Merge "Allow system app and update_engine to read OTA from /vendor" into main am: c9b15f596b am: bae983dd89
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3065885
Change-Id: Ie48b47eaf7bfe32270a6a8d1cfaf674ba66f9e0d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/contexts/plat_file_contexts_test b/contexts/plat_file_contexts_test
index 6e9a8a2..232b073 100644
--- a/contexts/plat_file_contexts_test
+++ b/contexts/plat_file_contexts_test
@@ -539,6 +539,8 @@
/vendor/priv-app/test vendor_app_file
/system/vendor/priv-app vendor_app_file
/system/vendor/priv-app/test vendor_app_file
+/vendor/boot_otas/ vendor_boot_ota_file
+/vendor/boot_otas/test vendor_boot_ota_file
/vendor/overlay vendor_overlay_file
/vendor/overlay/test vendor_overlay_file
/system/vendor/overlay vendor_overlay_file
diff --git a/private/compat/202404/202404.cil b/private/compat/202404/202404.cil
index 02bbced..ca0f459 100644
--- a/private/compat/202404/202404.cil
+++ b/private/compat/202404/202404.cil
@@ -2682,7 +2682,7 @@
(typeattributeset vendor_configs_file_202404 (vendor_configs_file))
(typeattributeset vendor_data_file_202404 (vendor_data_file))
(typeattributeset vendor_default_prop_202404 (vendor_default_prop))
-(typeattributeset vendor_file_202404 (vendor_file))
+(typeattributeset vendor_file_202404 (vendor_file vendor_boot_ota_file))
(typeattributeset vendor_framework_file_202404 (vendor_framework_file))
(typeattributeset vendor_hal_file_202404 (vendor_hal_file))
(typeattributeset vendor_idc_file_202404 (vendor_idc_file))
diff --git a/private/domain.te b/private/domain.te
index 60e61a4..53bcdcf 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -2036,6 +2036,7 @@
-vendor_app_file
-vendor_apex_file
-vendor_apex_metadata_file
+ -vendor_boot_ota_file
-vendor_configs_file
-vendor_microdroid_file
-vendor_service_contexts_file
diff --git a/private/file_contexts b/private/file_contexts
index c72d752..b82b4f0 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -437,6 +437,8 @@
/(vendor|system/vendor)/etc/aconfig(/.*)? u:object_r:vendor_aconfig_storage_file:s0
+/vendor/boot_otas(/.*)? u:object_r:vendor_boot_ota_file:s0
+
# HAL location
/(vendor|system/vendor)/lib(64)?/hw u:object_r:vendor_hal_file:s0
diff --git a/private/system_app.te b/private/system_app.te
index af9d168..5016a40 100644
--- a/private/system_app.te
+++ b/private/system_app.te
@@ -196,3 +196,6 @@
neverallow { domain -init -system_app } adaptive_haptics_prop:property_service set;
# system_app should be the only domain writing the force l3 prop
neverallow { domain -init -system_app } drm_forcel3_prop:property_service set;
+
+allow system_app vendor_boot_ota_file:dir { r_dir_perms };
+allow system_app vendor_boot_ota_file:file { r_file_perms };
diff --git a/private/update_engine.te b/private/update_engine.te
index 6a60718..1a6d9c7 100644
--- a/private/update_engine.te
+++ b/private/update_engine.te
@@ -115,3 +115,6 @@
# Allow determining filesystems available on system.
# Needed for checking if overlayfs is enabled
allow update_engine proc_filesystems:file r_file_perms;
+
+allow update_engine vendor_boot_ota_file:dir { r_dir_perms };
+allow update_engine vendor_boot_ota_file:file { r_file_perms };
diff --git a/public/file.te b/public/file.te
index 53b5c7a..34347cb 100644
--- a/public/file.te
+++ b/public/file.te
@@ -280,6 +280,11 @@
# Files having this type should be read-only.
type vendor_microdroid_file, vendor_file_type, file_type;
+starting_at_board_api(202504, `
+ # boot otas for 16KB developer option
+ type vendor_boot_ota_file, vendor_file_type, file_type;
+')
+
# Input configuration
type vendor_keylayout_file, vendor_file_type, file_type;
type vendor_keychars_file, vendor_file_type, file_type;