12dd4e51d5c2a2dfc0bfdee9303269f5a665f6e3Stephen Smalley# volume manager 276aab82cb3a7560d3d78f93c7f2d00ed381192c4Jeff Vander Stoeptype vold, domain; 32dd4e51d5c2a2dfc0bfdee9303269f5a665f6e3Stephen Smalleytype vold_exec, exec_type, file_type; 42dd4e51d5c2a2dfc0bfdee9303269f5a665f6e3Stephen Smalley 59306072c97db7aadda86baf1eb402d7e36baf6fcJeff Vander Stoep# Read already opened /cache files. 69306072c97db7aadda86baf1eb402d7e36baf6fcJeff Vander Stoepallow vold cache_file:dir r_dir_perms; 79306072c97db7aadda86baf1eb402d7e36baf6fcJeff Vander Stoepallow vold cache_file:file { getattr read }; 89306072c97db7aadda86baf1eb402d7e36baf6fcJeff Vander Stoepallow vold cache_file:lnk_file r_file_perms; 99306072c97db7aadda86baf1eb402d7e36baf6fcJeff Vander Stoep 109306072c97db7aadda86baf1eb402d7e36baf6fcJeff Vander Stoep# Read access to pseudo filesystems. 119306072c97db7aadda86baf1eb402d7e36baf6fcJeff Vander Stoepr_dir_file(vold, proc_net) 127ef80731f20bdafc23eb5bedeb063247933fc8aaJeff Vander Stoepr_dir_file(vold, sysfs_type) 137ef80731f20bdafc23eb5bedeb063247933fc8aaJeff Vander Stoep# XXX Label sysfs files with a specific type? 14dcad0f04cfe423d490019d23528ed9fe1e54b047Tri Voallow vold sysfs:file w_file_perms; # writing to /sys/*/uevent during coldboot. 155b4bea438a4bcb7dd49ab022b46884e3f683dc44Tao Baoallow vold sysfs_dm:file w_file_perms; 167ef80731f20bdafc23eb5bedeb063247933fc8aaJeff Vander Stoepallow vold sysfs_usb:file w_file_perms; 177ef80731f20bdafc23eb5bedeb063247933fc8aaJeff Vander Stoepallow vold sysfs_zram_uevent:file w_file_perms; 187ef80731f20bdafc23eb5bedeb063247933fc8aaJeff Vander Stoep 199306072c97db7aadda86baf1eb402d7e36baf6fcJeff Vander Stoepr_dir_file(vold, rootfs) 205f79b334ff93cf89ab7c6f6c771ca0b5c7d0e2e5Paul Crowleyr_dir_file(vold, metadata_file) 2191d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashmanallow vold { 22aadf611ed9fea53f5b4fe18d361795258ff00c3cJeff Vander Stoep proc # b/67049235 processes /proc/<pid>/* files are mislabeled. 2391d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman proc_cmdline 2491d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman proc_drop_caches 2591d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman proc_filesystems 2691d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman proc_meminfo 2791d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman proc_mounts 2891d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman}:file r_file_perms; 299306072c97db7aadda86baf1eb402d7e36baf6fcJeff Vander Stoep 30c9cf7361c1f5000834f125d287df8d2708b4d634Sandeep Patil#Get file contexts 31c9cf7361c1f5000834f125d287df8d2708b4d634Sandeep Patilallow vold file_contexts_file:file r_file_perms; 32c9cf7361c1f5000834f125d287df8d2708b4d634Sandeep Patil 3384e1c61193cf880ff899c4c34f9140c2e23c7811Jeff Sharkey# Allow us to jump into execution domains of above tools 3484e1c61193cf880ff899c4c34f9140c2e23c7811Jeff Sharkeyallow vold self:process setexec; 3584e1c61193cf880ff899c4c34f9140c2e23c7811Jeff Sharkey 3684e1c61193cf880ff899c4c34f9140c2e23c7811Jeff Sharkey# For sgdisk launched through popen() 3784e1c61193cf880ff899c4c34f9140c2e23c7811Jeff Sharkeyallow vold shell_exec:file rx_file_perms; 38f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkey 3991d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman# For formatting adoptable storage devices 4091d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashmanallow vold e2fs_exec:file rx_file_perms; 4191d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman 427914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichtypeattribute vold mlstrustedsubject; 43273d7ea4ca29fbd71c2b01e69e2c5ebd1253470aStephen Smalleyallow vold self:process setfscreate; 447914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold system_file:file x_file_perms; 45f627e5581c479013e067494c5af71adf13aa260aJeff Vander Stoepnot_full_treble(`allow vold vendor_file:file x_file_perms;') 467914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold block_device:dir create_dir_perms; 