gmscore_app: shell_data_file permissions

This also adds an auditallow to the same rule for priv_app, so we can delete it once no logs show up in go/sedenials for this rule triggerring. Bug: 142672293 Test: TH Change-Id: I554e0cb00a53fd254c450c20e6c632e58472c3c8
2019-12-17 15:09:30 -08:00 · 2019-12-17 15:09:30 -08:00 · f31e862cac
commit f31e862cac
parent a8ca12d1c0
2 changed files with 10 additions and 0 deletions
--- a/private/gmscore_app.te
+++ b/private/gmscore_app.te
@ -118,3 +118,8 @@ allow gmscore_app shell_data_file:dir r_dir_perms;
 allow gmscore_app ota_package_file:dir rw_dir_perms;
 allow gmscore_app ota_package_file:file create_file_perms;

+# Used by Finsky / Android "Verify Apps" functionality when
+# running "adb install foo.apk".
+allow gmscore_app shell_data_file:file r_file_perms;
+allow gmscore_app shell_data_file:dir r_dir_perms;
+
--- a/private/priv_app.te
+++ b/private/priv_app.te
@ -80,6 +80,11 @@ allow priv_app media_rw_data_file:file create_file_perms;
 # running "adb install foo.apk".
 allow priv_app shell_data_file:file r_file_perms;
 allow priv_app shell_data_file:dir r_dir_perms;
+# b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own domain.
+userdebug_or_eng(`
+  auditallow priv_app shell_data_file:file r_file_perms;
+  auditallow priv_app shell_data_file:dir r_dir_perms;
+')

 # Allow traceur to pass file descriptors through a content provider to betterbug
 allow priv_app trace_data_file:file { getattr read };