Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / dce317cf43e458e85ca94d6488beb865f13f4868^! / .
commitdce317cf43e458e85ca94d6488beb865f13f4868[log] [tgz]
authorTao Bao <tbao@google.com>Mon Jan 25 16:41:03 2016 -0800
committerTao Bao <tbao@google.com>Mon Jan 25 16:42:38 2016 -0800
tree5ce30b5af6fa2bc33f47bdb8aa648dcef6a3be87
parent2fdeab3789ec6e5ec6f7424abf41a9aaa73564b0 [diff]
Allow update_engine to use Binder IPC.

Register service with servicemanager and name the context.

avc: denied { call } for scontext=u:r:update_engine:s0 tcontext=u:r:servicemanager:s0 tclass=binder
avc: denied { add } for service=android.os.IUpdateEngine scontext=u:r:update_engine:s0 tcontext=u:object_r:update_engine_service:s0 tclass=service_manager

Also allow priv_app to communicate with update_engine.

avc: denied { find } for service=android.os.IUpdateEngine scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:update_engine_service:s0 tclass=service_manager
avc: denied { call } for scontext=u:r:priv_app:s0:c512,c768 tcontext=u:r:update_engine:s0 tclass=binder
avc: denied { call } for scontext=u:r:update_engine:s0 tcontext=u:r:priv_app:s0 tclass=binder

Change-Id: Ib4498717c1a72f5faab5ea04c636924ee4eb412c

diff --git a/priv_app.te b/priv_app.te
index dc792e8..68b588c 100644
--- a/priv_app.te
+++ b/priv_app.te

@@ -72,6 +72,10 @@
 allow priv_app sysfs_zram:dir search;
 allow priv_app sysfs_zram:file r_file_perms;
 
+# Allow GMS core to communicate with update_engine for A/B update.
+binder_call(priv_app, update_engine)
+allow priv_app update_engine_service:service_manager find;
+
 ###
 ### neverallow rules
 ###

diff --git a/service.te b/service.te
index bac387f..70bb34c 100644
--- a/service.te
+++ b/service.te

@@ -11,6 +11,7 @@
 type radio_service,             service_manager_type;
 type surfaceflinger_service,    service_manager_type;
 type system_app_service,        service_manager_type;
+type update_engine_service,     service_manager_type;
 
 # system_server_services broken down
 type accessibility_service, app_api_service, system_server_service, service_manager_type;

diff --git a/service_contexts b/service_contexts
index 85dcd3d..4116383 100644
--- a/service_contexts
+++ b/service_contexts

@@ -2,6 +2,7 @@
 account                                   u:object_r:account_service:s0
 activity                                  u:object_r:activity_service:s0
 alarm                                     u:object_r:alarm_service:s0
+android.os.IUpdateEngine                  u:object_r:update_engine_service:s0
 android.security.keystore                 u:object_r:keystore_service:s0
 android.service.gatekeeper.IGateKeeperService    u:object_r:gatekeeper_service:s0
 appops                                    u:object_r:appops_service:s0

diff --git a/update_engine.te b/update_engine.te
index ea7fcaf..3fbfd8a 100644
--- a/update_engine.te
+++ b/update_engine.te

@@ -26,3 +26,10 @@
 
 # Don't allow kernel module loading, just silence the logs.
 dontaudit update_engine kernel:system module_request;
+
+# Register the service to perform Binder IPC.
+binder_use(update_engine)
+allow update_engine update_engine_service:service_manager { add };
+
+# Allow update_engine to call the callback function provided by priv_app.
+binder_call(update_engine, priv_app)