cc39f63773
Divide policy into public and private components. This is the first step in splitting the policy creation for platform and non-platform policies. The policy in the public directory will be exported for use in non-platform policy creation. Backwards compatibility with it will be achieved by converting the exported policy into attribute-based policy when included as part of the non-platform policy and a mapping file will be maintained to be included with the platform policy that maps exported attributes of previous versions to the current platform version. Eventually we would like to create a clear interface between the platform and non-platform device components so that the exported policy, and the need for attributes is minimal. For now, almost all types and avrules are left in public. Test: Tested by building policy and running on device. Change-Id: Idef796c9ec169259787c3f9d8f423edf4ce27f8c
47 lines
1.4 KiB
Text
47 lines
1.4 KiB
Text
# Any fsck program run by init
|
|
type fsck, domain, domain_deprecated;
|
|
type fsck_exec, exec_type, file_type;
|
|
|
|
# /dev/__null__ created by init prior to policy load,
|
|
# open fd inherited by fsck.
|
|
allow fsck tmpfs:chr_file { read write ioctl };
|
|
|
|
# Inherit and use pty created by android_fork_execvp_ext().
|
|
allow fsck devpts:chr_file { read write ioctl getattr };
|
|
|
|
# Allow stdin/out back to vold
|
|
allow fsck vold:fd use;
|
|
allow fsck vold:fifo_file { read write getattr };
|
|
|
|
# Run fsck on certain block devices
|
|
allow fsck block_device:dir search;
|
|
allow fsck userdata_block_device:blk_file rw_file_perms;
|
|
allow fsck cache_block_device:blk_file rw_file_perms;
|
|
allow fsck dm_device:blk_file rw_file_perms;
|
|
|
|
# fsck performs a stat() on swap to verify that it is a valid
|
|
# swap device before setting the EXT2_MF_SWAP mount flag.
|
|
allow fsck swap_block_device:blk_file getattr;
|
|
|
|
r_dir_file(fsck, proc)
|
|
|
|
###
|
|
### neverallow rules
|
|
###
|
|
|
|
# fsck should never be run on these block devices
|
|
neverallow fsck {
|
|
boot_block_device
|
|
frp_block_device
|
|
metadata_block_device
|
|
recovery_block_device
|
|
root_block_device
|
|
swap_block_device
|
|
system_block_device
|
|
vold_device
|
|
}:blk_file no_rw_file_perms;
|
|
|
|
# Only allow entry from init or vold via fsck binaries
|
|
neverallow { domain -init -vold } fsck:process transition;
|
|
neverallow * fsck:process dyntransition;
|
|
neverallow fsck { file_type fs_type -fsck_exec }:file entrypoint;
|