a10f789d28
The update_engine daemon from Brillo is expected to be used also in Android so move its selinux policy to AOSP. Put update_engine in the whitelist (currently only has the recovery there) allowing it to bypass the notallow for writing to partititions labeled as system_block_device. Also introduce the misc_block_device dev_type as update_engine in some configurations may need to read/write the misc partition. Start migrating uncrypt to use this instead of overly broad block_device:blk_file access. Bug: 23186405 Test: Manually tested with Brillo build. Change-Id: Icf8cdb4133d4bbdf14bacc6c0fa7418810ac307a
35 lines
1.1 KiB
Text
35 lines
1.1 KiB
Text
# uncrypt
|
|
type uncrypt, domain, mlstrustedsubject;
|
|
type uncrypt_exec, exec_type, file_type;
|
|
|
|
init_daemon_domain(uncrypt)
|
|
|
|
allow uncrypt self:capability dac_override;
|
|
|
|
# Read OTA zip file from /data/data/com.google.android.gsf/app_download
|
|
r_dir_file(uncrypt, app_data_file)
|
|
|
|
userdebug_or_eng(`
|
|
# For debugging, allow /data/local/tmp access
|
|
r_dir_file(uncrypt, shell_data_file)
|
|
')
|
|
|
|
# Read /cache/recovery/command
|
|
# Read /cache/recovery/uncrypt_file
|
|
# Write to pipe file /cache/recovery/uncrypt_status
|
|
allow uncrypt cache_file:dir rw_dir_perms;
|
|
allow uncrypt cache_file:file create_file_perms;
|
|
allow uncrypt cache_file:fifo_file w_file_perms;
|
|
|
|
# Set a property to reboot the device.
|
|
set_prop(uncrypt, powerctl_prop)
|
|
|
|
# Raw writes to block device
|
|
allow uncrypt self:capability sys_rawio;
|
|
allow uncrypt block_device:blk_file w_file_perms;
|
|
auditallow uncrypt block_device:blk_file w_file_perms;
|
|
allow uncrypt misc_block_device:blk_file w_file_perms;
|
|
allow uncrypt block_device:dir r_dir_perms;
|
|
|
|
# Access userdata block device.
|
|
allow uncrypt userdata_block_device:blk_file w_file_perms;
|