From d12993f0846744ae8188a299cb1bb135014f626a Mon Sep 17 00:00:00 2001
From: dcashman <dcashman@google.com>
Date: Thu, 2 Apr 2015 16:50:08 -0700
Subject: [PATCH] Add system_api_service and app_api_service attributes.

System services differ in designed access level.  Add attributes reflecting this
distinction and label services appropriately.  Begin moving access to the newly
labeled services by removing them from tmp_system_server_service into the newly
made system_server_service attribute.  Reflect the move of system_server_service
from a type to an attribute by removing access to system_server_service where
appropriate.

Change-Id: I7fd06823328daaea6d6f96e4d6bd00332382230b
---
 attributes        |  7 +++++++
 bluetooth.te      |  3 ++-
 drmserver.te      |  1 -
 mediaserver.te    |  1 -
 nfc.te            |  3 ++-
 platform_app.te   |  3 ++-
 radio.te          |  3 ++-
 service.te        | 29 ++++++++++++++---------------
 service_contexts  |  2 +-
 shared_relro.te   |  1 -
 surfaceflinger.te |  1 -
 system_app.te     |  3 ++-
 untrusted_app.te  |  5 ++++-
 13 files changed, 36 insertions(+), 26 deletions(-)

diff --git a/attributes b/attributes
index af9af8e92..f35c83fec 100644
--- a/attributes
+++ b/attributes
@@ -44,6 +44,13 @@ attribute property_type;
 
 # All service_manager types formerly given system_server_service type
 attribute tmp_system_server_service;
+attribute system_server_service;
+
+# services which should be available to all but isolated apps
+attribute app_api_service;
+
+# services which export only system_api
+attribute system_api_service;
 
 # All types used for services managed by service_manager.
 attribute service_manager_type;
diff --git a/bluetooth.te b/bluetooth.te
index 7d81e0984..c670b176e 100644
--- a/bluetooth.te
+++ b/bluetooth.te
@@ -53,8 +53,9 @@ allow bluetooth bluetooth_service:service_manager find;
 allow bluetooth mediaserver_service:service_manager find;
 allow bluetooth radio_service:service_manager find;
 allow bluetooth surfaceflinger_service:service_manager find;
-allow bluetooth system_server_service:service_manager find;
 allow bluetooth tmp_system_server_service:service_manager find;
+allow bluetooth app_api_service:service_manager find;
+allow bluetooth system_api_service:service_manager find;
 
 service_manager_local_audit_domain(bluetooth)
 auditallow bluetooth {
diff --git a/drmserver.te b/drmserver.te
index e52d679ff..418ce397a 100644
--- a/drmserver.te
+++ b/drmserver.te
@@ -50,7 +50,6 @@ allow drmserver oemfs:dir search;
 allow drmserver oemfs:file r_file_perms;
 
 allow drmserver drmserver_service:service_manager { add find };
-allow drmserver system_server_service:service_manager find;
 allow drmserver tmp_system_server_service:service_manager find;
 
 service_manager_local_audit_domain(drmserver)
diff --git a/mediaserver.te b/mediaserver.te
index 23abb0fb3..77b54a392 100644
--- a/mediaserver.te
+++ b/mediaserver.te
@@ -80,7 +80,6 @@ allow mediaserver tee:unix_stream_socket connectto;
 
 allow mediaserver drmserver_service:service_manager find;
 allow mediaserver mediaserver_service:service_manager { add find };
-allow mediaserver system_server_service:service_manager find;
 allow mediaserver surfaceflinger_service:service_manager find;
 allow mediaserver tmp_system_server_service:service_manager find;
 
diff --git a/nfc.te b/nfc.te
index de482f442..34e822894 100644
--- a/nfc.te
+++ b/nfc.te
@@ -23,8 +23,9 @@ allow nfc mediaserver_service:service_manager find;
 allow nfc nfc_service:service_manager { add find };
 allow nfc radio_service:service_manager find;
 allow nfc surfaceflinger_service:service_manager find;
-allow nfc system_server_service:service_manager find;
 allow nfc tmp_system_server_service:service_manager find;
+allow nfc app_api_service:service_manager find;
+allow nfc system_api_service:service_manager find;
 
 service_manager_local_audit_domain(nfc)
 auditallow nfc {
diff --git a/platform_app.te b/platform_app.te
index 92ac5adfd..d16ea1bae 100644
--- a/platform_app.te
+++ b/platform_app.te
@@ -32,8 +32,9 @@ allow platform_app drmserver_service:service_manager find;
 allow platform_app mediaserver_service:service_manager find;
 allow platform_app radio_service:service_manager find;
 allow platform_app surfaceflinger_service:service_manager find;
-allow platform_app system_server_service:service_manager find;
 allow platform_app tmp_system_server_service:service_manager find;
+allow platform_app app_api_service:service_manager find;
+allow platform_app system_api_service:service_manager find;
 
