Allow recovery and fastbootd to interact with libfiemap.
In normal Android, libsnapshot interacts with libfiemap over binder (via
IGsid). There is no binder in recovery, so instead, we directly link to
the library and therefore need appropriate sepolicy changes.
Bug: 139154945
Test: no denials in recovery or fastbootd
Change-Id: I356d7b5b906ac198e6f32c4d0cdd206c97faeb84
diff --git a/private/gsid.te b/private/gsid.te
index cc255ca..306efb8 100644
--- a/private/gsid.te
+++ b/private/gsid.te
@@ -75,6 +75,8 @@
-gsid
-init
-update_engine_common
+ -recovery
+ -fastbootd
} gsid_prop:property_service set;
# gsid needs to store images on /data, but cannot use file I/O. If it did, the
@@ -130,6 +132,7 @@
-init
-gsid
-fastbootd
+ -recovery
-vold
} gsi_metadata_file:dir *;
diff --git a/public/fastbootd.te b/public/fastbootd.te
index 39abc5e..f08885a 100644
--- a/public/fastbootd.te
+++ b/public/fastbootd.te
@@ -107,6 +107,12 @@
allow fastbootd labeledfs:filesystem { mount unmount };
get_prop(fastbootd, persistent_properties_ready_prop)
')
+
+ # Allow using libfiemap/gsid directly (no binder in recovery).
+ set_prop(fastbootd, gsid_prop)
+ allow fastbootd gsi_metadata_file:dir search;
+ allow fastbootd ota_metadata_file:dir rw_dir_perms;
+ allow fastbootd ota_metadata_file:file create_file_perms;
')
###
diff --git a/public/recovery.te b/public/recovery.te
index 2b77bc3..1193354 100644
--- a/public/recovery.te
+++ b/public/recovery.te
@@ -142,6 +142,12 @@
# These are needed to update dynamic partitions in recovery.
r_dir_file(recovery, sysfs_dm)
allowxperm recovery super_block_device_type:blk_file ioctl { BLKIOMIN BLKALIGNOFF };
+
+ # Allow using libfiemap/gsid directly (no binder in recovery).
+ set_prop(recovery, gsid_prop)
+ allow recovery gsi_metadata_file:dir search;
+ allow recovery ota_metadata_file:dir rw_dir_perms;
+ allow recovery ota_metadata_file:file create_file_perms;
')
###