merge in nyc-release history after reset to nyc-dev

commit: fedb034e24411b39d40512acfb1efe2fec7894df [log] [tgz]
author: The Android Automerger <android-build@google.com> Thu Feb 25 00:00:52 2016 -0800
committer: The Android Automerger <android-build@google.com> Thu Feb 25 00:00:52 2016 -0800
tree: 7b4db26659dc60648f06ae84f174ce5c492ca587
parent: e0323c63dc549e2fa51c9571e12be6b2596efde4 [diff]
parent: 8549e18d6498d443104a9edacde28dc17a8e1656 [diff]
diff --git a/audioserver.te b/audioserver.te
index f53b824..0865497 100644
--- a/audioserver.te
+++ b/audioserver.te

@@ -1,10 +1,7 @@
 # audioserver - audio services daemon
-type audioserver, domain, domain_deprecated;
+type audioserver, domain;
 type audioserver_exec, exec_type, file_type;
 
-typeattribute audioserver mlstrustedsubject;
-
-net_domain(audioserver)
 init_daemon_domain(audioserver)
 
 r_dir_file(audioserver, sdcard_type)
@@ -14,108 +11,35 @@
 binder_call(audioserver, { appdomain autoplay_app })
 binder_service(audioserver)
 
-# Read access to pseudo filesystems.
 r_dir_file(audioserver, proc)
+allow audioserver ion_device:chr_file r_file_perms;
+allow audioserver system_file:dir r_dir_perms;
 
-# Required by Widevine DRM (b/22990512)
-allow audioserver self:process execmem;
+# used for TEE sink - pcm capture for debug.
+userdebug_or_eng(`
+  allow audioserver media_data_file:dir create_dir_perms;
+  allow audioserver audioserver_data_file:dir create_dir_perms;
+  allow audioserver audioserver_data_file:file create_file_perms;
+')
 
-allow audioserver kernel:system module_request;
-allow audioserver media_data_file:dir create_dir_perms;
-allow audioserver media_data_file:file create_file_perms;
-allow audioserver app_data_file:dir search;
-allow audioserver app_data_file:file rw_file_perms;
-allow audioserver sdcard_type:file write;
-allow audioserver gpu_device:chr_file rw_file_perms;
-allow audioserver video_device:dir r_dir_perms;
-allow audioserver video_device:chr_file rw_file_perms;
 allow audioserver audio_device:dir r_dir_perms;
-allow audioserver tee_device:chr_file rw_file_perms;
-
-set_prop(audioserver, audio_prop)
-
-# Access audio devices at all.
 allow audioserver audio_device:chr_file rw_file_perms;
 
-# XXX Label with a specific type?
-allow audioserver sysfs:file r_file_perms;
-
-# Read resources from open apk files passed over Binder.
-allow audioserver apk_data_file:file { read getattr };
-allow audioserver asec_apk_file:file { read getattr };
-
-# Read /data/data/com.android.providers.telephony files passed over Binder.
-allow audioserver radio_data_file:file { read getattr };
-
-# Use pipes passed over Binder from app domains.
-allow audioserver { appdomain autoplay_app }:fifo_file { getattr read write };
-
-# Access camera device.
-allow audioserver rpmsg_device:chr_file rw_file_perms;
-
-# Inter System processes communicate over named pipe (FIFO)
-allow audioserver system_server:fifo_file r_file_perms;
-
-# Camera data
-r_dir_file(audioserver, camera_data_file)
-r_dir_file(audioserver, media_rw_data_file)
+allow audioserver audioserver_service:service_manager { add find };
+allow audioserver appops_service:service_manager find;
+allow audioserver batterystats_service:service_manager find;
+allow audioserver permission_service:service_manager find;
+allow audioserver power_service:service_manager find;
+allow audioserver scheduling_policy_service:service_manager find;
 
 # Grant access to audio files to audioserver
 allow audioserver audio_data_file:dir ra_dir_perms;
 allow audioserver audio_data_file:file create_file_perms;
 
-# Read/[write] to /proc/net/xt_qtaguid/ctrl and /dev/xt_qtaguid
-allow audioserver qtaguid_proc:file rw_file_perms;
-allow audioserver qtaguid_device:chr_file r_file_perms;
-
-# Allow abstract socket connection
-allow audioserver rild:unix_stream_socket { connectto read write setopt };
-
-# Needed on some devices for playing DRM protected content,
-# but seems expected and appropriate for all devices.
-unix_socket_connect(audioserver, drmserver, drmserver)
-
 # Needed on some devices for playing audio on paired BT device,
 # but seems appropriate for all devices.
 unix_socket_connect(audioserver, bluetooth, bluetooth)
 
-# Connect to tee service.
-allow audioserver tee:unix_stream_socket connectto;
-
-allow audioserver activity_service:service_manager find;
-allow audioserver appops_service:service_manager find;
-allow audioserver audioserver_service:service_manager { add find };
-allow audioserver cameraproxy_service:service_manager find;
-allow audioserver batterystats_service:service_manager find;
-allow audioserver drmserver_service:service_manager find;
-allow audioserver mediaextractor_service:service_manager find;
-allow audioserver mediaserver_service:service_manager find;
-allow audioserver permission_service:service_manager find;
-allow audioserver power_service:service_manager find;
-allow audioserver processinfo_service:service_manager find;
-allow audioserver scheduling_policy_service:service_manager find;
-allow audioserver surfaceflinger_service:service_manager find;
-
-# /oem access
-allow audioserver oemfs:dir search;
-allow audioserver oemfs:file r_file_perms;
-
-use_drmservice(audioserver)
-allow audioserver drmserver:drmservice {
-    consumeRights
-    setPlaybackStatus
-    openDecryptSession
-    closeDecryptSession
-    initializeDecryptUnit
-    decrypt
-    finalizeDecryptUnit
-    pread
-};
-
-# only allow unprivileged socket ioctl commands
-allowxperm audioserver self:{ rawip_socket tcp_socket udp_socket }
-  ioctl { unpriv_sock_ioctls unpriv_tty_ioctls };
-
 ###
 ### neverallow rules
 ###
@@ -124,5 +48,3 @@
 # domain transition
 neverallow audioserver { file_type fs_type }:file execute_no_trans;
 