477914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold device:dir write; 487914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold devpts:chr_file rw_file_perms; 497914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold rootfs:dir mounton; 50f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkeyallow vold sdcard_type:dir mounton; # TODO: deprecated in M 51f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkeyallow vold sdcard_type:filesystem { mount remount unmount }; # TODO: deprecated in M 52f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkeyallow vold sdcard_type:dir create_dir_perms; # TODO: deprecated in M 53f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkeyallow vold sdcard_type:file create_file_perms; # TODO: deprecated in M 54f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkey 55f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkey# Manage locations where storage is mounted 56f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkeyallow vold { mnt_media_rw_file storage_file sdcard_type }:dir create_dir_perms; 57f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkeyallow vold { mnt_media_rw_file storage_file sdcard_type }:file create_file_perms; 58f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkey 5990c64542a20b23180c36b9bb07b78c1ff06350a1Jeff Sharkey# Access to storage that backs emulated FUSE daemons for migration optimization 6090c64542a20b23180c36b9bb07b78c1ff06350a1Jeff Sharkeyallow vold media_rw_data_file:dir create_dir_perms; 6190c64542a20b23180c36b9bb07b78c1ff06350a1Jeff Sharkeyallow vold media_rw_data_file:file create_file_perms; 6290c64542a20b23180c36b9bb07b78c1ff06350a1Jeff Sharkey 63f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkey# Allow mounting of storage devices 64f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkeyallow vold { mnt_media_rw_stub_file storage_stub_file }:dir { mounton create rmdir getattr setattr }; 65f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkey 66f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkey# Manage per-user primary symlinks 67f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkeyallow vold mnt_user_file:dir create_dir_perms; 68f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkeyallow vold mnt_user_file:lnk_file create_file_perms; 69f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkey 7073d9c2a97b232389ab1dd179ac72c2fbefc5482bJeff Sharkey# Allow to create and mount expanded storage 7173d9c2a97b232389ab1dd179ac72c2fbefc5482bJeff Sharkeyallow vold mnt_expand_file:dir { create_dir_perms mounton }; 7273d9c2a97b232389ab1dd179ac72c2fbefc5482bJeff Sharkeyallow vold apk_data_file:dir { create getattr setattr }; 7373d9c2a97b232389ab1dd179ac72c2fbefc5482bJeff Sharkeyallow vold shell_data_file:dir { create getattr setattr }; 7473d9c2a97b232389ab1dd179ac72c2fbefc5482bJeff Sharkey 757914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold tmpfs:filesystem { mount unmount }; 767914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold tmpfs:dir create_dir_perms; 777914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold tmpfs:dir mounton; 789b2e0cbeeaae560b07e4ffa6e5b8e505699e4a76Benjamin Gordonallow vold self:global_capability_class_set { net_admin dac_override mknod sys_admin chown fowner fsetid }; 79bff9801521abb36a243131114e70f905fb1238efJeff Vander Stoepallow vold self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; 807914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold app_data_file:dir search; 817914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold app_data_file:file rw_file_perms; 82a8e0f76c44af41cbdd5e452a976171ffe379d035Jeff Sharkeyallow vold loop_control_device:chr_file rw_file_perms; 83626f90c541add3560e5eb23cca6c2c9d6cebdcf4Max Biresallow vold loop_device:blk_file { create setattr unlink rw_file_perms }; 84626f90c541add3560e5eb23cca6c2c9d6cebdcf4Max Biresallow vold vold_device:blk_file { create setattr unlink rw_file_perms }; 857914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold dm_device:chr_file rw_file_perms; 86273d7ea4ca29fbd71c2b01e69e2c5ebd1253470aStephen Smalleyallow vold dm_device:blk_file rw_file_perms; 877914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich# For vold Process::killProcessesWithOpenFiles function. 