Blame - private/surfaceflinger.te - android_system_sepolicy

blob: c50faef31feb66d07123700c1a2b4a275476ac99 [file] [log] [blame]

Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	1	# surfaceflinger - display compositor service
				2
Alex Klyubin	f5446eb	2017-03-23 14:27:32 -0700	[diff] [blame]	3	typeattribute surfaceflinger coredomain;
				4
Nick Kralevich	5e37271	2018-09-27 10:21:37 -0700	[diff] [blame]	5	type surfaceflinger_exec, system_file_type, exec_type, file_type;
dcashman	cc39f63	2016-07-22 13:13:11 -0700	[diff] [blame]	6	init_daemon_domain(surfaceflinger)
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	7
				8	typeattribute surfaceflinger mlstrustedsubject;
Steven Moreland	e8ab002	2017-05-16 17:43:52 -0700	[diff] [blame]	9	typeattribute surfaceflinger display_service_server;
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	10
				11	read_runtime_log_tags(surfaceflinger)
				12
				13	# Perform HwBinder IPC.
Alex Klyubin	9e6b24c	2017-03-16 18:48:40 -0700	[diff] [blame]	14	hal_client_domain(surfaceflinger, hal_graphics_allocator)
Alex Klyubin	9e6b24c	2017-03-16 18:48:40 -0700	[diff] [blame]	15	hal_client_domain(surfaceflinger, hal_graphics_composer)
Pawin Vongmasa	ff2dcca	2018-06-29 17:02:23 -0700	[diff] [blame]	16	hal_client_domain(surfaceflinger, hal_omx)
Alex Klyubin	9e6b24c	2017-03-16 18:48:40 -0700	[diff] [blame]	17	hal_client_domain(surfaceflinger, hal_configstore)
Peiyong Lin	02be597	2018-06-22 10:37:10 -0700	[diff] [blame]	18	hal_client_domain(surfaceflinger, hal_power)
Alex Klyubin	53656c1	2017-04-13 19:05:27 -0700	[diff] [blame]	19	allow surfaceflinger hidl_token_hwservice:hwservice_manager find;
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	20
				21	# Perform Binder IPC.
				22	binder_use(surfaceflinger)
				23	binder_call(surfaceflinger, binderservicedomain)
				24	binder_call(surfaceflinger, appdomain)
				25	binder_call(surfaceflinger, bootanim)
				26	binder_service(surfaceflinger)
				27
				28	# Binder IPC to bu, presently runs in adbd domain.
				29	binder_call(surfaceflinger, adbd)
				30
				31	# Read /proc/pid files for Binder clients.
				32	r_dir_file(surfaceflinger, binderservicedomain)
				33	r_dir_file(surfaceflinger, appdomain)
				34
				35	# Access the GPU.
				36	allow surfaceflinger gpu_device:chr_file rw_file_perms;
				37
				38	# Access /dev/graphics/fb0.
				39	allow surfaceflinger graphics_device:dir search;
				40	allow surfaceflinger graphics_device:chr_file rw_file_perms;
				41
				42	# Access /dev/video1.
				43	allow surfaceflinger video_device:dir r_dir_perms;
				44	allow surfaceflinger video_device:chr_file rw_file_perms;
				45
				46	# Create and use netlink kobject uevent sockets.
				47	allow surfaceflinger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
				48
				49	# Set properties.
				50	set_prop(surfaceflinger, system_prop)
Jaekyun Seok	e497145	2017-10-19 16:54:49 +0900	[diff] [blame]	51	set_prop(surfaceflinger, exported_system_prop)
				52	set_prop(surfaceflinger, exported2_system_prop)
				53	set_prop(surfaceflinger, exported3_system_prop)
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	54	set_prop(surfaceflinger, ctl_bootanim_prop)
				55
				56	# Use open files supplied by an app.
				57	allow surfaceflinger appdomain:fd use;
Nick Kralevich	23c9d91	2018-08-02 15:54:23 -0700	[diff] [blame]	58	allow surfaceflinger { app_data_file privapp_data_file }:file { read write };
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	59
Vishnu Nair	2d6942d	2017-11-17 08:23:32 -0800	[diff] [blame]	60	# Allow writing surface traces to /data/misc/wmtrace.
