blob: bb39e5b73fb8e0179e00d7bbe4a376df6caac810 [file] [log] [blame]
ynwang9fa88232016-06-17 15:05:10 -07001# storaged daemon
Alex Klyubinf5446eb2017-03-23 14:27:32 -07002type storaged, domain, coredomain, mlstrustedsubject;
Nick Kralevich5e372712018-09-27 10:21:37 -07003type storaged_exec, system_file_type, exec_type, file_type;
ynwang9fa88232016-06-17 15:05:10 -07004
5init_daemon_domain(storaged)
6
ynwang9fa88232016-06-17 15:05:10 -07007# Read access to pseudo filesystems
ynwange68d2d22016-07-01 12:18:54 -07008r_dir_file(storaged, domain)
ynwang9fa88232016-06-17 15:05:10 -07009
Jin Qiand3459062017-01-11 16:20:49 -080010# Read /proc/uid_io/stats
11allow storaged proc_uid_io_stats:file r_file_perms;
12
Jin Qian8ad57ef2017-01-20 20:29:13 -080013# Read /data/system/packages.list
14allow storaged system_data_file:file r_file_perms;
Florian Mayer4ab64c92019-03-19 18:14:38 +000015allow storaged packages_list_file:file r_file_perms;
Jin Qian8ad57ef2017-01-20 20:29:13 -080016
Jin Qian4b6e6732017-08-14 17:01:25 -070017# Store storaged proto file
18allow storaged storaged_data_file:dir rw_dir_perms;
19allow storaged storaged_data_file:file create_file_perms;
20
Hridya Valsaraju23f9f512021-05-04 22:01:51 -070021no_debugfs_restriction(`
22 userdebug_or_eng(`
23 # Read access to debugfs
24 allow storaged debugfs_mmc:dir search;
25 allow storaged debugfs_mmc:file r_file_perms;
26 ')
ynwange68d2d22016-07-01 12:18:54 -070027')
ynwang9fa88232016-06-17 15:05:10 -070028
Jin Qiana239f302017-03-23 12:28:20 -070029# Needed to provide debug dump output via dumpsys pipes.
30allow storaged shell:fd use;
31allow storaged shell:fifo_file write;
32
Jin Qian00a17892017-04-12 17:38:11 -070033# Needed for GMScore to call dumpsys storaged
34allow storaged priv_app:fd use;
Ashwini Oruganti7493bb52019-12-11 12:49:04 -080035# b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own domain.
36# Remove after no logs are seen for this rule.
37userdebug_or_eng(`
38 auditallow storaged priv_app:fd use;
39')
40allow storaged gmscore_app:fd use;
Nick Kralevich23c9d912018-08-02 15:54:23 -070041allow storaged { privapp_data_file app_data_file }:file write;
Jin Qian00a17892017-04-12 17:38:11 -070042allow storaged permission_service:service_manager find;
43
ynwange68d2d22016-07-01 12:18:54 -070044# Binder permissions
William Roberts606d2fd2017-01-19 13:23:52 -080045add_service(storaged, storaged_service)
Jin Qiand3459062017-01-11 16:20:49 -080046
ynwange68d2d22016-07-01 12:18:54 -070047binder_use(storaged)
48binder_call(storaged, system_server)
49
Yifan Hongb9aa0102017-09-25 19:40:59 -070050hal_client_domain(storaged, hal_health)
Jin Qian61670b82017-02-06 11:04:31 -080051
William Robertsfd8f3052017-05-03 10:26:40 -070052# Implements a dumpsys interface.
53allow storaged dumpstate:fd use;
54
Todd Kennedy8bb80472017-08-02 07:27:44 -070055# use a subset of the package manager service
56allow storaged package_native_service:service_manager find;
57
Jin Qiand3a11612017-02-22 17:27:57 -080058# Kernel does extra check on CAP_DAC_OVERRIDE for libbinder when storaged is
59# running as root. See b/35323867 #3.
Benjamin Gordon342362a2018-09-06 16:19:40 -060060dontaudit storaged self:global_capability_class_set { dac_override dac_read_search };
Jin Qiand3a11612017-02-22 17:27:57 -080061
Joel Galensonba0c2792018-03-02 14:14:44 -080062# For collecting bugreports.
63allow storaged dumpstate:fifo_file write;
64
ynwange68d2d22016-07-01 12:18:54 -070065###
66### neverallow
67###
68neverallow storaged domain:process ptrace;
Jin Qiand3a11612017-02-22 17:27:57 -080069neverallow storaged self:capability_class_set *;