Merge "Restore audio tee sink" into nyc-dev
diff --git a/app.te b/app.te
index 5927eb9..9101c9b 100644
--- a/app.te
+++ b/app.te
@@ -101,6 +101,9 @@
# Read/write wallpaper file (opened by system).
allow appdomain wallpaper_file:file { getattr read write };
+# Read/write cached ringtones (opened by system).
+allow appdomain ringtone_file:file { getattr read write };
+
# Write to /data/anr/traces.txt.
allow appdomain anr_data_file:dir search;
allow appdomain anr_data_file:file { open append };
diff --git a/bluetooth.te b/bluetooth.te
index 6a329b7..1817820 100644
--- a/bluetooth.te
+++ b/bluetooth.te
@@ -24,6 +24,8 @@
allow bluetooth self:capability2 wake_alarm;
# tethering
+allow bluetooth self:packet_socket create_socket_perms;
+allow bluetooth self:capability { net_admin net_raw net_bind_service };
allow bluetooth self:tun_socket create_socket_perms;
allow bluetooth efs_file:dir search;
@@ -59,6 +61,6 @@
###
# Superuser capabilities.
-# bluetooth requires net_admin, wake_alarm and block_suspend
-neverallow bluetooth self:capability ~net_admin;
+# bluetooth requires net_{admin,raw,bind_service} and wake_alarm and block_suspend.
+neverallow bluetooth self:capability ~{ net_admin net_raw net_bind_service };
neverallow bluetooth self:capability2 ~{ wake_alarm block_suspend };
diff --git a/domain_deprecated.te b/domain_deprecated.te
index ed88cca..4da7a31 100644
--- a/domain_deprecated.te
+++ b/domain_deprecated.te
@@ -57,6 +57,7 @@
r_dir_file(domain_deprecated, sysfs)
r_dir_file(domain_deprecated, inotify)
r_dir_file(domain_deprecated, cgroup)
+r_dir_file(domain_deprecated, proc_meminfo)
r_dir_file(domain_deprecated, proc_net)
# Get SELinux enforcing status.
diff --git a/file.te b/file.te
index 00637f8..1efdc58 100644
--- a/file.te
+++ b/file.te
@@ -14,6 +14,7 @@
type proc_bluetooth_writable, fs_type;
type proc_cpuinfo, fs_type;
type proc_iomem, fs_type;
+type proc_meminfo, fs_type;
type proc_net, fs_type;
type proc_sysrq, fs_type;
type proc_uid_cputime_showstat, fs_type;
@@ -101,6 +102,8 @@
type heapdump_data_file, file_type, data_file_type, mlstrustedobject;
# /data/nativetest
type nativetest_data_file, file_type, data_file_type;
+# /data/system_de/0/ringtones
+type ringtone_file, file_type, data_file_type;
# Mount locations managed by vold
type mnt_media_rw_file, file_type;
@@ -160,7 +163,7 @@
# Default type for anything under /efs
type efs_file, file_type;
# Type for wallpaper file.
-type wallpaper_file, file_type, mlstrustedobject;
+type wallpaper_file, file_type, data_file_type, mlstrustedobject;
# /mnt/asec
type asec_apk_file, file_type, data_file_type, mlstrustedobject;
