Merge "neverallow init *:process noatsecure"
diff --git a/public/domain.te b/public/domain.te
index 6367dd7..28fd39e 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -1132,6 +1132,7 @@
-system_server
-system_app
-init
+ -toolbox # TODO(b/141108496) We want to remove toolbox
-installd # for relabelfrom and unlink, check for this in explicit neverallow
-vold_prepare_subdirs # For unlink
with_asan(`-asan_extract')
@@ -1384,4 +1385,3 @@
-hal_codec2_server
-hal_omx_server
} hal_codec2_hwservice:hwservice_manager add;
-
diff --git a/public/init.te b/public/init.te
index abcdc8c..de6d4d4 100644
--- a/public/init.te
+++ b/public/init.te
@@ -610,5 +610,6 @@
neverallow * init:process ptrace;
# init owns the root of /data
-# TODO(b/140259336) We want to remove vendor_init in the long term but allow for now
-neverallow { domain -init -vendor_init -vold } system_data_root_file:dir { write add_name remove_name };
+# TODO(b/140259336) We want to remove vendor_init
+# TODO(b/141108496) We want to remove toolbox
+neverallow { domain -init -toolbox -vendor_init -vold } system_data_root_file:dir { write add_name remove_name };
diff --git a/public/toolbox.te b/public/toolbox.te
index 19cc3b6..f4b164d 100644
--- a/public/toolbox.te
+++ b/public/toolbox.te
@@ -22,3 +22,8 @@
neverallow { domain -init } toolbox:process transition;
neverallow * toolbox:process dyntransition;
neverallow toolbox { file_type fs_type -toolbox_exec}:file entrypoint;
+
+# rm -rf directories in /data
+allow toolbox system_data_root_file:dir { remove_name write };
+allow toolbox system_data_file:dir { rmdir rw_dir_perms };
+allow toolbox system_data_file:file { getattr unlink };