7914a47f05
This change enables SELinux security enforcement on vold. For the vold.te file ONLY, this change is conceptually a revert of77d4731e9dand50e37b93ac, with the following additional changes: 1) Removal of "allow vold proc:file write;" and "allow vold self:capability { sys_boot };". As of system/vold change adfba3626e76c1931649634275d241b226cd1b9a, vold no longer performs it's own reboots, so these capabilities are no longer needed. 2) Addition of the powerctl property, which vold contacts to tell init to reboot. 3) Removal of "allow vold kernel:system module_request;". As of CTS commit f2cfdf5c057140d9442fcfeb4e4a648e8258b659, Android devices no longer ship with loadable modules, hence we don't require this rule. 4) Removal of "fsetid" from "self:capability". Any setuid / setgid bits SHOULD be cleared if vold is able to change the permissions of files. IMHO, it was a mistake to ever include this capability in the first place. Testing: As much as possible, I've tested filesystem related functionality, including factory reset and device encryption. I wasn't able to test fstrim functionality, which is a fairly new feature. I didn't see any policy denials in dmesg. It's quite possible I've missed something. If we experience problems, I happy to roll back this change. Bug: 9629920 Change-Id: I683afa0dffe9f28952287bfdb7ee4e0423c2e97a
13 lines
449 B
Text
13 lines
449 B
Text
type default_prop, property_type;
|
|
type shell_prop, property_type;
|
|
type radio_prop, property_type;
|
|
type system_prop, property_type;
|
|
type vold_prop, property_type;
|
|
type rild_prop, property_type;
|
|
type ctl_default_prop, property_type;
|
|
type ctl_dumpstate_prop, property_type;
|
|
type ctl_rildaemon_prop, property_type;
|
|
type audio_prop, property_type;
|
|
type security_prop, property_type;
|
|
type bluetooth_prop, property_type;
|
|
type powerctl_prop, property_type;
|