David Anderson | 9bae515 | 2024-09-19 20:36:11 -0700 | [diff] [blame] | 1 | ### ADB daemon common rules. |
| 2 | ### Put things here that are needed for both adbd proper and adbd in trade-in mode. |
| 3 | |
| 4 | # Connect to mdnsd via mdnsd socket. |
David Anderson | 3fce5ad | 2024-10-11 08:58:23 -0700 | [diff] [blame] | 5 | unix_socket_connect(adbd_common, mdnsd, mdnsd) |
David Anderson | 9bae515 | 2024-09-19 20:36:11 -0700 | [diff] [blame] | 6 | |
| 7 | # adbd probes for vsock support. Do not generate denials when |
| 8 | # this occurs. (b/123569840) |
David Anderson | 3fce5ad | 2024-10-11 08:58:23 -0700 | [diff] [blame] | 9 | dontaudit adbd_common self:{ socket vsock_socket } create; |
David Anderson | 9bae515 | 2024-09-19 20:36:11 -0700 | [diff] [blame] | 10 | |
| 11 | # Allow adbd inside vm to forward vm's vsock. |
David Anderson | 3fce5ad | 2024-10-11 08:58:23 -0700 | [diff] [blame] | 12 | allow adbd_common self:vsock_socket { create_socket_perms_no_ioctl listen accept }; |
David Anderson | 9bae515 | 2024-09-19 20:36:11 -0700 | [diff] [blame] | 13 | |
| 14 | # Access device logging gating property |
David Anderson | 3fce5ad | 2024-10-11 08:58:23 -0700 | [diff] [blame] | 15 | get_prop(adbd_common, device_logging_prop) |
David Anderson | 9bae515 | 2024-09-19 20:36:11 -0700 | [diff] [blame] | 16 | |
| 17 | # Use a pseudo tty. |
David Anderson | 3fce5ad | 2024-10-11 08:58:23 -0700 | [diff] [blame] | 18 | allow adbd_common devpts:chr_file rw_file_perms; |
David Anderson | 9bae515 | 2024-09-19 20:36:11 -0700 | [diff] [blame] | 19 | |
| 20 | # Read persist.adb.tls_server.enable property |
David Anderson | 3fce5ad | 2024-10-11 08:58:23 -0700 | [diff] [blame] | 21 | get_prop(adbd_common, system_adbd_prop) |
David Anderson | 9bae515 | 2024-09-19 20:36:11 -0700 | [diff] [blame] | 22 | |
| 23 | # Read whether or not Test Harness Mode is enabled |
David Anderson | 3fce5ad | 2024-10-11 08:58:23 -0700 | [diff] [blame] | 24 | get_prop(adbd_common, test_harness_prop) |
David Anderson | 9bae515 | 2024-09-19 20:36:11 -0700 | [diff] [blame] | 25 | |
| 26 | # Set service.adb.tcp.port, service.adb.tls.port, persist.adb.wifi.* properties |
David Anderson | 3fce5ad | 2024-10-11 08:58:23 -0700 | [diff] [blame] | 27 | set_prop(adbd_common, adbd_prop) |
| 28 | set_prop(adbd_common, adbd_config_prop) |
David Anderson | 9bae515 | 2024-09-19 20:36:11 -0700 | [diff] [blame] | 29 | |
| 30 | # Read device's serial number from system properties |
David Anderson | 3fce5ad | 2024-10-11 08:58:23 -0700 | [diff] [blame] | 31 | get_prop(adbd_common, serialno_prop) |