Introduce vmlauncher_app domain
Bug: 333485208
Test: check display
Change-Id: I64c09f09615e89cf24398c01b8f87b0136be0a7f
diff --git a/private/crosvm.te b/private/crosvm.te
index a96a22a..fced92f 100644
--- a/private/crosvm.te
+++ b/private/crosvm.te
@@ -93,7 +93,7 @@
# To provide display service to an app to get surface.
# TODO(b/332677707): remove them when display service uses binder RPC.
- allow crosvm priv_app:binder { transfer call };
+ allow crosvm vmlauncher_app:binder { transfer call };
allow crosvm servicemanager:binder { call transfer };
allow crosvm virtualization_service:service_manager find;
allow crosvm virtualizationservice:binder { call transfer };
diff --git a/private/priv_app.te b/private/priv_app.te
index 76682f1..9ba2c95 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te
@@ -124,13 +124,6 @@
allow priv_app preloads_media_file:file r_file_perms;
allow priv_app preloads_media_file:dir r_dir_perms;
-is_flag_enabled(RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES, `
- # TODO(b/332677707): remove them when display service uses binder RPC.
- allow priv_app virtualization_service:service_manager find;
- allow priv_app virtualizationservice:binder call;
- allow priv_app crosvm:binder { call transfer };
-')
-
read_runtime_log_tags(priv_app)
# Allow priv_apps to request and collect incident reports.
diff --git a/private/seapp_contexts b/private/seapp_contexts
index 2219631..9b194b8 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -224,3 +224,4 @@
user=_app domain=untrusted_app_25 type=app_data_file levelFrom=user
user=_app minTargetSdkVersion=28 fromRunAs=true domain=runas_app levelFrom=all
user=_app fromRunAs=true domain=runas_app levelFrom=user
+user=_app isPrivApp=true name=com.android.virtualization.vmlauncher domain=vmlauncher_app type=privapp_data_file levelFrom=all
diff --git a/private/virtualizationservice.te b/private/virtualizationservice.te
index 2d14f5d..f096e89 100644
--- a/private/virtualizationservice.te
+++ b/private/virtualizationservice.te
@@ -47,7 +47,7 @@
is_flag_enabled(RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES, `
# To provide display service to an app to get surface.
# TODO(b/332677707): remove them when display service uses binder RPC.
- allow virtualizationservice priv_app:binder transfer;
+ allow virtualizationservice vmlauncher_app:binder transfer;
')
# Let virtualizationservice set the owner of a VM's temporary directory.
diff --git a/private/vmlauncher_app.te b/private/vmlauncher_app.te
new file mode 100644
index 0000000..dcc4f55
--- /dev/null
+++ b/private/vmlauncher_app.te
@@ -0,0 +1,18 @@
+type vmlauncher_app, domain;
+typeattribute vmlauncher_app coredomain;
+
+app_domain(vmlauncher_app)
+
+allow vmlauncher_app app_api_service:service_manager find;
+allow vmlauncher_app system_api_service:service_manager find;
+
+allow vmlauncher_app shell_data_file:dir search;
+allow vmlauncher_app shell_data_file:file { read open write };
+virtualizationservice_use(vmlauncher_app)
+
+is_flag_enabled(RELEASE_AVF_SUPPORT_CUSTOM_VM_WITH_PARAVIRTUALIZED_DEVICES, `
+ # TODO(b/332677707): remove them when display service uses binder RPC.
+ allow vmlauncher_app virtualization_service:service_manager find;
+ allow vmlauncher_app virtualizationservice:binder call;
+ allow vmlauncher_app crosvm:binder { call transfer };
+')