| Alex Klyubin | f5446eb | 2017-03-23 14:27:32 -0700 | [diff] [blame] | 1 | typeattribute recovery_refresh coredomain; |
| 2 | |
| dcashman | cc39f63 | 2016-07-22 13:13:11 -0700 | [diff] [blame] | 3 | init_daemon_domain(recovery_refresh) |
| dcashman | 2e00e63 | 2016-10-12 14:58:09 -0700 | [diff] [blame] | 4 | |
| Inseob Kim | 75806ef | 2024-03-27 17:18:41 +0900 | [diff] [blame] | 5 | allow recovery_refresh pstorefs:dir search; |
| 6 | allow recovery_refresh pstorefs:file r_file_perms; |
| 7 | # NB: domain inherits write_logd which hands us write to pmsg_device |
| 8 | |
| 9 | ### |
| 10 | ### Neverallow rules |
| 11 | ### |
| 12 | ### recovery_refresh should NEVER do any of this |
| 13 | |
| 14 | # Block device access. |
| 15 | neverallow recovery_refresh dev_type:blk_file { read write }; |
| 16 | |
| 17 | # ptrace any other app |
| 18 | neverallow recovery_refresh domain:process ptrace; |
| 19 | |
| 20 | # Write to /system. |
| 21 | neverallow recovery_refresh system_file_type:dir_file_class_set write; |
| 22 | |
| 23 | # Write to files in /data/data or system files on /data |
| 24 | neverallow recovery_refresh { app_data_file_type system_data_file }:dir_file_class_set write; |
| 25 | |
| dcashman | 2e00e63 | 2016-10-12 14:58:09 -0700 | [diff] [blame] | 26 | # recovery_refresh is not allowed to write anywhere |
| Pirama Arumuga Nainar | ce9c0c5 | 2019-06-13 15:05:15 -0700 | [diff] [blame] | 27 | neverallow recovery_refresh { |
| 28 | file_type |
| 29 | userdebug_or_eng(`-coredump_file') |
| 30 | with_native_coverage(`-method_trace_data_file') |
| 31 | }:file write; |