| Inseob Kim | ff43be2 | 2021-06-07 16:56:56 +0900 | [diff] [blame^] | 1 | # viewcompiler |
| 2 | type viewcompiler, domain, coredomain, mlstrustedsubject; |
| 3 | type viewcompiler_exec, system_file_type, exec_type, file_type; |
| 4 | type viewcompiler_tmpfs, file_type; |
| 5 | |
| 6 | # Reading an APK opens a ZipArchive, which unpack to tmpfs. |
| 7 | # Use tmpfs_domain() which will give tmpfs files created by viewcompiler their |
| 8 | # own label, which differs from other labels created by other processes. |
| 9 | # This allows to distinguish in policy files created by viewcompiler vs other |
| 10 | # processes. |
| 11 | tmpfs_domain(viewcompiler) |
| 12 | |
| 13 | allow viewcompiler installd:fd use; |
| 14 | |
| 15 | # Include write permission for app data files so viewcompiler can generate |
| 16 | # compiled layout dex files |
| 17 | allow viewcompiler app_data_file:file { getattr write }; |
| 18 | |
| 19 | # Allow the view compiler to read resources from the apps APK. |
| 20 | allow viewcompiler apk_data_file:file { read map }; |
| 21 | |
| 22 | # priv-apps are moving to a world where they can only execute |
| 23 | # signed code. Make sure viewcompiler never can write to privapp |
| 24 | # directories to avoid introducing unsigned executable code |
| 25 | neverallow viewcompiler privapp_data_file:file no_w_file_perms; |