# Elements of asec files (/mnt/asec) that are world readable
diff --git a/file_contexts b/file_contexts
index 5e14344..e94c95e 100644
--- a/file_contexts
+++ b/file_contexts
@@ -323,10 +323,15 @@
/data/system/users/[0-9]+/wallpaper_lock u:object_r:wallpaper_file:s0
/data/system/users/[0-9]+/wallpaper_orig u:object_r:wallpaper_file:s0
/data/system/users/[0-9]+/wallpaper u:object_r:wallpaper_file:s0
+
+# Ringtone files
+/data/system_de/[0-9]+/ringtones(/.*)? u:object_r:ringtone_file:s0
+
#############################
# efs files
#
/efs(/.*)? u:object_r:efs_file:s0
+
#############################
# Cache files
#
diff --git a/genfs_contexts b/genfs_contexts
index 3f865c4..2700a94 100644
--- a/genfs_contexts
+++ b/genfs_contexts
@@ -3,6 +3,7 @@
# proc labeling can be further refined (longest matching prefix).
genfscon proc / u:object_r:proc:s0
genfscon proc /iomem u:object_r:proc_iomem:s0
+genfscon proc /meminfo u:object_r:proc_meminfo:s0
genfscon proc /net u:object_r:proc_net:s0
genfscon proc /net/xt_qtaguid/ctrl u:object_r:qtaguid_proc:s0
genfscon proc /cpuinfo u:object_r:proc_cpuinfo:s0
diff --git a/logd.te b/logd.te
index aa24c05..95a30ef 100644
--- a/logd.te
+++ b/logd.te
@@ -22,6 +22,10 @@
allow logd pstorefs:dir search;
allow logd pstorefs:file r_file_perms;
+# Set persist.sys. and sys.powerctl
+set_prop(logd, safemode_prop)
+set_prop(logd, powerctl_prop)
+
# Access device logging gating property
get_prop(logd, device_logging_prop)
diff --git a/mediaserver.te b/mediaserver.te
index 7aa6ec7..8616403 100644
--- a/mediaserver.te
+++ b/mediaserver.te
@@ -45,6 +45,7 @@
# Read resources from open apk files passed over Binder.
allow mediaserver apk_data_file:file { read getattr };
allow mediaserver asec_apk_file:file { read getattr };
+allow mediaserver ringtone_file:file { read getattr };
# Read /data/data/com.android.providers.telephony files passed over Binder.
allow mediaserver radio_data_file:file { read getattr };
diff --git a/netd.te b/netd.te
index 2c0fb15..98a1a2a 100644
--- a/netd.te
+++ b/netd.te
@@ -30,15 +30,6 @@
# XXX Split into its own type.
allow netd sysfs:file write;
-# Set dhcp lease for PAN connection
-set_prop(netd, dhcp_prop)
-set_prop(netd, system_prop)
-auditallow netd system_prop:property_service set;
-
-# Connect to PAN
-domain_auto_trans(netd, dhcp_exec, dhcp)
-allow netd dhcp:process signal;
-
# Needed to update /data/misc/wifi/hostapd.conf
# TODO: See what we can do to reduce the need for
# these capabilities
@@ -64,10 +55,19 @@
set_prop(netd, ctl_mdnsd_prop)
+# Allow netd to publish a binder service and make binder calls.
+binder_use(netd)
+binder_service(netd)
+allow netd netd_service:service_manager add;
+
+# Allow netd to call into the system server so it can check permissions.
+allow netd system_server:binder call;
+
# Allow netd to operate on sockets that are passed to it.
allow netd netdomain:{tcp_socket udp_socket rawip_socket dccp_socket tun_socket} {read write getattr setattr getopt setopt};
allow netd netdomain:fd use;
+
###
### Neverallow rules
###
diff --git a/property.te b/property.te
index c649a90..26d15ff 100644
--- a/property.te
+++ b/property.te
@@ -33,5 +33,6 @@
type dalvik_prop, property_type, core_property_type;
type config_prop, property_type, core_property_type;
type device_logging_prop, property_type;
+type safemode_prop, property_type;
allow property_type tmpfs:filesystem associate;
