diff options
author | Adnan Begovic <adnan@cyngn.com> | 2015-10-15 11:06:53 -0700 |
---|---|---|
committer | Adnan Begovic <adnan@cyngn.com> | 2015-10-15 11:06:53 -0700 |
commit | edb21bcd85d86435b58f8f679cb988182b6bbc29 (patch) | |
tree | 41f25669e58c34351a0ba05f23784aa0d71a3cc4 /kernel.te | |
parent | 126d57e0a86e568d0039c72f046ebf9eada3bb06 (diff) | |
parent | 86c188f70d5a1db93cfcef97bafe9a97cc4bc726 (diff) | |
download | android_external_sepolicy-edb21bcd85d86435b58f8f679cb988182b6bbc29.tar.gz android_external_sepolicy-edb21bcd85d86435b58f8f679cb988182b6bbc29.tar.bz2 android_external_sepolicy-edb21bcd85d86435b58f8f679cb988182b6bbc29.zip |
Merge remote-tracking branch 'upstream/marshmallow-release', tag 'android-6.0.0_r1' into HEAD
Android 6.0.0 release 1
Change-Id: Iccee3137d91fb86555abe4596e356cc6c2a2ce47
Diffstat (limited to 'kernel.te')
-rw-r--r-- | kernel.te | 47 |
1 files changed, 29 insertions, 18 deletions
@@ -1,41 +1,48 @@ # Life begins with the kernel. -type kernel, domain; +type kernel, domain, mlstrustedsubject; -# Run /init before we have switched domains. -allow kernel rootfs:file execute_no_trans; +allow kernel self:capability sys_nice; -# setcon to init domain. -allow kernel self:process setcurrent; -allow kernel init:process dyntransition; - -# The kernel is unconfined. -unconfined_domain(kernel) +# Allow init relabel itself. +allow kernel rootfs:file relabelfrom; +allow kernel init_exec:file relabelto; +# TODO: investigate why we need this. +allow kernel init:process share; # cgroup filesystem initialization prior to setting the cgroup root directory label. allow kernel unlabeled:dir search; # Mount usbfs. allow kernel usbfs:filesystem mount; - -# init direct restorecon calls prior to switching to init domain -# /dev and /dev/socket -allow kernel { device socket_device }:dir relabelto; -# /dev/__properties__ -allow kernel properties_device:file relabelto; -# /sys -allow kernel sysfs:{ dir file lnk_file } relabelfrom; -allow kernel sysfs_type:{ dir file lnk_file } relabelto; +allow kernel usbfs:dir search; # Initial setenforce by init prior to switching to init domain. # We use dontaudit instead of allow to prevent a kernel spawned userspace # process from turning off SELinux once enabled. dontaudit kernel self:security setenforce; +# Write to /proc/1/oom_adj prior to switching to init domain. +allow kernel self:capability sys_resource; + +# Init reboot before switching selinux domains under certain error +# conditions. Allow it. +# As part of rebooting, init writes "u" to /proc/sysrq-trigger to +# remount filesystems read-only. /data is not mounted at this point, +# so we could ignore this. For now, we allow it. +allow kernel self:capability sys_boot; +allow kernel proc_sysrq:file w_file_perms; + +# Allow writing to /dev/__kmsg__ which was created prior to +# loading policy +allow kernel tmpfs:chr_file write; + # Set checkreqprot by init.rc prior to switching to init domain. +allow kernel selinuxfs:file write; allow kernel self:security setcheckreqprot; # MTP sync (b/15835289) # kernel thread "loop0", used by the loop block device, for ASECs (b/17158723) +allow kernel untrusted_app:fd use; allow kernel sdcard_type:file { read write }; # Allow the kernel to read OBB files from app directories. (b/17428116) @@ -43,7 +50,11 @@ allow kernel sdcard_type:file { read write }; # Fixes CTS tests: # * android.os.storage.cts.StorageManagerTest#testMountAndUnmountObbNormal # * android.os.storage.cts.StorageManagerTest#testMountAndUnmountTwoObbs +allow kernel vold:fd use; allow kernel app_data_file:file read; +allow kernel asec_image_file:file read; + +domain_auto_trans(kernel, init_exec, init) ### ### neverallow rules |