Blame - private/surfaceflinger.te - android_system_sepolicy

blob: cf709df3188ed0c34425b4f56d47e7c165c857f2 [file] [log] [blame]

Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	1	# surfaceflinger - display compositor service
				2
Alex Klyubin	f5446eb	2017-03-23 14:27:32 -0700	[diff] [blame]	3	typeattribute surfaceflinger coredomain;
				4
Nick Kralevich	5e37271	2018-09-27 10:21:37 -0700	[diff] [blame]	5	type surfaceflinger_exec, system_file_type, exec_type, file_type;
dcashman	cc39f63	2016-07-22 13:13:11 -0700	[diff] [blame]	6	init_daemon_domain(surfaceflinger)
Jeff Vander Stoep	9f5d0d9	2019-01-29 14:43:45 -0800	[diff] [blame]	7	tmpfs_domain(surfaceflinger)
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	8
				9	typeattribute surfaceflinger mlstrustedsubject;
Steven Moreland	e8ab002	2017-05-16 17:43:52 -0700	[diff] [blame]	10	typeattribute surfaceflinger display_service_server;
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	11
				12	read_runtime_log_tags(surfaceflinger)
				13
				14	# Perform HwBinder IPC.
Alex Klyubin	9e6b24c	2017-03-16 18:48:40 -0700	[diff] [blame]	15	hal_client_domain(surfaceflinger, hal_graphics_allocator)
Alex Klyubin	9e6b24c	2017-03-16 18:48:40 -0700	[diff] [blame]	16	hal_client_domain(surfaceflinger, hal_graphics_composer)
Jeff Vander Stoep	9f5d0d9	2019-01-29 14:43:45 -0800	[diff] [blame]	17	typeattribute surfaceflinger_tmpfs hal_graphics_composer_client_tmpfs;
Pawin Vongmasa	609c243	2019-04-30 05:09:28 -0700	[diff] [blame]	18	hal_client_domain(surfaceflinger, hal_codec2)
Pawin Vongmasa	ff2dcca	2018-06-29 17:02:23 -0700	[diff] [blame]	19	hal_client_domain(surfaceflinger, hal_omx)
Alex Klyubin	9e6b24c	2017-03-16 18:48:40 -0700	[diff] [blame]	20	hal_client_domain(surfaceflinger, hal_configstore)
Peiyong Lin	02be597	2018-06-22 10:37:10 -0700	[diff] [blame]	21	hal_client_domain(surfaceflinger, hal_power)
Jiwen 'Steve' Cai	2177320	2019-01-15 11:32:39 -0800	[diff] [blame]	22	hal_client_domain(surfaceflinger, hal_bufferhub)
Alex Klyubin	53656c1	2017-04-13 19:05:27 -0700	[diff] [blame]	23	allow surfaceflinger hidl_token_hwservice:hwservice_manager find;
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	24
				25	# Perform Binder IPC.
				26	binder_use(surfaceflinger)
				27	binder_call(surfaceflinger, binderservicedomain)
				28	binder_call(surfaceflinger, appdomain)
				29	binder_call(surfaceflinger, bootanim)
Jeffrey Huang	225850b	2020-02-04 16:58:57 -0800	[diff] [blame]	30	binder_call(surfaceflinger, system_server);
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	31	binder_service(surfaceflinger)
				32
				33	# Binder IPC to bu, presently runs in adbd domain.
				34	binder_call(surfaceflinger, adbd)
				35
				36	# Read /proc/pid files for Binder clients.
				37	r_dir_file(surfaceflinger, binderservicedomain)
				38	r_dir_file(surfaceflinger, appdomain)
				39
				40	# Access the GPU.
				41	allow surfaceflinger gpu_device:chr_file rw_file_perms;
				42
				43	# Access /dev/graphics/fb0.
				44	allow surfaceflinger graphics_device:dir search;
				45	allow surfaceflinger graphics_device:chr_file rw_file_perms;
				46
				47	# Access /dev/video1.
				48	allow surfaceflinger video_device:dir r_dir_perms;
				49	allow surfaceflinger video_device:chr_file rw_file_perms;
				50
				51	# Create and use netlink kobject uevent sockets.
				52	allow surfaceflinger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
				53
				54	# Set properties.
				55	set_prop(surfaceflinger, system_prop)
Jaekyun Seok	e497145	2017-10-19 16:54:49 +0900	[diff] [blame]	56	set_prop(surfaceflinger, exported_system_prop)
				57	set_prop(surfaceflinger, exported2_system_prop)
				58	set_prop(surfaceflinger, exported3_system_prop)
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	59	set_prop(surfaceflinger, ctl_bootanim_prop)
				60
				61	# Use open files supplied by an app.
				62	allow surfaceflinger appdomain:fd use;
Nick Kralevich	23c9d91	2018-08-02 15:54:23 -0700	[diff] [blame]	63	allow surfaceflinger { app_data_file privapp_data_file }:file { read write };
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	64
Vishnu Nair	2d6942d	2017-11-17 08:23:32 -0800	[diff] [blame]	65	# Allow writing surface traces to /data/misc/wmtrace.
				66	userdebug_or_eng(`
				67	allow surfaceflinger wm_trace_data_file:dir rw_dir_perms;
				68	allow surfaceflinger wm_trace_data_file:file { getattr setattr create w_file_perms };
				69	')
				70
Mikael Pessa	c97ea91	2019-07-01 09:22:59 -0700	[diff] [blame]	71	# Needed to register as a Perfetto producer.
