Merge "Move to ioctl whitelisting for plain files / directories"
This commit is contained in:
Treehugger Robot
Gerrit Code Review
commit
ae079b88bb
5 changed files with 43 additions and 0 deletions
|
|
@ -42,6 +42,10 @@ net_domain(adbd)
|
|||
# Access /dev/usb-ffs/adb/ep0
|
||||
allow adbd functionfs:dir search;
|
||||
allow adbd functionfs:file rw_file_perms;
|
||||
allowxperm adbd functionfs:file ioctl {
|
||||
FUNCTIONFS_ENDPOINT_DESC
|
||||
FUNCTIONFS_CLEAR_HALT
|
||||
};
|
||||
|
||||
# Use a pseudo tty.
|
||||
allow adbd devpts:chr_file rw_file_perms;
|
||||
|
|
|
|||
|
|
@ -291,6 +291,23 @@ allowxperm domain domain:{ unix_dgram_socket unix_stream_socket }
|
|||
# separately.
|
||||
allowxperm domain devpts:chr_file ioctl unpriv_tty_ioctls;
|
||||
|
||||
# All domains must clearly enumerate what ioctls they use
|
||||
# on plain files and directories
|
||||
allowxperm domain { file_type fs_type }:{ dir file } ioctl { 0 };
|
||||
|
||||
# Support sqlite F2FS specific optimizations
|
||||
# ioctl permission on the specific file type is still required
|
||||
# TODO: consider only compiling these rules if we know the
|
||||
# /data partition is F2FS
|
||||
allowxperm domain file_type:file ioctl {
|
||||
F2FS_IOC_ABORT_VOLATILE_WRITE
|
||||
F2FS_IOC_COMMIT_ATOMIC_WRITE
|
||||
F2FS_IOC_GET_FEATURES
|
||||
F2FS_IOC_GET_PIN_FILE
|
||||
F2FS_IOC_SET_PIN_FILE
|
||||
F2FS_IOC_START_ATOMIC_WRITE
|
||||
};
|
||||
|
||||
# Workaround for policy compiler being too aggressive and removing hwservice_manager_type
|
||||
# when it's not explicitly used in allow rules
|
||||
allow { domain -domain } hwservice_manager_type:hwservice_manager { add find };
|
||||
|
|
|
|||
|
|
@ -500,6 +500,12 @@ allow init init:key { write search setattr };
|
|||
# Allow init to create /data/unencrypted
|
||||
allow init unencrypted_data_file:dir create_dir_perms;
|
||||
|
||||
# Set encryption policy on dirs in /data
|
||||
allowxperm init data_file_type:dir ioctl {
|
||||
FS_IOC_GET_ENCRYPTION_POLICY
|
||||
FS_IOC_SET_ENCRYPTION_POLICY
|
||||
};
|
||||
|
||||
# Allow init to write to /proc/sys/vm/overcommit_memory
|
||||
allow init proc_overcommit_memory:file { write };
|
||||
|
||||
|
|
|
|||
|
|
@ -35,6 +35,12 @@ allow vendor_init self:global_capability_class_set { chown fowner fsetid };
|
|||
allow vendor_init unencrypted_data_file:dir search;
|
||||
allow vendor_init unencrypted_data_file:file r_file_perms;
|
||||
|
||||
# Set encryption policy on dirs in /data
|
||||
allowxperm vendor_init data_file_type:dir ioctl {
|
||||
FS_IOC_GET_ENCRYPTION_POLICY
|
||||
FS_IOC_SET_ENCRYPTION_POLICY
|
||||
};
|
||||
|
||||
allow vendor_init system_data_file:dir getattr;
|
||||
|
||||
allow vendor_init {
|
||||
|
|
|
|||
|
|
@ -43,6 +43,16 @@ allow vold shell_exec:file rx_file_perms;
|
|||
# For formatting adoptable storage devices
|
||||
allow vold e2fs_exec:file rx_file_perms;
|
||||
|
||||
# Run fstrim on mounted partitions
|
||||
# allowxperm still requires the ioctl permission for the individual type
|
||||
allowxperm vold { fs_type file_type }:dir ioctl FITRIM;
|
||||
|
||||
# Get encryption policy for dirs in /data
|
||||
allowxperm vold data_file_type:dir ioctl {
|
||||
FS_IOC_GET_ENCRYPTION_POLICY
|
||||
FS_IOC_SET_ENCRYPTION_POLICY
|
||||
};
|
||||
|
||||
typeattribute vold mlstrustedsubject;
|
||||
allow vold self:process setfscreate;
|
||||
allow vold system_file:file x_file_perms;
|
||||
|
|
|
|||
Loading…
Reference in a new issue