 service_manager_local_audit_domain(platform_app)
 auditallow platform_app {
diff --git a/radio.te b/radio.te
index 4ecf43ca7..19a9aec01 100644
--- a/radio.te
+++ b/radio.te
@@ -34,8 +34,9 @@ allow radio drmserver_service:service_manager find;
 allow radio mediaserver_service:service_manager find;
 allow radio radio_service:service_manager { add find };
 allow radio surfaceflinger_service:service_manager find;
-allow radio system_server_service:service_manager find;
 allow radio tmp_system_server_service:service_manager find;
+allow radio app_api_service:service_manager find;
+allow radio system_api_service:service_manager find;
 
 service_manager_local_audit_domain(radio)
 auditallow radio {
diff --git a/service.te b/service.te
index 156e53472..eafe163ca 100644
--- a/service.te
+++ b/service.te
@@ -10,8 +10,6 @@ type radio_service,             service_manager_type;
 type surfaceflinger_service,    service_manager_type;
 type system_app_service,        service_manager_type;
 
-type system_server_service,     service_manager_type;
-
 # system_server_services broken down
 type accessibility_service, tmp_system_server_service, service_manager_type;
 type account_service, tmp_system_server_service, service_manager_type;
@@ -27,31 +25,31 @@ type battery_service, tmp_system_server_service, service_manager_type;
 type bluetooth_manager_service, tmp_system_server_service, service_manager_type;
 type clipboard_service, tmp_system_server_service, service_manager_type;
 type IMms_service, tmp_system_server_service, service_manager_type;
-type IProxyService_service, tmp_system_server_service, service_manager_type;
+type IProxyService_service, system_api_service, system_server_service, service_manager_type;
 type commontime_management_service, tmp_system_server_service, service_manager_type;
 type connectivity_service, tmp_system_server_service, service_manager_type;
-type consumer_ir_service, tmp_system_server_service, service_manager_type;
+type consumer_ir_service, app_api_service, system_server_service, service_manager_type;
 type content_service, tmp_system_server_service, service_manager_type;
 type country_detector_service, tmp_system_server_service, service_manager_type;
-type cpuinfo_service, tmp_system_server_service, service_manager_type;
-type dbinfo_service, tmp_system_server_service, service_manager_type;
+type cpuinfo_service, system_api_service, system_server_service, service_manager_type;
+type dbinfo_service, system_api_service, system_server_service, service_manager_type;
 type device_policy_service, tmp_system_server_service, service_manager_type;
 type deviceidle_service, tmp_system_server_service, service_manager_type;
-type devicestoragemonitor_service, tmp_system_server_service, service_manager_type;
+type devicestoragemonitor_service, system_server_service, service_manager_type;
 type diskstats_service, tmp_system_server_service, service_manager_type;
 type display_service, tmp_system_server_service, service_manager_type;
-type DockObserver_service, tmp_system_server_service, service_manager_type;
+type DockObserver_service, system_server_service, service_manager_type;
 type dreams_service, tmp_system_server_service, service_manager_type;
 type dropbox_service, tmp_system_server_service, service_manager_type;
 type ethernet_service, tmp_system_server_service, service_manager_type;
 type fingerprint_service, tmp_system_server_service, service_manager_type;
-type gfxinfo_service, tmp_system_server_service, service_manager_type;
+type gfxinfo_service, system_api_service, system_server_service, service_manager_type;
 type graphicsstats_service, tmp_system_server_service, service_manager_type;
 type hardware_service, tmp_system_server_service, service_manager_type;
 type hdmi_control_service, tmp_system_server_service, service_manager_type;
 type input_method_service, tmp_system_server_service, service_manager_type;
 type input_service, tmp_system_server_service, service_manager_type;
-type imms_service, tmp_system_server_service, service_manager_type;
+type imms_service, app_api_service, system_server_service, service_manager_type;
 type jobscheduler_service, tmp_system_server_service, service_manager_type;
 type launcherapps_service, tmp_system_server_service, service_manager_type;
 type location_service, tmp_system_server_service, service_manager_type;
@@ -59,8 +57,8 @@ type lock_settings_service, tmp_system_server_service, service_manager_type;
 type media_projection_service, tmp_system_server_service, service_manager_type;
 type media_router_service, tmp_system_server_service, service_manager_type;
 type media_session_service, tmp_system_server_service, service_manager_type;
-type meminfo_service, tmp_system_server_service, service_manager_type;
-type midi_service, tmp_system_server_service, service_manager_type;
+type meminfo_service, system_api_service, system_server_service, service_manager_type;
+type midi_service, app_api_service, system_server_service, service_manager_type;
 type mount_service, tmp_system_server_service, service_manager_type;
 type netpolicy_service, tmp_system_server_service, service_manager_type;
 type netstats_service, tmp_system_server_service, service_manager_type;
@@ -76,7 +74,7 @@ type processinfo_service, tmp_system_server_service, service_manager_type;
 type procstats_service, tmp_system_server_service, service_manager_type;
 type restrictions_service, tmp_system_server_service, service_manager_type;
 type rttmanager_service, tmp_system_server_service, service_manager_type;
-type samplingprofiler_service, tmp_system_server_service, service_manager_type;
+type samplingprofiler_service, system_server_service, service_manager_type;
 type scheduling_policy_service, tmp_system_server_service, service_manager_type;
 type search_service, tmp_system_server_service, service_manager_type;
 type sensorservice_service, tmp_system_server_service, service_manager_type;
@@ -86,8 +84,9 @@ type statusbar_service, tmp_system_server_service, service_manager_type;
 type task_service, tmp_system_server_service, service_manager_type;
 type registry_service, tmp_system_server_service, service_manager_type;
 type textservices_service, tmp_system_server_service, service_manager_type;
+type telecom_service, tmp_system_server_service, service_manager_type;
 type trust_service, tmp_system_server_service, service_manager_type;
-type tv_input_service, tmp_system_server_service, service_manager_type;
+type tv_input_service, app_api_service, system_server_service, service_manager_type;
 type uimode_service, tmp_system_server_service, service_manager_type;
 type updatelock_service, tmp_system_server_service, service_manager_type;
 type usagestats_service, tmp_system_server_service, service_manager_type;
@@ -98,6 +97,6 @@ type voiceinteraction_service, tmp_system_server_service, service_manager_type;
 type wallpaper_service, tmp_system_server_service, service_manager_type;
 type webviewupdate_service, tmp_system_server_service, service_manager_type;
 type wifip2p_service, tmp_system_server_service, service_manager_type;
-type wifiscanner_service, tmp_system_server_service, service_manager_type;
+type wifiscanner_service, system_api_service, system_server_service, service_manager_type;
 type wifi_service, tmp_system_server_service, service_manager_type;
 type window_service, tmp_system_server_service, service_manager_type;
diff --git a/service_contexts b/service_contexts
index 223f99f57..322f34934 100644
--- a/service_contexts
+++ b/service_contexts
@@ -106,7 +106,7 @@ sip                                       u:object_r:radio_service:s0
 statusbar                                 u:object_r:statusbar_service:s0
 SurfaceFlinger                            u:object_r:surfaceflinger_service:s0
 task                                      u:object_r:task_service:s0
-telecom                                   u:object_r:system_server_service:s0
+telecom                                   u:object_r:telecom_service:s0
 telephony.registry                        u:object_r:registry_service:s0
 textservices                              u:object_r:textservices_service:s0
 trust                                     u:object_r:trust_service:s0
diff --git a/shared_relro.te b/shared_relro.te
index 1a7e2d030..c97ab5ca1 100644
--- a/shared_relro.te
+++ b/shared_relro.te
@@ -10,7 +10,6 @@ allow shared_relro shared_relro_file:dir rw_dir_perms;
 allow shared_relro shared_relro_file:file create_file_perms;
 
