PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bootstat: enhance last reboot reason property with file backing

Browse Source 
Helps with support of recovery and rollback boot reason history, by
also using /metadata/bootstat/persist.sys.boot.reason to file the
reboot reason.  For now, label this file metadata_bootstat_file.

Test: manual
Bug: 129007837
Change-Id: Id1d21c404067414847bef14a0c43f70cafe1a3e2
This commit is contained in:
Mark Salyzyn 2019-05-23 12:49:42 -07:00
parent 1d896ff5e5
commit 79f9ca6789
8 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
private/compat/26.0/26.0.ignore.cil
View File

@ -118,6 +118,7 @@
mediaswcodec_tmpfs
mediaextractor_update_service
mediaprovider_tmpfs
metadata_bootstat_file
metadata_file
mnt_product_file
mnt_vendor_file

1
private/compat/27.0/27.0.ignore.cil
View File

@ -107,6 +107,7 @@
mediaswcodec
mediaswcodec_exec
mediaswcodec_tmpfs
metadata_bootstat_file
metadata_file
mnt_product_file
mnt_vendor_file

1
private/compat/28.0/28.0.ignore.cil
View File

@ -98,6 +98,7 @@
mediaswcodec
mediaswcodec_exec
mediaswcodec_tmpfs
metadata_bootstat_file
mnt_product_file
network_stack
network_stack_service

1
private/compat/29.0/29.0.ignore.cil
View File

@ -61,6 +61,7 @@
light_service
linker_prop
linkerconfig_file
metadata_bootstat_file
mnt_pass_through_file
mock_ota_prop
module_sdkextensions_prop

1
private/file_contexts
View File

@ -697,6 +697,7 @@
/metadata/gsi/ota(/.*)? u:object_r:ota_metadata_file:s0
/metadata/password_slots(/.*)? u:object_r:password_slot_metadata_file:s0
/metadata/ota(/.*)? u:object_r:ota_metadata_file:s0
/metadata/bootstat(/.*)? u:object_r:metadata_bootstat_file:s0
#############################
# asec containers

3
public/bootstat.te
View File

@ -15,6 +15,9 @@ get_prop(bootstat, boottime_prop)
set_prop(bootstat, bootloader_boot_reason_prop)
set_prop(bootstat, system_boot_reason_prop)
set_prop(bootstat, last_boot_reason_prop)
allow bootstat metadata_file:dir search;
allow bootstat metadata_bootstat_file:dir rw_dir_perms;
allow bootstat metadata_bootstat_file:file create_file_perms;
# ToDo: TBI move access for the following to a system health HAL

2
public/file.te
View File

@ -230,6 +230,8 @@ type password_slot_metadata_file, file_type;
type apex_metadata_file, file_type;
# libsnapshot files within /metadata
type ota_metadata_file, file_type;
# property files within /metadata/bootstat
type metadata_bootstat_file, file_type;
# Type for /dev/cpu_variant:.*.
type dev_cpu_variant, file_type;

2
public/init.te
View File

@ -566,6 +566,8 @@ allow init vendor_shell_exec:file execute;
# Metadata setup
allow init vold_metadata_file:dir create_dir_perms;
allow init vold_metadata_file:file getattr;
allow init metadata_bootstat_file:dir create_dir_perms;
allow init metadata_bootstat_file:file w_file_perms;
# Allow init to touch PSI monitors
allow init proc_pressure_mem:file { rw_file_perms setattr };