diff --git a/property_contexts b/property_contexts
index 9e936ca..fed44df 100644
--- a/property_contexts
+++ b/property_contexts
@@ -43,6 +43,8 @@
persist.log.tag u:object_r:logd_prop:s0
persist.mmc. u:object_r:mmc_prop:s0
persist.sys. u:object_r:system_prop:s0
+persist.sys.safemode u:object_r:safemode_prop:s0
+persist.sys.audit_safemode u:object_r:safemode_prop:s0
persist.service. u:object_r:system_prop:s0
persist.service.bdroid. u:object_r:bluetooth_prop:s0
persist.security. u:object_r:system_prop:s0
diff --git a/recovery.te b/recovery.te
index afacf40..d5767ed 100644
--- a/recovery.te
+++ b/recovery.te
@@ -48,6 +48,8 @@
# TODO: create more specific label?
allow recovery sysfs:file w_file_perms;
+ allow recovery sysfs_batteryinfo:file r_file_perms;
+
allow recovery kernel:system syslog_read;
# Access /dev/android_adb or /dev/usb-ffs/adb/ep0
diff --git a/service.te b/service.te
index 63636f6..e33fd7a 100644
--- a/service.te
+++ b/service.te
@@ -12,6 +12,7 @@
type mediaextractor_service, service_manager_type;
type mediacodec_service, service_manager_type;
type mediadrmserver_service, service_manager_type;
+type netd_service, service_manager_type;
type nfc_service, service_manager_type;
type radio_service, service_manager_type;
type surfaceflinger_service, service_manager_type;
@@ -47,7 +48,7 @@
type diskstats_service, system_api_service, system_server_service, service_manager_type;
type display_service, app_api_service, system_server_service, service_manager_type;
type DockObserver_service, system_server_service, service_manager_type;
-type dreams_service, system_api_service, system_server_service, service_manager_type;
+type dreams_service, app_api_service, system_server_service, service_manager_type;
type dropbox_service, app_api_service, system_server_service, service_manager_type;
type ethernet_service, app_api_service, system_server_service, service_manager_type;
type fingerprint_service, app_api_service, system_server_service, service_manager_type;
diff --git a/service_contexts b/service_contexts
index e23f72b..6d8b07f 100644
--- a/service_contexts
+++ b/service_contexts
@@ -81,6 +81,7 @@
meminfo u:object_r:meminfo_service:s0
midi u:object_r:midi_service:s0
mount u:object_r:mount_service:s0
+netd u:object_r:netd_service:s0
netpolicy u:object_r:netpolicy_service:s0
netstats u:object_r:netstats_service:s0
network_management u:object_r:network_management_service:s0
diff --git a/system_server.te b/system_server.te
index 2e131b3..1dd7a6e 100644
--- a/system_server.te
+++ b/system_server.te
@@ -136,6 +136,7 @@
binder_call(system_server, fingerprintd)
binder_call(system_server, { appdomain autoplay_app })
binder_call(system_server, dumpstate)
+binder_call(system_server, netd)
binder_service(system_server)
# Ask debuggerd to dump backtraces for native stacks of interest.
@@ -290,11 +291,16 @@
allow system_server wallpaper_file:file relabelto;
allow system_server wallpaper_file:file { rw_file_perms unlink };
+# Manage ringtones.
+allow system_server ringtone_file:dir { create_dir_perms relabelto };
+allow system_server ringtone_file:file create_file_perms;
+
# FingerprintService.java does a restorecon of the directory /data/system/users/[0-9]+/fpdata(/.*)?
allow system_server system_data_file:dir relabelfrom;
# Property Service write
set_prop(system_server, system_prop)
+set_prop(system_server, safemode_prop)
set_prop(system_server, dhcp_prop)
set_prop(system_server, net_radio_prop)
set_prop(system_server, system_radio_prop)
@@ -396,6 +402,7 @@
allow system_server mediaextractor_service:service_manager find;
allow system_server mediacodec_service:service_manager find;
allow system_server mediadrmserver_service:service_manager find;
+allow system_server netd_service:service_manager find;
allow system_server nfc_service:service_manager find;
allow system_server radio_service:service_manager find;
allow system_server system_server_service:service_manager { add find };
diff --git a/untrusted_app.te b/untrusted_app.te
index 189f3c5..d5abe17 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -94,10 +94,11 @@
# for files. Suppress the denials when they occur.
dontaudit untrusted_app exec_type:file getattr;
-# TODO: access of /proc/meminfo, give specific label or switch to
-# using meminfo service
-allow untrusted_app proc:file r_file_perms;
+# TODO: switch to meminfo service
+allow untrusted_app proc_meminfo:file r_file_perms;
+
# https://code.google.com/p/chromium/issues/detail?id=586021
+allow untrusted_app proc:file r_file_perms;
auditallow untrusted_app proc:file r_file_perms;
# access /proc/net/xt_qtguid/stats
r_dir_file(untrusted_app, proc_net)