From 391854000a1331742a244b10cfd43b574bea4aea Mon Sep 17 00:00:00 2001
From: Ray Essick <essick@google.com>
Date: Tue, 24 Jan 2017 12:53:45 -0800
Subject: [PATCH] rename mediaanalytics->mediametrics, wider access

reflect the change from "mediaanalytics" to "mediametrics"

Also incorporates a broader access to the service -- e.g. anyone.
This reflects that a number of metrics submissions come from application
space and not only from our controlled, trusted media related processes.
The metrics service (in another commit) checks on the source of any
incoming metrics data and limits what is allowed from unprivileged
clients.

Bug: 34615027
Test: clean build, service running and accessible
Change-Id: I657c343ea1faed536c3ee1940f1e7a178e813a42
---
 private/file_contexts                         |  2 +-
 .../{mediaanalytics.te => mediametrics.te}    |  2 +-
 private/platform_app.te                       |  1 +
 private/priv_app.te                           |  1 +
 private/service_contexts                      |  2 +-
 private/untrusted_app.te                      |  1 +
 public/mediaanalytics.te                      | 26 -------------------
 public/mediacodec.te                          |  2 +-
 public/mediadrmserver.te                      |  2 +-
 public/mediaextractor.te                      |  2 +-
 public/mediametrics.te                        | 26 +++++++++++++++++++
 public/mediaserver.te                         |  2 +-
 public/nfc.te                                 |  1 +
 public/service.te                             |  2 +-
 public/system_server.te                       |  4 +--
 15 files changed, 40 insertions(+), 36 deletions(-)
 rename private/{mediaanalytics.te => mediametrics.te} (77%)
 delete mode 100644 public/mediaanalytics.te
 create mode 100644 public/mediametrics.te

