="tmpfs" ino=6897 scontext=u:r:installd:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir avc: denied { open } for path="/mnt/runtime/default/emulated/0/Android/data" dev="sdcardfs" ino=589830 scontext=u:r:installd:s0 tcontext=u:object_r:sdcardfs:s0 tclass=dir permissive=1 avc: denied { write } for name="com.google.android.inputmethod.japanese" dev="sdcardfs" ino=590040 scontext=u:r:installd:s0 tcontext=u:object_r:sdcardfs:s0 tclass=dir permissive=0 avc: denied { remove_name } for name="cache_r.m" dev="sdcardfs" ino=589868 scontext=u:r:installd:s0 tcontext=u:object_r:sdcardfs:s0 tclass=dir permissive=0 avc: denied { getattr } for path="/mnt/runtime/default/emulated/0/Android/data/.nomedia" dev="sdcardfs" ino=589831 scontext=u:r:installd:s0 tcontext=u:object_r:sdcardfs:s0 tclass=file permissive=1 Test: cts-tradefed run commandAndExit cts-dev -m CtsAppSecurityHostTestCases -t android.appsecurity.cts.StorageHostTest Bug: 37486230 Change-Id: Icfd00a9ba379b1f50c48fe85849304cf9859bcb2 (cherry picked from commit 72f4c61979c75cee6822bcb20530728652e1a7b5) --- public/domain_deprecated.te | 3 ++- public/installd.te | 6 ++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/public/domain_deprecated.te b/public/domain_deprecated.te index 6a51e617e..ad84af9be 100644 --- a/public/domain_deprecated.te +++ b/public/domain_deprecated.te @@ -1,11 +1,12 @@ # rules removed from the domain attribute # Search /storage/emulated tmpfs mount. -allow domain_deprecated tmpfs:dir r_dir_perms; +allow { domain_deprecated -installd } tmpfs:dir r_dir_perms; userdebug_or_eng(` auditallow { domain_deprecated -appdomain + -installd -sdcardd -surfaceflinger -system_server diff --git a/public/installd.te b/public/installd.te index 0a5b8a380..8440994e4 100644 --- a/public/installd.te +++ b/public/installd.te @@ -46,6 +46,12 @@ allow installd media_rw_data_file:file { getattr unlink }; allow installd system_data_file:dir relabelfrom; allow installd media_rw_data_file:dir relabelto; +# Delete /data/media files through sdcardfs, instead of going behind its back +allow installd tmpfs:dir r_dir_perms; +allow installd storage_file:dir search; +allow installd sdcardfs:dir { search open read write remove_name getattr rmdir }; +allow installd sdcardfs:file { getattr unlink }; + # Upgrade /data/misc/keychain for multi-user if necessary. allow installd misc_user_data_file:dir create_dir_perms; allow installd misc_user_data_file:file create_file_perms;