Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 64bbf0515030a6b7471d1378c970d9a249a7b78c^! / .
commit64bbf0515030a6b7471d1378c970d9a249a7b78c[log] [tgz]
authorDavid Anderson <dvander@google.com>Wed Feb 27 18:31:11 2019 -0800
committerDavid Anderson <dvander@google.com>Thu Feb 28 07:54:25 2019 -0800
tree4b19a623c56b1fa4e8a1d4ab1f9749969aab79e7
parent7eb9143e468534761af916d0c8cb862355cbc794 [diff]
Allow system_server and shell to start gsid on-demand.

gsid is started lazily to reduce memory pressure. It can be started
either via gsi_tool (invoked by adb shell), or by DynamicAndroidService
via system_server.

Bug: 126622385
Test: no denials running "gsi_tool status"
Change-Id: I90a5f3f28fe4f294fb60e7c87a62e76716fbd5c0

diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil
index 73679f6..1879468 100644
--- a/private/compat/28.0/28.0.ignore.cil
+++ b/private/compat/28.0/28.0.ignore.cil

@@ -30,6 +30,7 @@
     content_capture_service
     content_suggestions_service
     cpu_variant_prop
+    ctl_gsid_prop
     dev_cpu_variant
     device_config_activity_manager_native_boot_prop
     device_config_boot_count_prop

diff --git a/private/property_contexts b/private/property_contexts
index a34a52c..b3214c8 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -127,6 +127,11 @@
 ctl.stop$adbd              u:object_r:ctl_adbd_prop:s0
 ctl.restart$adbd           u:object_r:ctl_adbd_prop:s0
 
+# Restrict access to starting/stopping gsid.
+ctl.start$gsid          u:object_r:ctl_gsid_prop:s0
+ctl.stop$gsid           u:object_r:ctl_gsid_prop:s0
+ctl.restart$gsid        u:object_r:ctl_gsid_prop:s0
+
 # NFC properties
 nfc.                    u:object_r:nfc_prop:s0
 

diff --git a/private/system_server.te b/private/system_server.te
index 22dcac8..7540d56 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -585,6 +585,7 @@
 # ctl interface
 set_prop(system_server, ctl_default_prop)
 set_prop(system_server, ctl_bugreport_prop)
+set_prop(system_server, ctl_gsid_prop)
 
 # cppreopt property
 set_prop(system_server, cppreopt_prop)

diff --git a/public/property.te b/public/property.te
index 74c9bc5..a549ef1 100644
--- a/public/property.te
+++ b/public/property.te

@@ -15,6 +15,7 @@
 type ctl_default_prop, property_type;
 type ctl_dumpstate_prop, property_type;
 type ctl_fuse_prop, property_type;
+type ctl_gsid_prop, property_type;
 type ctl_interface_restart_prop, property_type;
 type ctl_interface_start_prop, property_type;
 type ctl_interface_stop_prop, property_type;
@@ -362,6 +363,7 @@
     -ctl_default_prop
     -ctl_dumpstate_prop
     -ctl_fuse_prop
+    -ctl_gsid_prop
     -ctl_interface_restart_prop
     -ctl_interface_start_prop
     -ctl_interface_stop_prop

diff --git a/public/shell.te b/public/shell.te
index dc53049..4c76059 100644
--- a/public/shell.te
+++ b/public/shell.te

@@ -78,6 +78,8 @@
 # Allow shell to start/stop heapprofd via the persist.heapprofd.enable
 # property.
 set_prop(shell, heapprofd_enabled_prop)
+# Allow shell to start/stop gsid via ctl.start|stop|restart gsid.
+set_prop(shell, ctl_gsid_prop)
 
 userdebug_or_eng(`
   # "systrace --boot" support - allow boottrace service to run