				61	userdebug_or_eng(`
				62	allow surfaceflinger wm_trace_data_file:dir rw_dir_perms;
				63	allow surfaceflinger wm_trace_data_file:file { getattr setattr create w_file_perms };
				64	')
				65
Chris Forbes	676003c	2017-04-28 10:10:36 -0700	[diff] [blame]	66	# Use socket supplied by adbd, for cmd gpu vkjson etc.
				67	allow surfaceflinger adbd:unix_stream_socket { read write getattr };
				68
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	69	# Allow a dumpstate triggered screenshot
				70	binder_call(surfaceflinger, dumpstate)
				71	binder_call(surfaceflinger, shell)
				72	r_dir_file(surfaceflinger, dumpstate)
				73
				74	# Needed on some devices for playing DRM protected content,
				75	# but seems expected and appropriate for all devices.
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	76	allow surfaceflinger tee_device:chr_file rw_file_perms;
				77
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	78	# media.player service
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	79
				80	# do not use add_service() as hal_graphics_composer_default may be the
				81	# provider as well
				82	#add_service(surfaceflinger, surfaceflinger_service)
				83	allow surfaceflinger surfaceflinger_service:service_manager { add find };
				84
Steven Thomas	7bec967	2018-07-13 17:17:01 -0700	[diff] [blame]	85	add_service(surfaceflinger, vrflinger_vsync_service)
				86
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	87	allow surfaceflinger mediaserver_service:service_manager find;
				88	allow surfaceflinger permission_service:service_manager find;
				89	allow surfaceflinger power_service:service_manager find;
Jeff Vander Stoep	8bf3b7a	2017-02-10 13:33:56 -0800	[diff] [blame]	90	allow surfaceflinger vr_manager_service:service_manager find;
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	91	allow surfaceflinger window_service:service_manager find;
Robert Carr	a49b27a	2018-11-16 13:32:58 -0800	[diff] [blame^]	92	allow surfaceflinger inputflinger_service:service_manager find;
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	93
Jeff Vander Stoep	8bf3b7a	2017-02-10 13:33:56 -0800	[diff] [blame]	94
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	95	# allow self to set SCHED_FIFO
Benjamin Gordon	9b2e0cb	2017-11-09 15:51:26 -0700	[diff] [blame]	96	allow surfaceflinger self:global_capability_class_set sys_nice;
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	97	allow surfaceflinger proc_meminfo:file r_file_perms;
				98	r_dir_file(surfaceflinger, cgroup)
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	99	r_dir_file(surfaceflinger, system_file)
				100	allow surfaceflinger tmpfs:dir r_dir_perms;
				101	allow surfaceflinger system_server:fd use;
Robert Carr	a49b27a	2018-11-16 13:32:58 -0800	[diff] [blame^]	102	allow surfaceflinger system_server:unix_stream_socket { read write };
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	103	allow surfaceflinger ion_device:chr_file r_file_perms;
				104
Nick Bray	084faf0	2017-02-09 15:15:11 -0800	[diff] [blame]	105	# pdx IPC
Alex Vakulenko	41daa7f	2017-05-01 13:01:44 -0700	[diff] [blame]	106	pdx_server(surfaceflinger, display_client)
				107	pdx_server(surfaceflinger, display_manager)
				108	pdx_server(surfaceflinger, display_screenshot)
				109	pdx_server(surfaceflinger, display_vsync)
Nick Bray	084faf0	2017-02-09 15:15:11 -0800	[diff] [blame]	110
Alex Vakulenko	41daa7f	2017-05-01 13:01:44 -0700	[diff] [blame]	111	pdx_client(surfaceflinger, bufferhub_client)
				112	pdx_client(surfaceflinger, performance_client)
Nick Bray	084faf0	2017-02-09 15:15:11 -0800	[diff] [blame]	113
Alex Klyubin	5d30beb	2017-02-07 10:05:07 -0800	[diff] [blame]	114	###
				115	### Neverallow rules
				116	###
				117	### surfaceflinger should NEVER do any of this
				118
				119	# Do not allow accessing SDcard files as unsafe ejection could
				120	# cause the kernel to kill the process.
				121	neverallow surfaceflinger sdcard_type:file rw_file_perms;
Joel Galenson	f7ec413	2018-02-14 16:32:28 -0800	[diff] [blame]	122
				123	# b/68864350
				124	dontaudit surfaceflinger unlabeled:dir search;