887914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold domain:dir r_dir_perms; 897914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold domain:{ file lnk_file } r_file_perms; 907914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold domain:process { signal sigkill }; 919b2e0cbeeaae560b07e4ffa6e5b8e505699e4a76Benjamin Gordonallow vold self:global_capability_class_set { sys_ptrace kill }; 927914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich 93e2651972c13a2aa3f930f5c39d81d41177387bf0Nick Kralevichallow vold kmsg_device:chr_file rw_file_perms; 947914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich 9567d9932c6744885ee0ef3bab61bbae3b8f16de9bJeff Vander Stoep# Run fsck in the fsck domain. 9667d9932c6744885ee0ef3bab61bbae3b8f16de9bJeff Vander Stoepallow vold fsck_exec:file { r_file_perms execute }; 97cedee697c3683ac267c0933200e6727f0910d2e6Stephen Smalley 983753c816b25447d2eb76aea96030c92b7d962046Nick Kralevich# Log fsck results 993753c816b25447d2eb76aea96030c92b7d962046Nick Kralevichallow vold fscklogs:dir rw_dir_perms; 1003753c816b25447d2eb76aea96030c92b7d962046Nick Kralevichallow vold fscklogs:file create_file_perms; 1013753c816b25447d2eb76aea96030c92b7d962046Nick Kralevich 1027914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich# 1037914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich# Rules to support encrypted fs support. 1047914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich# 1057914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich 1067914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich# Unmount and mount the fs. 10716c889c51f0667c7d063f959922b5c98bcebfd7aMaxallow vold labeledfs:filesystem { mount unmount }; 1087914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich 1097914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich# Access /efs/userdata_footer. 1107914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich# XXX Split into a separate type? 1117914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold efs_file:file rw_file_perms; 1127914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich 11373d9c2a97b232389ab1dd179ac72c2fbefc5482bJeff Sharkey# Create and mount on /data/tmp_mnt and management of expansion mounts 11473d9c2a97b232389ab1dd179ac72c2fbefc5482bJeff Sharkeyallow vold system_data_file:dir { create rw_dir_perms mounton setattr rmdir }; 1152b75437dc82b43d8e9c3cbda8bd92452968d6071Jeff Vander Stoepallow vold system_data_file:lnk_file getattr; 1162b75437dc82b43d8e9c3cbda8bd92452968d6071Jeff Vander Stoep 117d25ccabd24339938b6b3bb93cb3cb96b4aa55958Jeff Vander Stoep# Vold create users in /data/vendor_{ce,de}/[0-9]+ 118d25ccabd24339938b6b3bb93cb3cb96b4aa55958Jeff Vander Stoepallow vold vendor_data_file:dir create_dir_perms; 119d25ccabd24339938b6b3bb93cb3cb96b4aa55958Jeff Vander Stoep 1202b75437dc82b43d8e9c3cbda8bd92452968d6071Jeff Vander Stoep# for secdiscard 1212b75437dc82b43d8e9c3cbda8bd92452968d6071Jeff Vander Stoepallow vold system_data_file:file read; 1227914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich 1237914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich# Set scheduling policy of kernel processes 1247914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold kernel:process setsched; 1257914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich 1267914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich# Property Service 1272f5a6a96bdc284dc070a2c222243dd8e19edb9efWilliam Robertsset_prop(vold, vold_prop) 128e49714542ee846a7b14c8edb78303ec94cb4836eJaekyun Seokset_prop(vold, exported_vold_prop) 129e49714542ee846a7b14c8edb78303ec94cb4836eJaekyun Seokset_prop(vold, exported2_vold_prop) 1302f5a6a96bdc284dc070a2c222243dd8e19edb9efWilliam Robertsset_prop(vold, powerctl_prop) 