From 1c8464e1365950538e9e4647a4f220910f79ab1e Mon Sep 17 00:00:00 2001 From: rpcraig Date: Tue, 4 Dec 2012 08:13:58 -0500 Subject: [PATCH] App data backup security policy. Policy covers: * backup_data_file type for labeling all files/dirs under /data dealing with backup mechanism. * cache_backup_file type for labeling all files/dirs under /cache dealing with backup mechanism. This also covers the the use of LocalTransport for local archive and restore testing. * the use of 'adb shell bmgr' to initiate backup mechanism from shell. * the use of 'adb backup/restore' to archive and restore the device's data. Change-Id: I700a92d8addb9bb91474bc07ca4bb71eb4fc840e Signed-off-by: rpcraig --- app.te | 7 +++++++ file.te | 5 +++++ file_contexts | 6 ++++++ system.te | 13 +++++++++++-- 4 files changed, 29 insertions(+), 2 deletions(-) diff --git a/app.te b/app.te index b3cd7ccfb..7cd8c5a2b 100644 --- a/app.te +++ b/app.te @@ -201,3 +201,10 @@ r_dir_file(appdomain, isolated_app) # are examined. allow appdomain isolated_app:unix_stream_socket { read write }; allow isolated_app appdomain:unix_stream_socket { read write }; + +# Backup ability for every app. BMS opens and passes the fd +# to any app that has backup ability. Hence, no open permissions here. +allow { appdomain isolated_app } backup_data_file:file { read write }; +allow { appdomain isolated_app } cache_backup_file:file { read write }; +# Backup ability using 'adb backup' +allow { appdomain isolated_app } system_data_file:lnk_file getattr; diff --git a/file.te b/file.te index 64c8de6b2..4dbf1c895 100644 --- a/file.te +++ b/file.te @@ -55,6 +55,9 @@ type app_data_file, file_type, data_file_type; type platform_app_data_file, file_type, data_file_type, mlstrustedobject; # Default type for anything under /cache type cache_file, file_type, mlstrustedobject; +# Type for /cache/.*\.{data|restore} and default +# type for anything under /cache/backup +type cache_backup_file, file_type, mlstrustedobject; # Default type for anything under /efs type efs_file, file_type; # Type for wallpaper file. @@ -63,6 +66,8 @@ type wallpaper_file, file_type, mlstrustedobject; type asec_apk_file, file_type, data_file_type; # /data/app-asec type asec_image_file, file_type, data_file_type; +# /data/backup and /data/secure/backup +type backup_data_file, file_type, data_file_type, mlstrustedobject; # All devices have bluetooth efs files. But they # vary per device, so this type is used in per diff --git a/file_contexts b/file_contexts index 837ee1daa..b2d253ab9 100644 --- a/file_contexts +++ b/file_contexts @@ -140,6 +140,8 @@ # Data files # /data(/.*)? u:object_r:system_data_file:s0 +/data/backup(/.*)? u:object_r:backup_data_file:s0 +/data/secure/backup(/.*)? u:object_r:backup_data_file:s0 /data/drm(/.*)? u:object_r:drm_data_file:s0 /data/gps(/.*)? u:object_r:gps_data_file:s0 /data/dalvik-cache(/.*)? u:object_r:dalvikcache_data_file:s0 @@ -170,6 +172,10 @@ # Cache files # /cache(/.*)? u:object_r:cache_file:s0 +/cache/.*\.data u:object_r:cache_backup_file:s0 +/cache/.*\.restore u:object_r:cache_backup_file:s0 +# LocalTransport (backup) uses this directory +/cache/backup(/.*)? u:object_r:cache_backup_file:s0 ############################# # sysfs files # diff --git a/system.te b/system.te index 85b43470d..3ede14a2c 100644 --- a/system.te +++ b/system.te @@ -189,8 +189,8 @@ type_transition system wifi_data_file:sock_file system_wpa_socket; allow system system_wpa_socket:sock_file create_file_perms; # Manage cache files. -allow system cache_file:dir create_dir_perms; -allow system cache_file:file create_file_perms; +allow system cache_file:dir { relabelfrom create_dir_perms }; +allow system cache_file:file { relabelfrom create_file_perms }; # Run system programs, e.g. dexopt. allow system system_file:file x_file_perms; @@ -212,3 +212,12 @@ allow system rild:unix_stream_socket connectto; # connect to vpn tunnel allow system mtp:unix_stream_socket { connectto }; + +# BackupManagerService lets PMS create a data backup file +allow system cache_backup_file:file create_file_perms; +# Relabel /data/backup +allow system backup_data_file:dir { relabelto relabelfrom }; +# Relabel /cache/.*\.{data|restore} +allow system cache_backup_file:file { relabelto relabelfrom }; +# LocalTransport creates and relabels /cache/backup +allow system cache_backup_file:dir { relabelto relabelfrom create_dir_perms };