From 62bb52c4d4cce270ef2743a557bfe179813dd928 Mon Sep 17 00:00:00 2001
From: Jeff Sharkey <jsharkey@android.com>
Date: Mon, 22 Feb 2016 17:50:01 -0700
Subject: [PATCH] Offer to cache ringtones in system DE storage.

Ringtones often live on shared media, which is now encrypted with CE
keys and not available until after the user is unlocked.  To improve
the user experience while locked, cache the default ringtone,
notification sound, and alarm sound in a DE storage area.

Also fix bug where wallpaper_file wasn't getting data_file_type.

Bug: 26730753
Change-Id: Ib1f08d03eb734c3dce91daab41601d3ed14f4f0d
---
 app.te           | 3 +++
 file.te          | 4 +++-
 file_contexts    | 5 +++++
 mediaserver.te   | 1 +
 system_server.te | 4 ++++
 5 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/app.te b/app.te
index 438e01f46..6a74da884 100644
--- a/app.te
+++ b/app.te
@@ -101,6 +101,9 @@ allow appdomain dex2oat_exec:file rx_file_perms;
 # Read/write wallpaper file (opened by system).
 allow appdomain wallpaper_file:file { getattr read write };
 
+# Read/write cached ringtones (opened by system).
+allow appdomain ringtone_file:file { getattr read write };
+
 # Write to /data/anr/traces.txt.
 allow appdomain anr_data_file:dir search;
 allow appdomain anr_data_file:file { open append };
diff --git a/file.te b/file.te
index ff60c0435..7efa324e2 100644
--- a/file.te
+++ b/file.te
@@ -101,6 +101,8 @@ type bootchart_data_file, file_type, data_file_type;
 type heapdump_data_file, file_type, data_file_type, mlstrustedobject;
 # /data/nativetest
 type nativetest_data_file, file_type, data_file_type;
+# /data/system_de/0/ringtones
+type ringtone_file, file_type, data_file_type;
 
 # Mount locations managed by vold
 type mnt_media_rw_file, file_type;
@@ -159,7 +161,7 @@ type cache_recovery_file, file_type, mlstrustedobject;
 # Default type for anything under /efs
 type efs_file, file_type;
 # Type for wallpaper file.
-type wallpaper_file, file_type, mlstrustedobject;
+type wallpaper_file, file_type, data_file_type, mlstrustedobject;
 # /mnt/asec
 type asec_apk_file, file_type, data_file_type, mlstrustedobject;
 # Elements of asec files (/mnt/asec) that are world readable
diff --git a/file_contexts b/file_contexts
index ed8e30e6c..3b495ec7d 100644
--- a/file_contexts
+++ b/file_contexts
@@ -322,10 +322,15 @@
 /data/system/users/[0-9]+/wallpaper_lock	u:object_r:wallpaper_file:s0
 /data/system/users/[0-9]+/wallpaper_orig	u:object_r:wallpaper_file:s0
 /data/system/users/[0-9]+/wallpaper		u:object_r:wallpaper_file:s0
+
+# Ringtone files
+/data/system_de/[0-9]+/ringtones(/.*)?          u:object_r:ringtone_file:s0
+
 #############################
 # efs files
 #
 /efs(/.*)?		u:object_r:efs_file:s0
+
 #############################
 # Cache files
 #
diff --git a/mediaserver.te b/mediaserver.te
index a30506040..209b98a6a 100644
--- a/mediaserver.te
+++ b/mediaserver.te
@@ -45,6 +45,7 @@ allow mediaserver sysfs:file r_file_perms;
 # Read resources from open apk files passed over Binder.
 allow mediaserver apk_data_file:file { read getattr };
 allow mediaserver asec_apk_file:file { read getattr };
+allow mediaserver ringtone_file:file { read getattr };
 
 # Read /data/data/com.android.providers.telephony files passed over Binder.
 allow mediaserver radio_data_file:file { read getattr };
diff --git a/system_server.te b/system_server.te
index 2e131b34f..076a6bafd 100644
--- a/system_server.te
+++ b/system_server.te
@@ -290,6 +290,10 @@ allow system_server system_data_file:file relabelfrom;
 allow system_server wallpaper_file:file relabelto;
 allow system_server wallpaper_file:file { rw_file_perms unlink };
 
+# Manage ringtones.
+allow system_server ringtone_file:dir { create_dir_perms relabelto };
+allow system_server ringtone_file:file create_file_perms;
+
 # FingerprintService.java does a restorecon of the directory /data/system/users/[0-9]+/fpdata(/.*)?
 allow system_server system_data_file:dir relabelfrom;
 
-- 
GitLab