1312f5a6a96bdc284dc070a2c222243dd8e19edb9efWilliam Robertsset_prop(vold, ctl_fuse_prop) 1327617cd48b7b67bfacab5f574064a1f3d2a4f82e1Jeff Sharkeyset_prop(vold, restorecon_prop) 1337914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich 1347914a47f05ac4f00928062d08275fe4680f1747cNick Kralevich# ASEC 1357914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold asec_image_file:file create_file_perms; 1367914a47f05ac4f00928062d08275fe4680f1747cNick Kralevichallow vold asec_image_file:dir rw_dir_perms; 137f063f461a9e5b6049f3516e48806b6a87848ac1aJeff Sharkeyallow vold asec_apk_file:dir { create_dir_perms mounton relabelfrom relabelto }; 13848b18832c476f0bd8fcb8ee3e308258392f36aafRobert Craigallow vold asec_public_file:dir { relabelto setattr }; 139f85c1fc293523db241c48d815b165067b8a0f471Stephen Smalleyallow vold asec_apk_file:file { r_file_perms setattr relabelfrom relabelto }; 14048b18832c476f0bd8fcb8ee3e308258392f36aafRobert Craigallow vold asec_public_file:file { relabelto setattr }; 141f85c1fc293523db241c48d815b165067b8a0f471Stephen Smalley# restorecon files in asec containers created on 4.2 or earlier. 142f85c1fc293523db241c48d815b165067b8a0f471Stephen Smalleyallow vold unlabeled:dir { r_dir_perms setattr relabelfrom }; 143f85c1fc293523db241c48d815b165067b8a0f471Stephen Smalleyallow vold unlabeled:file { r_file_perms setattr relabelfrom }; 1443753c816b25447d2eb76aea96030c92b7d962046Nick Kralevich 1453753c816b25447d2eb76aea96030c92b7d962046Nick Kralevich# Handle wake locks (used for device encryption) 1468599e34b95705638034b798c56bc2cc8bb2e6372Nick Kralevichwakelock_use(vold) 14701ba6834c10f5839371385b224a78c04e1351202Paul Lawrence 14891d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman# Allow vold to publish a binder service and make binder calls. 14901ba6834c10f5839371385b224a78c04e1351202Paul Lawrencebinder_use(vold) 15091d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashmanadd_service(vold, vold_service) 15191d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman 15291d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman# Allow vold to call into the system server so it can check permissions. 15391d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashmanbinder_call(vold, system_server) 15491d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashmanallow vold permission_service:service_manager find; 15591d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman 15691d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman# talk to batteryservice 15701ba6834c10f5839371385b224a78c04e1351202Paul Lawrencebinder_call(vold, healthd) 158d7567118e92c7482d6a70c33d78af4cee2ddaef1Paul Lawrence 159d7567118e92c7482d6a70c33d78af4cee2ddaef1Paul Lawrence# talk to keymaster 160f7543d27b8371107ed69d9a1900c21954a77b6a4Alex Klyubinhal_client_domain(vold, hal_keymaster) 161d7567118e92c7482d6a70c33d78af4cee2ddaef1Paul Lawrence 162dd053a9b891195439b1c0848cb0e8a6e17b4b9bcStephen Smalley# Access userdata block device. 163dd053a9b891195439b1c0848cb0e8a6e17b4b9bcStephen Smalleyallow vold userdata_block_device:blk_file rw_file_perms; 164273d7ea4ca29fbd71c2b01e69e2c5ebd1253470aStephen Smalley 165273d7ea4ca29fbd71c2b01e69e2c5ebd1253470aStephen Smalley# Access metadata block device used for encryption meta-data. 166273d7ea4ca29fbd71c2b01e69e2c5ebd1253470aStephen Smalleyallow vold metadata_block_device:blk_file rw_file_perms; 16738af1da10785c3c4056e148652d565a7187614eaPaul Lawrence 168e2c0c9de7b99ed5cd2349e0585284fd6a0ad768aPaul Lawrence# Allow vold to manipulate /data/unencrypted 169e2c0c9de7b99ed5cd2349e0585284fd6a0ad768aPaul Lawrenceallow vold unencrypted_data_file:{ file } create_file_perms; 17038af1da10785c3c4056e148652d565a7187614eaPaul Lawrenceallow vold unencrypted_data_file:dir create_dir_perms; 1714423ecdb093abefecfc208824f2ae9d66eeae873Jeff Sharkey 172c960596cc346a94d15dcfff51a7e25ddf4edbd19Jeff Sharkey# Write to /proc/sys/vm/drop_caches 173c960596cc346a94d15dcfff51a7e25ddf4edbd19Jeff Sharkeyallow vold proc_drop_caches:file w_file_perms; 