Skip to content

Commit

Permalink
Allow recovery to create device nodes and modify rootfs
Browse files Browse the repository at this point in the history
tilapia's OTA code for updating the radio image needs to
create files on rootfs and create a character device in /dev.
Add an exception for recovery the the various neverallow rules
blocking this behavior.

Bug: 18281224
Change-Id: I5c57afe0a10b4598fea17f9c5c833bd39551907e
  • Loading branch information
nickkral authored and The Android Automerger committed Nov 7, 2014
1 parent 73a2b73 commit 296b3f5
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions domain.te
Original file line number Diff line number Diff line change
Expand Up @@ -255,7 +255,7 @@ neverallow { domain -kernel -init -recovery -vold -uncrypt -install_recovery } b
# Don't allow raw read/write/open access to generic devices.
# Rather force a relabel to a more specific type.
# ueventd is exempt from this, as its managing these devices.
neverallow { domain -unconfineddomain -ueventd } device:chr_file { open read write };
neverallow { domain -unconfineddomain -ueventd -recovery } device:chr_file { open read write };

# Limit what domains can mount filesystems or change their mount flags.
# sdcard_type / vfat is exempt as a larger set of domains need
Expand Down Expand Up @@ -290,7 +290,7 @@ neverallow { domain -recovery } { system_file exec_type }:dir_file_class_set
{ create write setattr relabelfrom relabelto append unlink link rename };

# Nothing should be writing to files in the rootfs.
neverallow domain rootfs:file { create write setattr relabelto append unlink link rename };
neverallow { domain -recovery } rootfs:file { create write setattr relabelto append unlink link rename };

# Restrict context mounts to specific types marked with
# the contextmount_type attribute.
Expand Down

0 comments on commit 296b3f5

Please sign in to comment.