 # Needs to contact the "webviewupdate" and "activity" services
-allow shared_relro system_server_service:service_manager find;
 allow shared_relro tmp_system_server_service:service_manager find;
 
 service_manager_local_audit_domain(shared_relro)
diff --git a/surfaceflinger.te b/surfaceflinger.te
index a6ba5d966..007be9624 100644
--- a/surfaceflinger.te
+++ b/surfaceflinger.te
@@ -61,7 +61,6 @@ allow surfaceflinger tee_device:chr_file rw_file_perms;
 # media.player service
 allow surfaceflinger mediaserver_service:service_manager find;
 allow surfaceflinger surfaceflinger_service:service_manager { add find };
-allow surfaceflinger system_server_service:service_manager find;
 allow surfaceflinger tmp_system_server_service:service_manager find;
 
 service_manager_local_audit_domain(surfaceflinger)
diff --git a/system_app.te b/system_app.te
index 6740dcda6..6e91dd0ea 100644
--- a/system_app.te
+++ b/system_app.te
@@ -53,8 +53,9 @@ allow system_app nfc_service:service_manager find;
 allow system_app radio_service:service_manager find;
 allow system_app surfaceflinger_service:service_manager find;
 allow system_app system_app_service:service_manager add;
-allow system_app system_server_service:service_manager find;
 allow system_app tmp_system_server_service:service_manager find;
+allow system_app app_api_service:service_manager find;
+allow system_app system_api_service:service_manager find;
 
 service_manager_local_audit_domain(system_app)
 auditallow system_app {
diff --git a/untrusted_app.te b/untrusted_app.te
index a93885a78..b090fe468 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -81,8 +81,11 @@ allow untrusted_app mediaserver_service:service_manager find;
 allow untrusted_app nfc_service:service_manager find;
 allow untrusted_app radio_service:service_manager find;
 allow untrusted_app surfaceflinger_service:service_manager find;
-allow untrusted_app system_server_service:service_manager find;
 allow untrusted_app tmp_system_server_service:service_manager find;
+allow untrusted_app app_api_service:service_manager find;
+
+# TODO: remove this once priv-apps are no longer running in untrusted_app
+allow untrusted_app system_api_service:service_manager find;
 
 service_manager_local_audit_domain(untrusted_app)
 auditallow untrusted_app {