174c960596cc346a94d15dcfff51a7e25ddf4edbd19Jeff Sharkey 1754423ecdb093abefecfc208824f2ae9d66eeae873Jeff Sharkey# Give vold a place where only vold can store files; everyone else is off limits 176c960596cc346a94d15dcfff51a7e25ddf4edbd19Jeff Sharkeyallow vold vold_data_file:dir create_dir_perms; 1774423ecdb093abefecfc208824f2ae9d66eeae873Jeff Sharkeyallow vold vold_data_file:file create_file_perms; 1784423ecdb093abefecfc208824f2ae9d66eeae873Jeff Sharkey 179d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley# And a similar place in the metadata partition 180d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowleyallow vold vold_metadata_file:dir create_dir_perms; 181d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowleyallow vold vold_metadata_file:file create_file_perms; 182d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley 183e2c0c9de7b99ed5cd2349e0585284fd6a0ad768aPaul Lawrence# linux keyring configuration 184e2c0c9de7b99ed5cd2349e0585284fd6a0ad768aPaul Lawrenceallow vold init:key { write search setattr }; 185e2c0c9de7b99ed5cd2349e0585284fd6a0ad768aPaul Lawrenceallow vold vold:key { write search setattr }; 186e2c0c9de7b99ed5cd2349e0585284fd6a0ad768aPaul Lawrence 187769b96f2e361fa9a27895be6a7bcad5a2a4811f4Jeff Sharkey# vold temporarily changes its priority when running benchmarks 1889b2e0cbeeaae560b07e4ffa6e5b8e505699e4a76Benjamin Gordonallow vold self:global_capability_class_set sys_nice; 189769b96f2e361fa9a27895be6a7bcad5a2a4811f4Jeff Sharkey 1906b75d099e17dad2cf691e0a31a084d4d15d5b5abJeff Sharkey# vold needs to chroot into app namespaces to remount when runtime permissions change 1919b2e0cbeeaae560b07e4ffa6e5b8e505699e4a76Benjamin Gordonallow vold self:global_capability_class_set sys_chroot; 1926b75d099e17dad2cf691e0a31a084d4d15d5b5abJeff Sharkeyallow vold storage_file:dir mounton; 1936b75d099e17dad2cf691e0a31a084d4d15d5b5abJeff Sharkey 194a20802ddb87befbbd80d19e0a206aeb493528319Daichi Hirono# For AppFuse. 195a20802ddb87befbbd80d19e0a206aeb493528319Daichi Hironoallow vold fuse_device:chr_file rw_file_perms; 196e178ac5a7147f6f808844ab9ba4f0d6eb948cb88Daichi Hironoallow vold fuse:filesystem { relabelfrom }; 197e178ac5a7147f6f808844ab9ba4f0d6eb948cb88Daichi Hironoallow vold app_fusefs:filesystem { relabelfrom relabelto }; 198e178ac5a7147f6f808844ab9ba4f0d6eb948cb88Daichi Hironoallow vold app_fusefs:filesystem { mount unmount }; 199a20802ddb87befbbd80d19e0a206aeb493528319Daichi Hirono 200d1f8f731ea5c35316c8349c31ff9723e52ba7e52Jeff Vander Stoep# MoveTask.cpp executes cp and rm 201d1f8f731ea5c35316c8349c31ff9723e52ba7e52Jeff Vander Stoepallow vold toolbox_exec:file rx_file_perms; 202d1f8f731ea5c35316c8349c31ff9723e52ba7e52Jeff Vander Stoep 20389625c9a6488d01466e5b21856f8fdede047f128Calin Juravle# Prepare profile dir for users. 20489625c9a6488d01466e5b21856f8fdede047f128Calin Juravleallow vold user_profile_data_file:dir create_dir_perms; 20589625c9a6488d01466e5b21856f8fdede047f128Calin Juravle 206c1a23d04977ed2f073eaf25a86f739ab1d3ce9deYabin Cui# Raw writes to misc block device 207c1a23d04977ed2f073eaf25a86f739ab1d3ce9deYabin Cuiallow vold misc_block_device:blk_file w_file_perms; 208c1a23d04977ed2f073eaf25a86f739ab1d3ce9deYabin Cui 209d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowleyneverallow { 210d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley domain 211d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -vold 212d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -vold_prepare_subdirs 213d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley} vold_data_file:dir ~{ open create read getattr setattr search relabelto ioctl }; 214d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley 215d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowleyneverallow { 216d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley domain 217d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -init 218d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -vold 219d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -vold_prepare_subdirs 