sepolicy: Add policy for migrate_legacy_obb_data.sh

.. and let installd execute it. Required to migrate legacy obb contents Bug: 129167772 Test: make Change-Id: I35d35016680379e3a9363408704ee890a78a9748
2019-05-17 15:05:18 +01:00 · 2019-05-17 15:05:18 +01:00 · 0574e4cdab
commit 0574e4cdab
parent ab2e89a695
8 changed files with 52 additions and 0 deletions
--- a/prebuilts/api/29.0/private/domain.te
+++ b/prebuilts/api/29.0/private/domain.te
@ -257,6 +257,7 @@ define(`dac_override_allowed', `{
  install_recovery
  userdebug_or_eng(`llkd')
  lmkd
+  migrate_legacy_obb_data
  netd
  perfprofd
  postinstall_dexopt
--- a/prebuilts/api/29.0/private/file_contexts
+++ b/prebuilts/api/29.0/private/file_contexts
@ -326,6 +326,7 @@
 /system/bin/gsid                 u:object_r:gsid_exec:s0
 /system/bin/simpleperf_app_runner    u:object_r:simpleperf_app_runner_exec:s0
 /system/bin/notify_traceur\.sh       u:object_r:notify_traceur_exec:s0
+/system/bin/migrate_legacy_obb_data\.sh u:object_r:migrate_legacy_obb_data_exec:s0

 #############################
 # Vendor files
--- a/prebuilts/api/29.0/private/installd.te
+++ b/prebuilts/api/29.0/private/installd.te
@ -17,6 +17,10 @@ domain_auto_trans(installd, profman_exec, profman)
 # Run idmap in its own sandbox.
 domain_auto_trans(installd, idmap_exec, idmap)

+# Run migrate_legacy_obb_data.sh in its own sandbox.
+domain_auto_trans(installd, migrate_legacy_obb_data_exec, migrate_legacy_obb_data)
+allow installd shell_exec:file rx_file_perms;
+
 # Create /data/.layout_version.* file
 type_transition installd system_data_file:file install_data_file;

--- a/prebuilts/api/29.0/private/migrate_legacy_obb_data.te
+++ b/prebuilts/api/29.0/private/migrate_legacy_obb_data.te
@ -0,0 +1,20 @@
+type migrate_legacy_obb_data, domain, coredomain;
+type migrate_legacy_obb_data_exec, system_file_type, exec_type, file_type;
+
+allow migrate_legacy_obb_data media_rw_data_file:dir create_dir_perms;
+allow migrate_legacy_obb_data media_rw_data_file:file create_file_perms;
+
+allow migrate_legacy_obb_data shell_exec:file rx_file_perms;
+
+allow migrate_legacy_obb_data toolbox_exec:file rx_file_perms;
+
+allow migrate_legacy_obb_data self:capability { chown dac_override dac_read_search fowner fsetid };
+
+# TODO: This should not be necessary. We don't deliberately hand over
+# any open file descriptors to this domain, so anything that triggers this
+# should be a candidate for O_CLOEXEC.
+allow migrate_legacy_obb_data installd:fd use;
+
+# This rule is required to let this process read /proc/{parent_pid}/mount.
+# TODO: Why is this required ?
+allow migrate_legacy_obb_data installd:file read;
--- a/private/domain.te
+++ b/private/domain.te
@ -257,6 +257,7 @@ define(`dac_override_allowed', `{
  install_recovery
  userdebug_or_eng(`llkd')
  lmkd
+  migrate_legacy_obb_data
  netd
  perfprofd
  postinstall_dexopt
--- a/private/file_contexts
+++ b/private/file_contexts
@ -326,6 +326,7 @@
 /system/bin/gsid                 u:object_r:gsid_exec:s0
 /system/bin/simpleperf_app_runner    u:object_r:simpleperf_app_runner_exec:s0
 /system/bin/notify_traceur\.sh       u:object_r:notify_traceur_exec:s0
+/system/bin/migrate_legacy_obb_data\.sh u:object_r:migrate_legacy_obb_data_exec:s0

 #############################
 # Vendor files
--- a/private/installd.te
+++ b/private/installd.te
@ -17,6 +17,10 @@ domain_auto_trans(installd, profman_exec, profman)
 # Run idmap in its own sandbox.
 domain_auto_trans(installd, idmap_exec, idmap)

+# Run migrate_legacy_obb_data.sh in its own sandbox.
+domain_auto_trans(installd, migrate_legacy_obb_data_exec, migrate_legacy_obb_data)
+allow installd shell_exec:file rx_file_perms;
+
 # Create /data/.layout_version.* file
 type_transition installd system_data_file:file install_data_file;

--- a/private/migrate_legacy_obb_data.te
+++ b/private/migrate_legacy_obb_data.te
@ -0,0 +1,20 @@
+type migrate_legacy_obb_data, domain, coredomain;
+type migrate_legacy_obb_data_exec, system_file_type, exec_type, file_type;
+
+allow migrate_legacy_obb_data media_rw_data_file:dir create_dir_perms;
+allow migrate_legacy_obb_data media_rw_data_file:file create_file_perms;
+
+allow migrate_legacy_obb_data shell_exec:file rx_file_perms;
+
+allow migrate_legacy_obb_data toolbox_exec:file rx_file_perms;
+
+allow migrate_legacy_obb_data self:capability { chown dac_override dac_read_search fowner fsetid };
+
+# TODO: This should not be necessary. We don't deliberately hand over
+# any open file descriptors to this domain, so anything that triggers this
+# should be a candidate for O_CLOEXEC.
+allow migrate_legacy_obb_data installd:fd use;
+
+# This rule is required to let this process read /proc/{parent_pid}/mount.
+# TODO: Why is this required ?
+allow migrate_legacy_obb_data installd:file read;