platform_system_sepolicy/vendor/vendor_install_recovery.te
Bill Peckham d0dc1a057d Moving recovery resources from /system to /vendor
This change is part of a topic that moves the recovery resources from the
system partition to the vendor partition, if it exists, or the vendor directory
on the system partition otherwise. The recovery resources are moving from the
system image to the vendor partition so that a single system image may be used
with either an A/B or a non-A/B vendor image. The topic removes a delta in the
system image that prevented such reuse in the past.

The recovery resources that are moving are involved with updating the recovery
partition after an update. In a non-A/B configuration, the system boots from
the recovery partition, updates the other partitions (system, vendor, etc.)
Then, the next time the system boots normally, a script updates the recovery
partition (if necessary). This script, the executables it invokes, and the data
files that it uses were previously on the system partition. The resources that
are moving include the following.

* install-recovery.sh
* applypatch
* recovery-resource.dat (if present)
* recovery-from-boot.p (if present)

This change includes the sepolicy changes to move the recovery resources from
system to vendor. The big change is renaming install_recovery*.te to
vendor_install_recovery*.te to emphasize the move to vendor. Other changes
follow from that. The net result is that the application of the recovery patch
has the same permissions that it had when it lived in system.

Bug: 68319577
Test: Ensure that recovery partition is updated correctly.
Change-Id: If29cb22b2a7a5ce1b25d45ef8635e6cb81103327
2019-10-04 14:40:27 -07:00

24 lines
1 KiB
Text

init_daemon_domain(vendor_install_recovery)
# service vendor_flash_recovery in
# bootable/recovery/applypatch/vendor_flash_recovery.rc
type vendor_install_recovery, domain;
type vendor_install_recovery_exec, vendor_file_type, exec_type, file_type;
# /vendor/bin/install-recovery.sh is a shell script.
# Needs to execute /vendor/bin/sh
allow vendor_install_recovery vendor_shell_exec:file rx_file_perms;
# Execute /vendor/bin/applypatch
allow vendor_install_recovery vendor_file:file rx_file_perms;
not_full_treble(`allow vendor_install_recovery vendor_file:file rx_file_perms;')
allow vendor_install_recovery vendor_toolbox_exec:file rx_file_perms;
# Update the recovery block device based off a diff of the boot block device
allow vendor_install_recovery block_device:dir search;
allow vendor_install_recovery boot_block_device:blk_file r_file_perms;
allow vendor_install_recovery recovery_block_device:blk_file rw_file_perms;
# Write to /proc/sys/vm/drop_caches
allow vendor_install_recovery proc_drop_caches:file w_file_perms;