summaryrefslogtreecommitdiff
path: root/prebuilts/api/32.0/public/fastbootd.te
diff options
context:
space:
mode:
Diffstat (limited to 'prebuilts/api/32.0/public/fastbootd.te')
-rw-r--r--prebuilts/api/32.0/public/fastbootd.te118
1 files changed, 118 insertions, 0 deletions
diff --git a/prebuilts/api/32.0/public/fastbootd.te b/prebuilts/api/32.0/public/fastbootd.te
new file mode 100644
index 000000000..e167a5e87
--- /dev/null
+++ b/prebuilts/api/32.0/public/fastbootd.te
@@ -0,0 +1,118 @@
+# fastbootd (used in recovery init.rc for /sbin/fastbootd)
+
+# Declare the domain unconditionally so we can always reference it
+# in neverallow rules.
+type fastbootd, domain;
+
+# But the allow rules are only included in the recovery policy.
+# Otherwise fastbootd is only allowed the domain rules.
+recovery_only(`
+ # fastbootd can only use HALs in passthrough mode
+ passthrough_hal_client_domain(fastbootd, hal_bootctl)
+
+ # Access /dev/usb-ffs/fastbootd/ep0
+ allow fastbootd functionfs:dir search;
+ allow fastbootd functionfs:file rw_file_perms;
+
+ allowxperm fastbootd functionfs:file ioctl { FUNCTIONFS_ENDPOINT_DESC };
+ # Log to serial
+ allow fastbootd kmsg_device:chr_file { open getattr write };
+
+ # battery info
+ allow fastbootd sysfs_batteryinfo:file r_file_perms;
+
+ allow fastbootd device:dir r_dir_perms;
+
+ # For dev/block/by-name dir
+ allow fastbootd block_device:dir r_dir_perms;
+
+ # Needed for DM_DEV_CREATE ioctl call
+ allow fastbootd self:capability sys_admin;
+
+ unix_socket_connect(fastbootd, recovery, recovery)
+
+ # Required for flashing
+ allow fastbootd dm_device:chr_file rw_file_perms;
+ allow fastbootd dm_device:blk_file rw_file_perms;
+
+ allow fastbootd cache_block_device:blk_file rw_file_perms;
+ allow fastbootd super_block_device_type:blk_file rw_file_perms;
+ allow fastbootd {
+ boot_block_device
+ metadata_block_device
+ system_block_device
+ userdata_block_device
+ }:blk_file { w_file_perms getattr ioctl };
+
+ # For disabling/wiping GSI, and for modifying/deleting files created via
+ # libfiemap.
+ allow fastbootd metadata_block_device:blk_file r_file_perms;
+ allow fastbootd {rootfs tmpfs}:dir mounton;
+ allow fastbootd metadata_file:dir { search getattr mounton };
+ allow fastbootd gsi_metadata_file_type:dir rw_dir_perms;
+ allow fastbootd gsi_metadata_file_type:file create_file_perms;
+
+ allowxperm fastbootd super_block_device_type:blk_file ioctl { BLKIOMIN BLKALIGNOFF };
+
+ allowxperm fastbootd {
+ metadata_block_device
+ userdata_block_device
+ dm_device
+ cache_block_device
+ }:blk_file ioctl { BLKSECDISCARD BLKDISCARD };
+
+ allow fastbootd misc_block_device:blk_file rw_file_perms;
+
+ allow fastbootd proc_cmdline:file r_file_perms;
+ allow fastbootd rootfs:dir r_dir_perms;
+
+ # Needed to read fstab node from device tree.
+ allow fastbootd sysfs_dt_firmware_android:file r_file_perms;
+ allow fastbootd sysfs_dt_firmware_android:dir r_dir_perms;
+
+ # Needed because libdm reads sysfs to validate when a dm path is ready.
+ r_dir_file(fastbootd, sysfs_dm)
+
+ # Needed for realpath() call to resolve symlinks.
+ allow fastbootd block_device:dir getattr;
+ userdebug_or_eng(`
+ # Refined manipulation of /mnt/scratch, without these perms resorts
+ # to deleting scratch partition when partition(s) are flashed.
+ allow fastbootd self:process setfscreate;
+ allow fastbootd cache_file:dir search;
+ allow fastbootd proc_filesystems:file { getattr open read };
+ allow fastbootd self:capability sys_rawio;
+ dontaudit fastbootd kernel:system module_request;
+ allowxperm fastbootd dev_type:blk_file ioctl BLKROSET;
+ allow fastbootd overlayfs_file:dir { create_dir_perms mounton };
+ allow fastbootd {
+ system_file_type
+ unlabeled
+ vendor_file_type
+ }:dir { remove_name rmdir search write };
+ allow fastbootd {
+ overlayfs_file
+ system_file_type
+ unlabeled
+ vendor_file_type
+ }:{ file lnk_file } unlink;
+ allow fastbootd tmpfs:dir rw_dir_perms;
+ # Fetch vendor_boot partition
+ allow fastbootd boot_block_device:blk_file r_file_perms;
+ ')
+
+ # Allow using libfiemap/gsid directly (no binder in recovery).
+ allow fastbootd gsi_metadata_file_type:dir search;
+ allow fastbootd ota_metadata_file:dir rw_dir_perms;
+ allow fastbootd ota_metadata_file:file create_file_perms;
+')
+
+###
+### neverallow rules
+###
+
+# Write permission is required to wipe userdata
+# until recovery supports vold.
+neverallow fastbootd {
+ data_file_type
+}:file { no_x_file_perms };
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 06:14:38 +0000