-# do not allow privileged socket ioctl commands
-neverallowxperm audioserver domain:{ rawip_socket tcp_socket udp_socket } ioctl priv_sock_ioctls;

diff --git a/domain_deprecated.te b/domain_deprecated.te
index ed88cca..4da7a31 100644
--- a/domain_deprecated.te
+++ b/domain_deprecated.te

@@ -57,6 +57,7 @@
 r_dir_file(domain_deprecated, sysfs)
 r_dir_file(domain_deprecated, inotify)
 r_dir_file(domain_deprecated, cgroup)
+r_dir_file(domain_deprecated, proc_meminfo)
 r_dir_file(domain_deprecated, proc_net)
 
 # Get SELinux enforcing status.

diff --git a/file.te b/file.te
index 7efa324..1efdc58 100644
--- a/file.te
+++ b/file.te

@@ -14,6 +14,7 @@
 type proc_bluetooth_writable, fs_type;
 type proc_cpuinfo, fs_type;
 type proc_iomem, fs_type;
+type proc_meminfo, fs_type;
 type proc_net, fs_type;
 type proc_sysrq, fs_type;
 type proc_uid_cputime_showstat, fs_type;
@@ -117,6 +118,7 @@
 # /data/misc subdirectories
 type adb_keys_file, file_type, data_file_type;
 type audio_data_file, file_type, data_file_type;
+type audioserver_data_file, file_type, data_file_type;
 type bluetooth_data_file, file_type, data_file_type;
 type bootstat_data_file, file_type, data_file_type;
 type boottrace_data_file, file_type, data_file_type;

diff --git a/file_contexts b/file_contexts
index 3b495ec..e94c95e 100644
--- a/file_contexts
+++ b/file_contexts

@@ -260,6 +260,7 @@
 # Misc data
 /data/misc/adb(/.*)?            u:object_r:adb_keys_file:s0
 /data/misc/audio(/.*)?          u:object_r:audio_data_file:s0
+/data/misc/audioserver(/.*)?    u:object_r:audioserver_data_file:s0
 /data/misc/bootstat(/.*)?       u:object_r:bootstat_data_file:s0
 /data/misc/boottrace(/.*)?      u:object_r:boottrace_data_file:s0
 /data/misc/bluetooth(/.*)?      u:object_r:bluetooth_data_file:s0

diff --git a/genfs_contexts b/genfs_contexts
index 3f865c4..2700a94 100644
--- a/genfs_contexts
+++ b/genfs_contexts

@@ -3,6 +3,7 @@
 # proc labeling can be further refined (longest matching prefix).
 genfscon proc / u:object_r:proc:s0
 genfscon proc /iomem u:object_r:proc_iomem:s0
+genfscon proc /meminfo u:object_r:proc_meminfo:s0
 genfscon proc /net u:object_r:proc_net:s0
 genfscon proc /net/xt_qtaguid/ctrl u:object_r:qtaguid_proc:s0
 genfscon proc /cpuinfo u:object_r:proc_cpuinfo:s0

diff --git a/surfaceflinger.te b/surfaceflinger.te
index 8fb6463..2164010 100644
--- a/surfaceflinger.te
+++ b/surfaceflinger.te

@@ -53,7 +53,6 @@
 
 
 # media.player service
-allow surfaceflinger audioserver_service:service_manager find;
 allow surfaceflinger mediaserver_service:service_manager find;
 allow surfaceflinger permission_service:service_manager find;
 allow surfaceflinger power_service:service_manager find;

diff --git a/untrusted_app.te b/untrusted_app.te
index 189f3c5..d5abe17 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te

@@ -94,10 +94,11 @@
 # for files. Suppress the denials when they occur.
 dontaudit untrusted_app exec_type:file getattr;
 
-# TODO: access of /proc/meminfo, give specific label or switch to
-# using meminfo service
-allow untrusted_app proc:file r_file_perms;
+# TODO: switch to meminfo service
+allow untrusted_app proc_meminfo:file r_file_perms;
+
 # https://code.google.com/p/chromium/issues/detail?id=586021
+allow untrusted_app proc:file r_file_perms;
 auditallow untrusted_app proc:file r_file_perms;
 # access /proc/net/xt_qtguid/stats
 r_dir_file(untrusted_app, proc_net)
commit	fedb034e24411b39d40512acfb1efe2fec7894df	[log] [tgz]
author	The Android Automerger <android-build@google.com>	Thu Feb 25 00:00:52 2016 -0800
committer	The Android Automerger <android-build@google.com>	Thu Feb 25 00:00:52 2016 -0800
tree	7b4db26659dc60648f06ae84f174ce5c492ca587
parent	e0323c63dc549e2fa51c9571e12be6b2596efde4 [diff]
parent	8549e18d6498d443104a9edacde28dc17a8e1656 [diff]