Allow ashmem ioctl commands to be invoked on tmpfs files
Part of the migration from ashmem to memfd involves adding support for
ashmem ioctl commands to memfds. This allows applications that directly
interact with ashmem buffers via ioctls to continue working seamlessly
even if they are given a memfd buffer instead of an ashmem buffer to
operate on.
Therefore, allow ioctl() to be invoked on tmpfs files.
Bug: 111903542
Change-Id: I68c269af54764e1abc6346e05bbf94acb99c44f1
Signed-off-by: Isaac J. Manjarres <isaacmanjarres@google.com>
diff --git a/public/te_macros b/public/te_macros
index 2ba15b3..78e75a0 100644
--- a/public/te_macros
+++ b/public/te_macros
@@ -75,7 +75,8 @@
# Allow access to a unique type for this domain when creating tmpfs / ashmem files.
define(`tmpfs_domain', `
type_transition $1 tmpfs:file $1_tmpfs;
-allow $1 $1_tmpfs:file { read write getattr map };
+allow $1 $1_tmpfs:file { read write getattr map ioctl };
+allowxperm $1 $1_tmpfs:file ioctl ashmem_ioctls;
')
# pdx macros for IPC. pdx is a high-level name which contains transport-specific
@@ -243,7 +244,8 @@
# Label tmpfs objects for all apps.
type_transition $1 tmpfs:file appdomain_tmpfs;
userfaultfd_use($1)
-allow $1 appdomain_tmpfs:file { execute getattr map read write };
+allow $1 appdomain_tmpfs:file { execute getattr map read write ioctl };
+allowxperm $1 appdomain_tmpfs:file ioctl ashmem_ioctls;
neverallow { $1 -runas_app -shell -simpleperf } { domain -$1 }:file no_rw_file_perms;
neverallow { appdomain -runas_app -shell -simpleperf -$1 } $1:file no_rw_file_perms;
# The Android security model guarantees the confidentiality and integrity