Florian Mayer	5e52281	2019-10-08 16:15:14 +0100	[diff] [blame]	72	perfetto_producer(surfaceflinger)
Mikael Pessa	c97ea91	2019-07-01 09:22:59 -0700	[diff] [blame]	73
Chris Forbes	676003c	2017-04-28 10:10:36 -0700	[diff] [blame]	74	# Use socket supplied by adbd, for cmd gpu vkjson etc.
				75	allow surfaceflinger adbd:unix_stream_socket { read write getattr };
				76
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	77	# Allow a dumpstate triggered screenshot
				78	binder_call(surfaceflinger, dumpstate)
				79	binder_call(surfaceflinger, shell)
				80	r_dir_file(surfaceflinger, dumpstate)
				81
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	82	# media.player service
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	83
				84	# do not use add_service() as hal_graphics_composer_default may be the
				85	# provider as well
				86	#add_service(surfaceflinger, surfaceflinger_service)
				87	allow surfaceflinger surfaceflinger_service:service_manager { add find };
				88
Steven Thomas	7bec967	2018-07-13 17:17:01 -0700	[diff] [blame]	89	add_service(surfaceflinger, vrflinger_vsync_service)
				90
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	91	allow surfaceflinger mediaserver_service:service_manager find;
				92	allow surfaceflinger permission_service:service_manager find;
				93	allow surfaceflinger power_service:service_manager find;
Jeff Vander Stoep	8bf3b7a	2017-02-10 13:33:56 -0800	[diff] [blame]	94	allow surfaceflinger vr_manager_service:service_manager find;
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	95	allow surfaceflinger window_service:service_manager find;
Robert Carr	a49b27a	2018-11-16 13:32:58 -0800	[diff] [blame]	96	allow surfaceflinger inputflinger_service:service_manager find;
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	97
Jeff Vander Stoep	8bf3b7a	2017-02-10 13:33:56 -0800	[diff] [blame]	98
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	99	# allow self to set SCHED_FIFO
Benjamin Gordon	9b2e0cb	2017-11-09 15:51:26 -0700	[diff] [blame]	100	allow surfaceflinger self:global_capability_class_set sys_nice;
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	101	allow surfaceflinger proc_meminfo:file r_file_perms;
				102	r_dir_file(surfaceflinger, cgroup)
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	103	r_dir_file(surfaceflinger, system_file)
				104	allow surfaceflinger tmpfs:dir r_dir_perms;
				105	allow surfaceflinger system_server:fd use;
Robert Carr	a49b27a	2018-11-16 13:32:58 -0800	[diff] [blame]	106	allow surfaceflinger system_server:unix_stream_socket { read write };
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	107	allow surfaceflinger ion_device:chr_file r_file_perms;
				108
Nick Bray	084faf0	2017-02-09 15:15:11 -0800	[diff] [blame]	109	# pdx IPC
Alex Vakulenko	41daa7f	2017-05-01 13:01:44 -0700	[diff] [blame]	110	pdx_server(surfaceflinger, display_client)
				111	pdx_server(surfaceflinger, display_manager)
				112	pdx_server(surfaceflinger, display_screenshot)
				113	pdx_server(surfaceflinger, display_vsync)
Nick Bray	084faf0	2017-02-09 15:15:11 -0800	[diff] [blame]	114
Alex Vakulenko	41daa7f	2017-05-01 13:01:44 -0700	[diff] [blame]	115	pdx_client(surfaceflinger, bufferhub_client)
				116	pdx_client(surfaceflinger, performance_client)
Nick Bray	084faf0	2017-02-09 15:15:11 -0800	[diff] [blame]	117
Alec Mouri	f5df7b4	2019-09-23 18:45:05 -0700	[diff] [blame]	118	# Allow supplying timestats statistics to statsd
				119	allow surfaceflinger stats_service:service_manager find;
Jeffrey Huang	225850b	2020-02-04 16:58:57 -0800	[diff] [blame]	120	allow surfaceflinger statsmanager_service:service_manager find;
				121	# TODO(146461633): remove this once native pullers talk to StatsManagerService
Alec Mouri	f5df7b4	2019-09-23 18:45:05 -0700	[diff] [blame]	122	binder_call(surfaceflinger, statsd);
				123
Alec Mouri	b254ff2	2020-02-07 13:41:06 -0800	[diff] [blame]	124	# Allow pushing jank event atoms to statsd
				125	userdebug_or_eng(`
				126	unix_socket_send(surfaceflinger, statsdw, statsd)
				127	')
				128
Jeff Vander Stoep	67896ee	2020-04-02 13:36:17 +0200	[diff] [blame^]	129	# Surfaceflinger should not be reading default vendor-defined properties.
				130	dontaudit surfaceflinger vendor_default_prop:file read;
				131
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	132	###
				133	### Neverallow rules
				134	###
				135	### surfaceflinger should NEVER do any of this
				136
				137	# Do not allow accessing SDcard files as unsafe ejection could
				138	# cause the kernel to kill the process.
				139	neverallow surfaceflinger sdcard_type:file rw_file_perms;
Joel Galenson	f7ec413	2018-02-14 16:32:28 -0800	[diff] [blame]	140
				141	# b/68864350
				142	dontaudit surfaceflinger unlabeled:dir search;