220d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley} vold_data_file:dir *; 221d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley 222d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowleyneverallow { 223d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley domain 224d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -init 225d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -vendor_init 226d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -vold 227d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley} vold_metadata_file:dir *; 228d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley 229d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowleyneverallow { 230d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley domain 231d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -kernel 232d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -vold 233d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -vold_prepare_subdirs 234d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley} vold_data_file:notdevfile_class_set ~{ relabelto getattr }; 235d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley 236d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowleyneverallow { 237d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley domain 238d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -init 239d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -vold 240d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -vold_prepare_subdirs 241d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley} vold_metadata_file:notdevfile_class_set ~{ relabelto getattr }; 242d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley 243d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowleyneverallow { 244d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley domain 245d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -init 246d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -kernel 247597be44e9628eea56724e0ec576eebc2f0224d2aJoel Galenson -vendor_init 248d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -vold 249d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley -vold_prepare_subdirs 250d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley} { vold_data_file vold_metadata_file }:notdevfile_class_set *; 251d9a4e06ec59025a32a80b343ef8aa47eb7ddb308Paul Crowley 2527617cd48b7b67bfacab5f574064a1f3d2a4f82e1Jeff Sharkeyneverallow { domain -vold -init } restorecon_prop:property_service set; 25367d9932c6744885ee0ef3bab61bbae3b8f16de9bJeff Vander Stoep 25491d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman# Only system_server and vdc can interact with vold over binder 25591d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashmanneverallow { domain -system_server -vdc -vold } vold_service:service_manager find; 25691d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashmanneverallow vold { 25791d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman domain 2586a28b68d5479bb51035fb878f9bb3e7019d65180Jeff Vander Stoep -hal_keymaster_server 25991d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman -healthd 26091d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman -hwservicemanager 26191d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman -servicemanager 26291d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman -system_server 26391d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman userdebug_or_eng(`-su') 26491d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman}:binder call; 26591d398d802b4fbd33c2b88da9f56ecee8bdc363cDan Cashman 26667d9932c6744885ee0ef3bab61bbae3b8f16de9bJeff Vander Stoepneverallow vold fsck_exec:file execute_no_trans; 267acb4871ff320f0e3c0745cc25fbc5cf78421960dPeter Enderborgneverallow { domain -init } vold:process { transition dyntransition }; 268f295758caeab2628d671d06d983088eaf25a493cPeter Enderborgneverallow vold *:process ptrace; 269f295758caeab2628d671d06d983088eaf25a493cPeter Enderborgneverallow vold *:rawip_socket *; 270