Merge "hal_health: allow to write kernel logs."
diff --git a/private/audioserver.te b/private/audioserver.te
index b7d5320..471fcbe 100644
--- a/private/audioserver.te
+++ b/private/audioserver.te
@@ -52,9 +52,10 @@
# For A2DP bridge which is loaded directly into audioserver
unix_socket_connect(audioserver, bluetooth, bluetooth)
-# Allow shell commands from ADB for CTS testing/dumping
+# Allow shell commands from ADB and shell for CTS testing/dumping
allow audioserver adbd:fd use;
allow audioserver adbd:unix_stream_socket { read write };
+allow audioserver shell:fifo_file { read write };
# Allow shell commands from ADB for CTS testing/dumping
userdebug_or_eng(`
diff --git a/private/init.te b/private/init.te
index 50b1c94..e9959d3 100644
--- a/private/init.te
+++ b/private/init.te
@@ -20,13 +20,3 @@
userdebug_or_eng(`
domain_auto_trans(init, logcat_exec, logpersist)
')
-
-# Creating files on sysfs is impossible so this isn't a threat
-# Sometimes we have to write to non-existent files to avoid conditional
-# init behavior. See b/35303861 for an example.
-dontaudit init sysfs:dir write;
-
-# Suppress false positives when using O_CREAT
-# to open a file that already exists.
-# There's a neverallow rule for this in domain.te
-dontaudit init cgroup:file create;
diff --git a/private/zygote.te b/private/zygote.te
index ab707f1..4ea401d 100644
--- a/private/zygote.te
+++ b/private/zygote.te
@@ -134,8 +134,3 @@
# Do not allow access to Bluetooth-related system properties and files
neverallow zygote bluetooth_prop:file create_file_perms;
-
-# Suppress false positives when using O_CREAT
-# to open a file that already exists.
-# There's a neverallow rule for this in domain.te
-dontaudit zygote cgroup:file create;
diff --git a/public/domain.te b/public/domain.te
index ea8cb59..4f02623 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -1327,23 +1327,23 @@
} self:capability dac_override;
neverallow { domain -traced_probes } self:capability dac_read_search;
-# If an already existing file is opened with O_CREATE, the kernel might generate
+# If an already existing file is opened with O_CREAT, the kernel might generate
# a false report of a create denial. Silence these denials and make sure that
# inappropriate permissions are not granted.
+
+# These filesystems don't allow files or directories to be created, so the permission
+# to do so should never be granted.
neverallow domain {
proc_type
sysfs_type
}:dir { add_name create link remove_name rename reparent rmdir write };
-# cgroupfs directories can be created, but not files within them
-# TODO(b/74182216): Remove the installd allow when we're sure it's not used
-neverallow {
- domain
- -installd
-} cgroup:file create;
+# cgroupfs directories can be created, but not files within them.
+neverallow domain cgroup:file create;
dontaudit domain proc_type:dir write;
dontaudit domain sysfs_type:dir write;
+dontaudit domain cgroup:file create;
# These are only needed in permissive mode - in enforcing mode the
# directory write check fails and so these are never attempted.
diff --git a/public/init.te b/public/init.te
index 1d04f84..88357e5 100644
--- a/public/init.te
+++ b/public/init.te
@@ -326,11 +326,6 @@
# Allow init to write to vibrator/trigger
allow init sysfs_vibrator:file w_file_perms;
-# Creating files on sysfs is impossible so this isn't a threat.
-# We may write to a non-existent file to avoid conditional
-# init behavior.
-dontaudit init sysfs_vibrator:dir write;
-
# init chmod/chown access to /sys files.
allow init {
sysfs_android_usb
diff --git a/public/installd.te b/public/installd.te
index fad4562..6aba962 100644
--- a/public/installd.te
+++ b/public/installd.te
@@ -19,7 +19,6 @@
allow installd oemfs:dir r_dir_perms;
allow installd oemfs:file r_file_perms;
allow installd cgroup:dir create_dir_perms;
-allow installd cgroup:{ file lnk_file } create_file_perms;
allow installd mnt_expand_file:dir { search getattr };
# Check validity of SELinux context before use.
selinux_check_context(installd)