| # aconfigd -- manager for aconfig flags |
| type aconfigd, domain, coredomain, mlstrustedsubject; |
| type aconfigd_exec, exec_type, file_type, system_file_type; |
| |
| init_daemon_domain(aconfigd) |
| |
| allow aconfigd metadata_file:dir search; |
| |
| allow aconfigd { |
| aconfig_storage_metadata_file |
| aconfig_storage_flags_metadata_file |
| }:dir create_dir_perms; |
| |
| allow aconfigd { |
| aconfig_storage_metadata_file |
| aconfig_storage_flags_metadata_file |
| }:file create_file_perms; |
| |
| # allow aconfigd to access shell_data_file for atest |
| userdebug_or_eng(` |
| allow aconfigd shell_data_file:dir search; |
| allow aconfigd shell_data_file:file { getattr read open map }; |
| ') |
| |
| # allow aconfigd to log to the kernel dmesg via a file descriptor |
| # passed from init to aconfigd |
| allow aconfigd kmsg_device:chr_file write; |
| |
| # allow aconfigd to read vendor partition storage files |
| allow aconfigd vendor_aconfig_storage_file:file r_file_perms; |
| allow aconfigd vendor_aconfig_storage_file:dir r_dir_perms; |
| |
| # allow aconfigd to read /apex dir |
| allow aconfigd apex_mnt_dir:dir r_dir_perms; |
| allow aconfigd apex_mnt_dir:file r_file_perms; |
| dontaudit aconfigd apex_info_file:file r_file_perms; |
| |
| ### |
| ### Neverallow assertions |
| ### |
| |
| # only init is allowed to enter the aconfigd domain |
| neverallow { domain -init } aconfigd:process transition; |
| neverallow * aconfigd:process dyntransition; |