diff --git a/private/file_contexts b/private/file_contexts
index 22a36693d..05b67311e 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -183,7 +183,7 @@
 /system/bin/audioserver	u:object_r:audioserver_exec:s0
 /system/bin/mediadrmserver	u:object_r:mediadrmserver_exec:s0
 /system/bin/mediaserver	u:object_r:mediaserver_exec:s0
-/system/bin/mediaanalytics	u:object_r:mediaanalytics_exec:s0
+/system/bin/mediametrics	u:object_r:mediametrics_exec:s0
 /system/bin/cameraserver	u:object_r:cameraserver_exec:s0
 /system/bin/mediaextractor	u:object_r:mediaextractor_exec:s0
 /system/bin/mediacodec	u:object_r:mediacodec_exec:s0
diff --git a/private/mediaanalytics.te b/private/mediametrics.te
similarity index 77%
rename from private/mediaanalytics.te
rename to private/mediametrics.te
index 0092fbe77..11f17d23d 100644
--- a/private/mediaanalytics.te
+++ b/private/mediametrics.te
@@ -1,3 +1,3 @@
 # type_transition must be private policy the domain_trans rules could stay
 # public, but conceptually should go with this
-init_daemon_domain(mediaanalytics)
+init_daemon_domain(mediametrics)
diff --git a/private/platform_app.te b/private/platform_app.te
index ee1c9d38e..8d03251b4 100644
--- a/private/platform_app.te
+++ b/private/platform_app.te
@@ -41,6 +41,7 @@ allow platform_app audioserver_service:service_manager find;
 allow platform_app cameraserver_service:service_manager find;
 allow platform_app drmserver_service:service_manager find;
 allow platform_app mediaserver_service:service_manager find;
+allow platform_app mediametrics_service:service_manager find;
 allow platform_app mediaextractor_service:service_manager find;
 allow platform_app mediacodec_service:service_manager find;
 allow platform_app mediadrmserver_service:service_manager find;
diff --git a/private/priv_app.te b/private/priv_app.te
index 95ef3e82b..568afe6a0 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te
@@ -24,6 +24,7 @@ allow priv_app audioserver_service:service_manager find;
 allow priv_app cameraserver_service:service_manager find;
 allow priv_app drmserver_service:service_manager find;
 allow priv_app mediacodec_service:service_manager find;
+allow priv_app mediametrics_service:service_manager find;
 allow priv_app mediadrmserver_service:service_manager find;
 allow priv_app mediaextractor_service:service_manager find;
 allow priv_app mediaserver_service:service_manager find;
diff --git a/private/service_contexts b/private/service_contexts
index de0caa936..ebb326583 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -78,7 +78,7 @@ media.camera                              u:object_r:cameraserver_service:s0
 media.camera.proxy                        u:object_r:cameraproxy_service:s0
 media.log                                 u:object_r:audioserver_service:s0
 media.player                              u:object_r:mediaserver_service:s0
-media.analytics                           u:object_r:mediaanalytics_service:s0
+media.metrics                             u:object_r:mediametrics_service:s0
 media.extractor                           u:object_r:mediaextractor_service:s0
 media.codec                               u:object_r:mediacodec_service:s0
 media.resource_manager                    u:object_r:mediaserver_service:s0
diff --git a/private/untrusted_app.te b/private/untrusted_app.te
index 57c82de41..643f95293 100644
--- a/private/untrusted_app.te
+++ b/private/untrusted_app.te
@@ -72,6 +72,7 @@ allow untrusted_app drmserver_service:service_manager find;
 allow untrusted_app mediaserver_service:service_manager find;
 allow untrusted_app mediaextractor_service:service_manager find;
 allow untrusted_app mediacodec_service:service_manager find;
+allow untrusted_app mediametrics_service:service_manager find;
 allow untrusted_app mediadrmserver_service:service_manager find;
 allow untrusted_app nfc_service:service_manager find;
 allow untrusted_app radio_service:service_manager find;
diff --git a/public/mediaanalytics.te b/public/mediaanalytics.te
deleted file mode 100644
index ea3f05486..000000000
--- a/public/mediaanalytics.te
+++ /dev/null
@@ -1,26 +0,0 @@
-# mediaanalytics - daemon for collecting media analytics data
-type mediaanalytics, domain;
-type mediaanalytics_exec, exec_type, file_type;
-
-
-binder_use(mediaanalytics)
-binder_call(mediaanalytics, binderservicedomain)
-binder_service(mediaanalytics)
-
-allow mediaanalytics mediaanalytics_service:service_manager add;
-
-allow mediaanalytics system_server:fd use;
-
-r_dir_file(mediaanalytics, cgroup)
-allow mediaanalytics proc_meminfo:file r_file_perms;
-
-###
-### neverallow rules
-###
-
-# mediaanalytics should never execute any executable without a
-# domain transition
-neverallow mediaanalytics { file_type fs_type }:file execute_no_trans;
-
-# mediaanalytics should never need network access. Disallow network sockets.
-neverallow mediaanalytics domain:{ tcp_socket udp_socket rawip_socket } *;
diff --git a/public/mediacodec.te b/public/mediacodec.te
index 1d6f7c165..27b27e0d1 100644
--- a/public/mediacodec.te
+++ b/public/mediacodec.te
@@ -10,7 +10,7 @@ binder_call(mediacodec, appdomain)
 binder_service(mediacodec)
 
 allow mediacodec mediacodec_service:service_manager add;
-allow mediacodec mediaanalytics_service:service_manager find;
+allow mediacodec mediametrics_service:service_manager find;
 allow mediacodec surfaceflinger_service:service_manager find;
 allow mediacodec gpu_device:chr_file rw_file_perms;
 allow mediacodec video_device:chr_file rw_file_perms;
diff --git a/public/mediadrmserver.te b/public/mediadrmserver.te
index c9e28d775..817365749 100644
--- a/public/mediadrmserver.te
+++ b/public/mediadrmserver.te
@@ -47,7 +47,7 @@ allow mediadrmserver tee:unix_stream_socket connectto;
 
 allow mediadrmserver mediadrmserver_service:service_manager { add find };
 allow mediadrmserver mediaserver_service:service_manager { add find };
-allow mediadrmserver mediaanalytics_service:service_manager find;
+allow mediadrmserver mediametrics_service:service_manager find;
 allow mediadrmserver processinfo_service:service_manager find;
 allow mediadrmserver surfaceflinger_service:service_manager find;
 
diff --git a/public/mediaextractor.te b/public/mediaextractor.te
index e5cf27ed1..7187c220a 100644
--- a/public/mediaextractor.te
+++ b/public/mediaextractor.te
@@ -10,7 +10,7 @@ binder_call(mediaextractor, appdomain)
 binder_service(mediaextractor)
 
