Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 18988fcce30737b4e126b3f5e4562b0a52450536^! / . / private
commit18988fcce30737b4e126b3f5e4562b0a52450536[log] [tgz]
authorJoshua Duong <joshuaduong@google.com>Wed Feb 12 10:18:10 2020 -0800
committerJoshua Duong <joshuaduong@google.com>Thu Feb 20 07:52:34 2020 -0800
tree81dd58c23157082c16df4e387cc0da10e31f2380
parentfa60d7fc6081cef168804c0bf574ae507c803300 [diff]
Add adbd_prop, system_adbd_prop property types.

service.adb.tls.port contains the adbd tcp port running the TLS server.
persist.sys.adb.wifi tells adbd when to enable the TLS server.

Bug: 149348431
Bug: 111434128

Test: Enable wireless debugging, check if TLS port information is
displayed in the Developer options > Wireless debuggging.
Change-Id: I5b5c5a3d064bc003f41386ede9051609fefec53e

diff --git a/private/adbd.te b/private/adbd.te
index dee3c9b..89fa1f9 100644
--- a/private/adbd.te
+++ b/private/adbd.te

@@ -87,6 +87,9 @@
 set_prop(adbd, ffs_prop)
 set_prop(adbd, exported_ffs_prop)
 
+# Set service.adb.tls.port, persist.adb.wifi. properties
+set_prop(adbd, adbd_prop)
+
 # Access device logging gating property
 get_prop(adbd, device_logging_prop)
 
@@ -96,6 +99,9 @@
 # Read whether or not Test Harness Mode is enabled
 get_prop(adbd, test_harness_prop)
 
+# Read persist.adb.tls_server.enable property
+get_prop(adbd, system_adbd_prop)
+
 # Read device's overlayfs related properties and files
 userdebug_or_eng(`
   get_prop(adbd, persistent_properties_ready_prop)

diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index 4419ff2..58477a0 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil

@@ -8,6 +8,7 @@
     aidl_lazy_test_server
     aidl_lazy_test_server_exec
     aidl_lazy_test_service
+    adbd_prop
     apex_module_data_file
     apex_permission_data_file
     apex_rollback_data_file
@@ -74,6 +75,7 @@
     snapshotctl_log_data_file
     soundtrigger_middleware_service
     sysfs_dm_verity
+    system_adbd_prop
     system_config_service
     system_group_file
     system_jvmti_agent_prop

diff --git a/private/property_contexts b/private/property_contexts
index 0c61961..6315c88 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -47,7 +47,9 @@
 security.perf_harden    u:object_r:shell_prop:s0
 service.adb.root        u:object_r:shell_prop:s0
 service.adb.tcp.port    u:object_r:shell_prop:s0
-persist.adb.wifi.       u:object_r:shell_prop:s0
+service.adb.tls.port    u:object_r:adbd_prop:s0
+persist.adb.wifi.       u:object_r:adbd_prop:s0
+persist.adb.tls_server.enable  u:object_r:system_adbd_prop:s0
 
 persist.audio.          u:object_r:audio_prop:s0
 persist.bluetooth.      u:object_r:bluetooth_prop:s0

diff --git a/private/system_server.te b/private/system_server.te
index ef527fd..97353b0 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -853,8 +853,11 @@
 allow system_server adbd:fd use;
 allow system_server adbd:unix_stream_socket { getattr getopt ioctl read write shutdown };
 
-# Read persist.adb.wifi. properties
-get_prop(system_server, shell_prop)
+# Read service.adb.tls.port, persist.adb.wifi. properties
+get_prop(system_server, adbd_prop)
+
+# Set persist.adb.tls_server.enable property
+set_prop(system_server, system_adbd_prop)
 
 # Allow invoking tools like "timeout"
 allow system_server toolbox_exec:file rx_file_perms;