commit 4f0a21cca87fb766cbfa520cfb8a35b4e5500e5a
author Tom Cherry <tomcherry@google.com> Wed Apr 18 17:37:23 2018 +0000
committer Android (Google) Code Review <android-gerrit@google.com> Wed Apr 18 17:37:23 2018 +0000
tree 85be81353fc3590378bab26cc1335c74e9023050
parent bc9f22a6546995a0070e96a61893a41cc7b1372c
parent 18a284405f519ae49898031a4bea70e5e2d2fdac

Merge "Allow vendor_init to access unencrypted_data_file" into pi-dev

private/compat/26.0/26.0.ignore.cil

diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index bc847ee..ae0a94d 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -65,6 +65,7 @@
     lowpan_service
     mediaextractor_update_service
     mediaprovider_tmpfs
+    mnt_vendor_file
     netd_stable_secret_prop
     network_watchlist_data_file
     network_watchlist_service

private/compat/27.0/27.0.ignore.cil

diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index 0e8c164..7964046 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -54,6 +54,7 @@
     lowpan_prop
     lowpan_service
     mediaextractor_update_service
+    mnt_vendor_file
     network_watchlist_data_file
     network_watchlist_service
     perfetto

private/file_contexts

diff --git a/private/file_contexts b/private/file_contexts
index c5169ff..c2a8c74 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -526,3 +526,7 @@
 /mnt/user(/.*)?             u:object_r:mnt_user_file:s0
 /mnt/runtime(/.*)?          u:object_r:storage_file:s0
 /storage(/.*)?              u:object_r:storage_file:s0
+
+#############################
+# mount point for read-write vendor partitions
+/mnt/vendor(/.*)?          u:object_r:mnt_vendor_file:s0

private/statsd.te

diff --git a/private/statsd.te b/private/statsd.te
index fec10a4..06d6e01 100644
--- a/private/statsd.te
+++ b/private/statsd.te
@@ -73,6 +73,7 @@
 
 # Allow access to with hardware layer and process stats.
 allow statsd proc_uid_cputime_showstat:file { getattr open read };
+hal_client_domain(statsd, hal_health)
 hal_client_domain(statsd, hal_power)
 hal_client_domain(statsd, hal_thermal)
 

public/domain.te

diff --git a/public/domain.te b/public/domain.te
index 4362e12..e84f397 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -1383,3 +1383,9 @@
   dontaudit domain proc_type:file create;
   dontaudit domain sysfs_type:file create;
 ')
+
+# Platform must not have access to /mnt/vendor.
+neverallow {
+  coredomain
+  -init
+} mnt_vendor_file:dir *;

public/file.te

diff --git a/public/file.te b/public/file.te
index c5844b6..1451dc4 100644
--- a/public/file.te
+++ b/public/file.te
@@ -225,6 +225,9 @@
 type mnt_media_rw_stub_file, file_type;
 type storage_stub_file, file_type;
 
+# Mount location for read-write vendor partitions.
+type mnt_vendor_file, file_type;
+
 # /postinstall: Mount point used by update_engine to run postinstall.
 type postinstall_mnt_dir, file_type;
 # Files inside the /postinstall mountpoint are all labeled as postinstall_file.