 allow mediaextractor mediaextractor_service:service_manager add;
-allow mediaextractor mediaanalytics_service:service_manager find;
+allow mediaextractor mediametrics_service:service_manager find;
 
 allow mediaextractor system_server:fd use;
 
diff --git a/public/mediametrics.te b/public/mediametrics.te
new file mode 100644
index 000000000..9b4409be2
--- /dev/null
+++ b/public/mediametrics.te
@@ -0,0 +1,26 @@
+# mediametrics - daemon for collecting media.metrics data
+type mediametrics, domain;
+type mediametrics_exec, exec_type, file_type;
+
+
+binder_use(mediametrics)
+binder_call(mediametrics, binderservicedomain)
+binder_service(mediametrics)
+
+allow mediametrics mediametrics_service:service_manager add;
+
+allow mediametrics system_server:fd use;
+
+r_dir_file(mediametrics, cgroup)
+allow mediametrics proc_meminfo:file r_file_perms;
+
+###
+### neverallow rules
+###
+
+# mediametrics should never execute any executable without a
+# domain transition
+neverallow mediametrics { file_type fs_type }:file execute_no_trans;
+
+# mediametrics should never need network access. Disallow network sockets.
+neverallow mediametrics domain:{ tcp_socket udp_socket rawip_socket } *;
diff --git a/public/mediaserver.te b/public/mediaserver.te
index 47a773893..34d567c7c 100644
--- a/public/mediaserver.te
+++ b/public/mediaserver.te
@@ -87,7 +87,7 @@ allow mediaserver drmserver_service:service_manager find;
 allow mediaserver mediaextractor_service:service_manager find;
 allow mediaserver mediacodec_service:service_manager find;
 allow mediaserver mediaserver_service:service_manager { add find };
-allow mediaserver mediaanalytics_service:service_manager find;
+allow mediaserver mediametrics_service:service_manager find;
 allow mediaserver media_session_service:service_manager find;
 allow mediaserver permission_service:service_manager find;
 allow mediaserver power_service:service_manager find;
diff --git a/public/nfc.te b/public/nfc.te
index 9296a727f..9a8b47183 100644
--- a/public/nfc.te
+++ b/public/nfc.te
@@ -21,6 +21,7 @@ allow nfc nfc_data_file:notdevfile_class_set create_file_perms;
 allow nfc audioserver_service:service_manager find;
 allow nfc drmserver_service:service_manager find;
 allow nfc mediacodec_service:service_manager find;
+allow nfc mediametrics_service:service_manager find;
 allow nfc mediaextractor_service:service_manager find;
 allow nfc mediaserver_service:service_manager find;
 
diff --git a/public/service.te b/public/service.te
index d8da9307c..adcb177e2 100644
--- a/public/service.te
+++ b/public/service.te
@@ -13,7 +13,7 @@ type inputflinger_service,      service_manager_type;
 type installd_service,          service_manager_type;
 type keystore_service,          service_manager_type;
 type mediaserver_service,       service_manager_type;
-type mediaanalytics_service,    service_manager_type;
+type mediametrics_service,      service_manager_type;
 type mediaextractor_service,    service_manager_type;
 type mediacodec_service,        service_manager_type;
 type mediadrmserver_service,    service_manager_type;
diff --git a/public/system_server.te b/public/system_server.te
index e11476cb8..5dc99ab07 100644
--- a/public/system_server.te
+++ b/public/system_server.te
@@ -199,7 +199,7 @@ allow system_server {
   mediadrmserver
   mediaextractor
   mediaserver
-  mediaanalytics
+  mediametrics
   sdcardd
   surfaceflinger
 }:process { signal };
@@ -492,7 +492,7 @@ allow system_server gatekeeper_service:service_manager find;
 allow system_server installd_service:service_manager find;
 allow system_server keystore_service:service_manager find;
 allow system_server mediaserver_service:service_manager find;
-allow system_server mediaanalytics_service:service_manager find;
+allow system_server mediametrics_service:service_manager find;
 allow system_server mediaextractor_service:service_manager find;
 allow system_server mediacodec_service:service_manager find;
 allow system_server mediadrmserver_service:service_manager find;
-- 
GitLab