Add sepolicy for starting the snapuserd daemon through init. Restrict access to controlling snapuserd via ctl properties. Allow update_engine to control snapuserd, and connect/write to its socket. update_engine needs this access so it can create the appropriate dm-user device (which sends queries to snapuserd), which is then used to build the update snapshot. This also fixes a bug where /dev/dm-user was not properly labelled. As a result, snapuserd and update_engine have been granted r_dir_perms to dm_user_device. Bug: 168554689 Test: full ota with VABC enabled Change-Id: I1f65ba9f16a83fe3e8ed41a594421939a256aec0

commit: 09bb944221a1e3adeed14eb110895fca2f9b347d [log] [tgz]
author: David Anderson <dvander@google.com> Fri Nov 13 00:45:59 2020 -0800
committer: David Anderson <dvander@google.com> Thu Nov 19 21:03:30 2020 +0000
tree: 95baab6523c956c31e448067f7535bfeb392010b
parent: 5d6020d9f5a60e92a8ec7109344145f3d4ab533d [diff] [blame]
diff --git a/private/property_contexts b/private/property_contexts
index e136dc9..5750acc 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -172,6 +172,11 @@
 # Restrict access to restart dumpstate
 ctl.interface_restart$android.hardware.dumpstate u:object_r:ctl_dumpstate_prop:s0
 
+# Restrict access to control snapuserd
+ctl.start$snapuserd     u:object_r:ctl_snapuserd_prop:s0
+ctl.stop$snapuserd      u:object_r:ctl_snapuserd_prop:s0
+ctl.restart$snapuserd   u:object_r:ctl_snapuserd_prop:s0
+
 # NFC properties
 nfc.                    u:object_r:nfc_prop:s0
commit	09bb944221a1e3adeed14eb110895fca2f9b347d	[log] [tgz]
author	David Anderson <dvander@google.com>	Fri Nov 13 00:45:59 2020 -0800
committer	David Anderson <dvander@google.com>	Thu Nov 19 21:03:30 2020 +0000
tree	95baab6523c956c31e448067f7535bfeb392010b
parent	5d6020d9f5a60e92a8ec7109344145f3d4ab533d [diff] [blame]