1# fastbootd (used in recovery init.rc for /sbin/fastbootd) 2 3# Declare the domain unconditionally so we can always reference it 4# in neverallow rules. 5type fastbootd, domain; 6 7# But the allow rules are only included in the recovery policy. 8# Otherwise fastbootd is only allowed the domain rules. 9recovery_only(` 10 # fastbootd can only use HALs in passthrough mode 11 passthrough_hal_client_domain(fastbootd, hal_bootctl) 12 13 # Access /dev/usb-ffs/fastbootd/ep0 14 allow fastbootd functionfs:dir search; 15 allow fastbootd functionfs:file rw_file_perms; 16 17 allowxperm fastbootd functionfs:file ioctl { FUNCTIONFS_ENDPOINT_DESC }; 18 # Log to serial 19 allow fastbootd kmsg_device:chr_file { open getattr write }; 20 21 # battery info 22 allow fastbootd sysfs_batteryinfo:file r_file_perms; 23 24 allow fastbootd device:dir r_dir_perms; 25 26 # Reboot the device 27 set_prop(fastbootd, powerctl_prop) 28 29 # Read serial number of the device from system properties 30 get_prop(fastbootd, serialno_prop) 31 32 # For dev/block/by-name dir 33 allow fastbootd block_device:dir r_dir_perms; 34 35 # Needed for DM_DEV_CREATE ioctl call 36 allow fastbootd self:capability sys_admin; 37 38 # Set sys.usb.ffs.ready. 39 set_prop(fastbootd, ffs_prop) 40 set_prop(fastbootd, exported_ffs_prop) 41 42 unix_socket_connect(fastbootd, recovery, recovery) 43 44 # Required for flashing 45 allow fastbootd dm_device:chr_file rw_file_perms; 46 allow fastbootd dm_device:blk_file rw_file_perms; 47 48 allow fastbootd super_block_device_type:blk_file rw_file_perms; 49 allow fastbootd { 50 boot_block_device 51 metadata_block_device 52 system_block_device 53 userdata_block_device 54 }:blk_file { w_file_perms getattr ioctl }; 55 56 # For disabling/wiping GSI. 57 allow fastbootd metadata_block_device:blk_file r_file_perms; 58 allow fastbootd {rootfs tmpfs}:dir mounton; 59 allow fastbootd metadata_file:dir search; 60 allow fastbootd gsi_metadata_file:dir r_dir_perms; 61 allow fastbootd gsi_metadata_file:file rw_file_perms; 62 63 allowxperm fastbootd super_block_device_type:blk_file ioctl { BLKIOMIN BLKALIGNOFF }; 64 65 allowxperm fastbootd { 66 metadata_block_device 67 userdata_block_device 68 dm_device 69 }:blk_file ioctl { BLKSECDISCARD BLKDISCARD }; 70 71 allow fastbootd misc_block_device:blk_file rw_file_perms; 72 73 allow fastbootd proc_cmdline:file r_file_perms; 74 allow fastbootd rootfs:dir r_dir_perms; 75 76 # Needed to read fstab node from device tree. 77 allow fastbootd sysfs_dt_firmware_android:file r_file_perms; 78 allow fastbootd sysfs_dt_firmware_android:dir r_dir_perms; 79 80 # Needed for realpath() call to resolve symlinks. 81 allow fastbootd block_device:dir getattr; 82 userdebug_or_eng(` 83 # Refined manipulation of /mnt/scratch, without these perms resorts 84 # to deleting scratch partition when partition(s) are flashed. 85 allow fastbootd self:process setfscreate; 86 allow fastbootd cache_file:dir search; 87 allow fastbootd proc_filesystems:file { getattr open read }; 88 allow fastbootd self:capability sys_rawio; 89 dontaudit fastbootd kernel:system module_request; 90 allowxperm fastbootd dev_type:blk_file ioctl BLKROSET; 91 allow fastbootd overlayfs_file:dir { create_dir_perms mounton }; 92 allow fastbootd { 93 system_file_type 94 unlabeled 95 vendor_file_type 96 }:dir { remove_name rmdir search write }; 97 allow fastbootd { 98 overlayfs_file 99 system_file_type 100 unlabeled 101 vendor_file_type 102 }:{ file lnk_file } unlink; 103 allow fastbootd tmpfs:dir rw_dir_perms; 104 allow fastbootd labeledfs:filesystem { mount unmount }; 105 get_prop(fastbootd, persistent_properties_ready_prop) 106 ') 107') 108 109### 110### neverallow rules 111### 112 113# Write permission is required to wipe userdata 114# until recovery supports vold. 115neverallow fastbootd { 116 data_file_type 117}:file { no_x_file_perms }; 118