Merge "Sepolicy: Introduce perfprofd binder service"

2f39276e · Treehugger Robot · Gerrit Code Review · 8d07a8d5 · aa9711f8 · 2f39276e
Commit 2f39276e authored 7 years ago by Treehugger Robot Committed by Gerrit Code Review 7 years ago
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -27,6 +27,7 @@
    netd_stable_secret_prop
    network_watchlist_service
    package_native_service
+    perfprofd_service
    property_info
    slice_service
    stats

--- a/private/service_contexts
+++ b/private/service_contexts
@@ -111,6 +111,7 @@ otadexopt                                 u:object_r:otadexopt_service:s0
 overlay                                   u:object_r:overlay_service:s0
 package                                   u:object_r:package_service:s0
 package_native                            u:object_r:package_native_service:s0
+perfprofd                                 u:object_r:perfprofd_service:s0
 permission                                u:object_r:permission_service:s0
 persistent_data_block                     u:object_r:persistent_data_block_service:s0
 phone_msim                                u:object_r:radio_service:s0

--- a/public/perfprofd.te
+++ b/public/perfprofd.te
@@ -96,4 +96,22 @@ userdebug_or_eng(`
  dontaudit perfprofd shell_data_file:dir *;
  dontaudit perfprofd shell_data_file:file *;
+  # Allow perfprofd to publish a binder service and make binder calls.
+  binder_use(perfprofd)
+  add_service(perfprofd, perfprofd_service)
+  # Use devpts for streams from cmd.
+  #
+  # This is normally granted to binderservicedomain, but this service
+  # has tighter restrictions on the callers (see below), so must enable
+  # this manually.
+  allow perfprofd devpts:chr_file rw_file_perms;
+  # Use socket & pipe supplied by su, for cmd perfprofd dump.
+  allow perfprofd su:unix_stream_socket { read write getattr sendto };
+  allow perfprofd su:fifo_file r_file_perms;
+  # For now, only allow su to communicate with us.
+  neverallow domain perfprofd:binder call;
+  neverallow perfprofd { domain -servicemanager -su }:binder call;
 ')
--- a/public/service.te
+++ b/public/service.te
@@ -20,6 +20,7 @@ type mediacodec_service,        service_manager_type;
 type mediadrmserver_service,    service_manager_type;
 type netd_service,              service_manager_type;
 type nfc_service,               service_manager_type;
+type perfprofd_service,         service_manager_type;
 type radio_service,             service_manager_type;
 type storaged_service,          service_manager_type;
 type surfaceflinger_service,    app_api_service, ephemeral_app_api_service, service_manager_type;