• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# fastbootd (used in recovery init.rc for /sbin/fastbootd)
2
3# Declare the domain unconditionally so we can always reference it
4# in neverallow rules.
5type fastbootd, domain;
6
7# But the allow rules are only included in the recovery policy.
8# Otherwise fastbootd is only allowed the domain rules.
9recovery_only(`
10  # fastbootd can only use HALs in passthrough mode
11  passthrough_hal_client_domain(fastbootd, hal_bootctl)
12
13  # fastbootd can use AIDL HALs in binder mode
14  binder_use(fastbootd)
15  hal_client_domain(fastbootd, hal_health)
16
17  # Access /dev/usb-ffs/fastbootd/ep0
18  allow fastbootd functionfs:dir search;
19  allow fastbootd functionfs:file rw_file_perms;
20
21  allowxperm fastbootd functionfs:file ioctl { FUNCTIONFS_ENDPOINT_DESC };
22  # Log to serial
23  allow fastbootd kmsg_device:chr_file { open getattr write };
24
25  # battery info
26  allow fastbootd sysfs_batteryinfo:file r_file_perms;
27
28  allow fastbootd device:dir r_dir_perms;
29
30  # For dev/block/by-name dir
31  allow fastbootd block_device:dir r_dir_perms;
32
33  # Needed for DM_DEV_CREATE ioctl call
34  allow fastbootd self:capability sys_admin;
35
36  unix_socket_connect(fastbootd, recovery, recovery)
37
38  # Required for flashing
39  allow fastbootd dm_device:chr_file rw_file_perms;
40  allow fastbootd dm_device:blk_file rw_file_perms;
41
42  allow fastbootd cache_block_device:blk_file rw_file_perms;
43  allow fastbootd super_block_device_type:blk_file rw_file_perms;
44  allow fastbootd {
45    boot_block_device
46    metadata_block_device
47    system_block_device
48    userdata_block_device
49  }:blk_file { w_file_perms getattr ioctl };
50
51  # For disabling/wiping GSI, and for modifying/deleting files created via
52  # libfiemap.
53  allow fastbootd metadata_block_device:blk_file r_file_perms;
54  allow fastbootd {rootfs tmpfs}:dir mounton;
55  allow fastbootd metadata_file:dir { search getattr mounton };
56  allow fastbootd gsi_metadata_file_type:dir rw_dir_perms;
57  allow fastbootd gsi_metadata_file_type:file create_file_perms;
58
59  allowxperm fastbootd super_block_device_type:blk_file ioctl { BLKIOMIN BLKALIGNOFF };
60
61  allowxperm fastbootd {
62    metadata_block_device
63    userdata_block_device
64    dm_device
65    cache_block_device
66  }:blk_file ioctl { BLKSECDISCARD BLKDISCARD };
67
68  allow fastbootd misc_block_device:blk_file rw_file_perms;
69
70  allow fastbootd proc_cmdline:file r_file_perms;
71  allow fastbootd rootfs:dir r_dir_perms;
72
73  # Needed to read fstab node from device tree.
74  allow fastbootd sysfs_dt_firmware_android:file r_file_perms;
75  allow fastbootd sysfs_dt_firmware_android:dir r_dir_perms;
76
77  # Needed because libdm reads sysfs to validate when a dm path is ready.
78  r_dir_file(fastbootd, sysfs_dm)
79
80  # Needed for realpath() call to resolve symlinks.
81  allow fastbootd block_device:dir getattr;
82  userdebug_or_eng(`
83    # Refined manipulation of /mnt/scratch, without these perms resorts
84    # to deleting scratch partition when partition(s) are flashed.
85    allow fastbootd self:process setfscreate;
86    allow fastbootd cache_file:dir search;
87    allow fastbootd proc_filesystems:file { getattr open read };
88    allow fastbootd self:capability sys_rawio;
89    dontaudit fastbootd kernel:system module_request;
90    allowxperm fastbootd dev_type:blk_file ioctl BLKROSET;
91    allow fastbootd overlayfs_file:dir { create_dir_perms mounton };
92    allow fastbootd {
93      system_file_type
94      unlabeled
95      vendor_file_type
96    }:dir { remove_name rmdir search write };
97    allow fastbootd {
98      overlayfs_file
99      system_file_type
100      unlabeled
101      vendor_file_type
102    }:{ file lnk_file } unlink;
103    allow fastbootd tmpfs:dir rw_dir_perms;
104    # Fetch vendor_boot partition
105    allow fastbootd boot_block_device:blk_file r_file_perms;
106  ')
107
108  # Allow using libfiemap/gsid directly (no binder in recovery).
109  allow fastbootd gsi_metadata_file_type:dir search;
110  allow fastbootd ota_metadata_file:dir rw_dir_perms;
111  allow fastbootd ota_metadata_file:file create_file_perms;
112')
113
114###
115### neverallow rules
116###
117
118# Write permission is required to wipe userdata
119# until recovery supports vold.
120neverallow fastbootd {
121   data_file_type
122}:file { no_x_file_perms };
123