Google Git
Sign in
android / device / moto / shamu / f2ebfe3f4e1e1bc8aa9dd7e900d3638ecf835627^! / .
commitf2ebfe3f4e1e1bc8aa9dd7e900d3638ecf835627[log] [tgz]
authorNick Kralevich <nnk@google.com>Mon May 18 11:02:51 2015 -0700
committerNick Kralevich <nnk@google.com>Mon May 18 11:11:15 2015 -0700
tree3db14623c36a18638a5f3b6cf080a1ef1bd02861
parent522b95de73815f7bbfe749637999f3fb4f50a638 [diff]
Allow untrusted_app access to /data/adspd/*

Something has changed in the Motorola enrollment app. Since this
app runs in untrusted_app, we need to grant untrusted_app read-only
access to /data/adspd.

While I'm here, get rid of the auditallow statements. These statements
are designed to detect whether the allow rule is actually being triggered.
It's clear it is. Until we can get around to fixing this, don't generate
unnecessary selinux log messages.

TODO: Revisit putting the Motorola enrollment app into it's own
SELinux domain. Also, we need to remove untrusted apps access to
/dev/socket/adspdsock

Addresses the following denials:

05-15 19:30:40.971  6354  6354 W com.motorola.triggerenroll: type=1400 audit(0.0:68): avc: denied { search } for comm=4453502066772055706461746572 name="adspd" dev="dm-1" ino=261121 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:adspd_data_file:s0 tclass=dir permissive=0
05-15 19:30:40.971  6354  6354 W com.motorola.triggerenroll: type=1400 audit(0.0:69): avc: denied { search } for comm=4453502066772055706461746572 name="adspd" dev="dm-1" ino=261121 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:adspd_data_file:s0 tclass=dir permissive=0
05-15 19:30:40.971  6354  6354 W com.motorola.triggerenroll: type=1400 audit(0.0:70): avc: denied { search } for comm=4453502066772055706461746572 name="adspd" dev="dm-1" ino=261121 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:adspd_data_file:s0 tclass=dir permissive=0

Bug: 20951546
Change-Id: I22fc122b2d22a300e549be4934bd6d12bf366650

diff --git a/sepolicy/file.te b/sepolicy/file.te
index b6327ab..e8d2bff 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te

@@ -19,7 +19,7 @@
 type gsiffd_data_file, data_file_type, file_type;
 type quipc_data_file, data_file_type, file_type;
 type dropbox_data_file, file_type, data_file_type;
-type adspd_data_file, file_type, data_file_type;
+type adspd_data_file, file_type, data_file_type, mlstrustedobject;
 type audio_cutback_data_file, file_type, data_file_type;
 
 type sysfs_rmnet, fs_type, sysfs_type;

diff --git a/sepolicy/untrusted_app.te b/sepolicy/untrusted_app.te
index 397a074..284a442 100644
--- a/sepolicy/untrusted_app.te
+++ b/sepolicy/untrusted_app.te

@@ -4,5 +4,8 @@
 # b/17630431: The unix_socket_connect line above needs to be
 # deleted. Generate audit entries to see if these permissions
 # are actually being used.
-auditallow untrusted_app adspd_socket:sock_file write;
-auditallow untrusted_app adspd:unix_stream_socket connectto;
+# auditallow untrusted_app adspd_socket:sock_file write;
+# auditallow untrusted_app adspd:unix_stream_socket connectto;
+
+allow untrusted_app adspd_data_file:dir r_dir_perms;
+allow untrusted_app adspd_data_file:file r_file_perms;