Merge "Move to ioctl whitelisting for plain files / directories"
diff --git a/private/adbd.te b/private/adbd.te
index 864358a..685b2cc 100644
--- a/private/adbd.te
+++ b/private/adbd.te
@@ -42,6 +42,10 @@
# Access /dev/usb-ffs/adb/ep0
allow adbd functionfs:dir search;
allow adbd functionfs:file rw_file_perms;
+allowxperm adbd functionfs:file ioctl {
+ FUNCTIONFS_ENDPOINT_DESC
+ FUNCTIONFS_CLEAR_HALT
+};
# Use a pseudo tty.
allow adbd devpts:chr_file rw_file_perms;
diff --git a/public/domain.te b/public/domain.te
index 16cc098..db0c8cb 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -291,6 +291,23 @@
# separately.
allowxperm domain devpts:chr_file ioctl unpriv_tty_ioctls;
+# All domains must clearly enumerate what ioctls they use
+# on plain files and directories
+allowxperm domain { file_type fs_type }:{ dir file } ioctl { 0 };
+
+# Support sqlite F2FS specific optimizations
+# ioctl permission on the specific file type is still required
+# TODO: consider only compiling these rules if we know the
+# /data partition is F2FS
+allowxperm domain file_type:file ioctl {
+ F2FS_IOC_ABORT_VOLATILE_WRITE
+ F2FS_IOC_COMMIT_ATOMIC_WRITE
+ F2FS_IOC_GET_FEATURES
+ F2FS_IOC_GET_PIN_FILE
+ F2FS_IOC_SET_PIN_FILE
+ F2FS_IOC_START_ATOMIC_WRITE
+};
+
# Workaround for policy compiler being too aggressive and removing hwservice_manager_type
# when it's not explicitly used in allow rules
allow { domain -domain } hwservice_manager_type:hwservice_manager { add find };
diff --git a/public/init.te b/public/init.te
index 18d11b6..215246b 100644
--- a/public/init.te
+++ b/public/init.te
@@ -500,6 +500,12 @@
# Allow init to create /data/unencrypted
allow init unencrypted_data_file:dir create_dir_perms;
+# Set encryption policy on dirs in /data
+allowxperm init data_file_type:dir ioctl {
+ FS_IOC_GET_ENCRYPTION_POLICY
+ FS_IOC_SET_ENCRYPTION_POLICY
+};
+
# Allow init to write to /proc/sys/vm/overcommit_memory
allow init proc_overcommit_memory:file { write };
diff --git a/public/vendor_init.te b/public/vendor_init.te
index dfd4d8f..01c2f17 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -35,6 +35,12 @@
allow vendor_init unencrypted_data_file:dir search;
allow vendor_init unencrypted_data_file:file r_file_perms;
+# Set encryption policy on dirs in /data
+allowxperm vendor_init data_file_type:dir ioctl {
+ FS_IOC_GET_ENCRYPTION_POLICY
+ FS_IOC_SET_ENCRYPTION_POLICY
+};
+
allow vendor_init system_data_file:dir getattr;
allow vendor_init {
diff --git a/public/vold.te b/public/vold.te
index cd2d4f7..8f50e6a 100644
--- a/public/vold.te
+++ b/public/vold.te
@@ -43,6 +43,16 @@
# For formatting adoptable storage devices
allow vold e2fs_exec:file rx_file_perms;
+# Run fstrim on mounted partitions
+# allowxperm still requires the ioctl permission for the individual type
+allowxperm vold { fs_type file_type }:dir ioctl FITRIM;
+
+# Get encryption policy for dirs in /data
+allowxperm vold data_file_type:dir ioctl {
+ FS_IOC_GET_ENCRYPTION_POLICY
+ FS_IOC_SET_ENCRYPTION_POLICY
+};
+
typeattribute vold mlstrustedsubject;
allow vold self:process setfscreate;
allow vold system_file:file x_file_perms;