| Alan Stokes | 766caba | 2022-02-14 14:33:37 +0000 | [diff] [blame] | 1 | # Run by odsign to verify a CompOS signature |
| 2 | type compos_verify, domain, coredomain; |
| 3 | type compos_verify_exec, exec_type, file_type, system_file_type; |
| 4 | |
| 5 | # Start a VM |
| 6 | binder_use(compos_verify); |
| 7 | virtualizationservice_use(compos_verify); |
| 8 | |
| Alan Stokes | 1035ba1 | 2022-06-14 16:54:29 +0100 | [diff] [blame] | 9 | # Read instance image & write VM logs |
| Alan Stokes | 766caba | 2022-02-14 14:33:37 +0000 | [diff] [blame] | 10 | allow compos_verify apex_module_data_file:dir search; |
| Alan Stokes | 1035ba1 | 2022-06-14 16:54:29 +0100 | [diff] [blame] | 11 | allow compos_verify apex_compos_data_file:dir rw_dir_perms; |
| 12 | allow compos_verify apex_compos_data_file:file { rw_file_perms create }; |
| Alan Stokes | 766caba | 2022-02-14 14:33:37 +0000 | [diff] [blame] | 13 | |
| 14 | # Read CompOS info & signature files |
| 15 | allow compos_verify apex_art_data_file:dir search; |
| 16 | allow compos_verify apex_art_data_file:file r_file_perms; |
| 17 | |
| Alan Stokes | 8b80dac | 2024-05-14 16:59:51 +0100 | [diff] [blame^] | 18 | # odsign runs us with its console as our stdin/stdout/stderr. |
| 19 | # But we never use them; logs go to logcat. Suppress the useless denials. |
| 20 | dontaudit compos_verify odsign:fd use; |
| 21 | dontaudit compos_verify odsign_devpts:chr_file { read write }; |
| Alan Stokes | 766caba | 2022-02-14 14:33:37 +0000 | [diff] [blame] | 22 | |
| 23 | # Only odsign can enter the domain via exec |
| 24 | neverallow { domain -odsign } compos_verify:process transition; |
| 25 | neverallow * compos_verify:process dyntransition; |