android_system_sepolicy/public/fastbootd.te

# fastbootd (used in recovery init.rc for /sbin/fastbootd)

# Declare the domain unconditionally so we can always reference it
# in neverallow rules.
type fastbootd, domain;

# But the allow rules are only included in the recovery policy.
# Otherwise fastbootd is only allowed the domain rules.
recovery_only(`
  # fastbootd can only use HALs in passthrough mode
  passthrough_hal_client_domain(fastbootd, hal_bootctl)

  # Access /dev/usb-ffs/fastbootd/ep0
  allow fastbootd functionfs:dir search;
  allow fastbootd functionfs:file rw_file_perms;

  # Log to serial
  allow fastbootd kmsg_device:chr_file { open write };

  # battery info
  allow fastbootd sysfs_batteryinfo:file r_file_perms;

  allow fastbootd device:dir r_dir_perms;

  # Reboot the device
  set_prop(fastbootd, powerctl_prop)

  # Read serial number of the device from system properties
  get_prop(fastbootd, serialno_prop)

  # Set sys.usb.ffs.ready.
  set_prop(fastbootd, ffs_prop)
  set_prop(fastbootd, exported_ffs_prop)

  unix_socket_connect(fastbootd, recovery, recovery)

  # Required for flashing
  allow fastbootd dm_device:chr_file rw_file_perms;
  allow fastbootd dm_device:blk_file rw_file_perms;

  allow fastbootd super_block_device:blk_file rw_file_perms;
  allow fastbootd system_block_device:blk_file rw_file_perms;
  allow fastbootd boot_block_device:blk_file rw_file_perms;

  allow fastbootd misc_block_device:blk_file rw_file_perms;

  # Required to wipe userdata
  allow fastbootd userdata_block_device:blk_file { w_file_perms getattr ioctl };
  allowxperm fastbootd userdata_block_device:blk_file ioctl { BLKGETSIZE64 BLKSECDISCARD
                                                              BLKDISCARD };

  allow fastbootd proc_cmdline:file r_file_perms;
  allow fastbootd rootfs:dir r_dir_perms;
  allow fastbootd sysfs_dt_firmware_android:file r_file_perms;
')

###
### neverallow rules
###

# Write permission is required to wipe userdata
# until recovery supports vold.
neverallow fastbootd {
   data_file_type
}:file { no_x_file_perms };
Add sepolicy for fastbootd Also allow adb and fastboot to talk to recovery through recovery_socket. This enables changing between modes with usb commands. Test: No selinux denials Bug: 78793464 Change-Id: I80c54d4eaf3b94a1fe26d2280af4e57cb1593790 2018-05-29 10:54:16 -07:00			`# fastbootd (used in recovery init.rc for /sbin/fastbootd)`

			`# Declare the domain unconditionally so we can always reference it`
			`# in neverallow rules.`
			`type fastbootd, domain;`

			`# But the allow rules are only included in the recovery policy.`
			`# Otherwise fastbootd is only allowed the domain rules.`
			recovery_only(`
			`# fastbootd can only use HALs in passthrough mode`
			`passthrough_hal_client_domain(fastbootd, hal_bootctl)`

			`# Access /dev/usb-ffs/fastbootd/ep0`
			`allow fastbootd functionfs:dir search;`
			`allow fastbootd functionfs:file rw_file_perms;`

			`# Log to serial`
			`allow fastbootd kmsg_device:chr_file { open write };`

			`# battery info`
			`allow fastbootd sysfs_batteryinfo:file r_file_perms;`

			`allow fastbootd device:dir r_dir_perms;`

			`# Reboot the device`
			`set_prop(fastbootd, powerctl_prop)`

			`# Read serial number of the device from system properties`
			`get_prop(fastbootd, serialno_prop)`

			`# Set sys.usb.ffs.ready.`
			`set_prop(fastbootd, ffs_prop)`
			`set_prop(fastbootd, exported_ffs_prop)`

			`unix_socket_connect(fastbootd, recovery, recovery)`

			`# Required for flashing`
			`allow fastbootd dm_device:chr_file rw_file_perms;`
			`allow fastbootd dm_device:blk_file rw_file_perms;`

Define 'super_block_device' type Bug: 78793464 Test: fastboot getvar partition-size:super 'super_block_device' corresponds to the super partition required for flashing dynamic partitions. Change-Id: I323634b6797ead7c5face117a7028bf9ab947aea 2018-08-17 11:07:09 -07:00			`allow fastbootd super_block_device:blk_file rw_file_perms;`
Add sepolicy for fastbootd Also allow adb and fastboot to talk to recovery through recovery_socket. This enables changing between modes with usb commands. Test: No selinux denials Bug: 78793464 Change-Id: I80c54d4eaf3b94a1fe26d2280af4e57cb1593790 2018-05-29 10:54:16 -07:00			`allow fastbootd system_block_device:blk_file rw_file_perms;`
			`allow fastbootd boot_block_device:blk_file rw_file_perms;`

			`allow fastbootd misc_block_device:blk_file rw_file_perms;`

Allow fastbootd to wipe userdata. This is needed for flashall -w to wipe userdata. Bug: 113648914 Test: fastboot erase userdata Change-Id: I7e89cf885c9a67c78de67b79ed16af7e50104bf7 2018-09-04 15:25:26 -07:00			`# Required to wipe userdata`
			`allow fastbootd userdata_block_device:blk_file { w_file_perms getattr ioctl };`
			`allowxperm fastbootd userdata_block_device:blk_file ioctl { BLKGETSIZE64 BLKSECDISCARD`
			`BLKDISCARD };`

Add sepolicy for fastbootd Also allow adb and fastboot to talk to recovery through recovery_socket. This enables changing between modes with usb commands. Test: No selinux denials Bug: 78793464 Change-Id: I80c54d4eaf3b94a1fe26d2280af4e57cb1593790 2018-05-29 10:54:16 -07:00			`allow fastbootd proc_cmdline:file r_file_perms;`
			`allow fastbootd rootfs:dir r_dir_perms;`
			`allow fastbootd sysfs_dt_firmware_android:file r_file_perms;`
			`')`

			`###`
			`### neverallow rules`
			`###`

			`# Write permission is required to wipe userdata`
			`# until recovery supports vold.`
			`neverallow fastbootd {`
			`data_file_type`
			`}:file { no_x_file_perms };`