Partially revert "mediaprovider" SELinux domain. am: 52da39d9 am: a018b183 am: 2bb33d81

am: cf308055 Change-Id: I6e0092d575817efae9f64c4f89de519fa4315dc4

Partially revert "mediaprovider" SELinux domain. am: 52da39d9 am: a018b183 am: 2bb33d81
8722cf7a · Jeff Sharkey · android-build-merger · 0e1534d6 · cf308055 · 0e1534d6
Commit 8722cf7a authored 8 years ago by Jeff Sharkey Committed by android-build-merger 8 years ago
--- a/private/mediaprovider.te
+++ b/private/mediaprovider.te
-app_domain(mediaprovider)
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -93,7 +93,6 @@ user=radio seinfo=platform domain=radio type=radio_data_file
 user=shared_relro domain=shared_relro
 user=shell seinfo=platform domain=shell type=shell_data_file
 user=_isolated domain=isolated_app levelFrom=user
-user=_app seinfo=media domain=mediaprovider name=android.process.media type=app_data_file levelFrom=user
 user=_app seinfo=platform domain=platform_app type=app_data_file levelFrom=user
 user=_app isEphemeralApp=true domain=ephemeral_app type=ephemeral_data_file levelFrom=all
 user=_app isPrivApp=true domain=priv_app type=app_data_file levelFrom=user

--- a/public/mediaprovider.te
+++ b/public/mediaprovider.te
-type mediaprovider, domain;
-# MtpServer uses /dev/mtp_usb
-allow mediaprovider mtp_device:chr_file rw_file_perms;
-# MtpServer uses /dev/usb-ffs/mtp
-allow mediaprovider functionfs:dir search;
-allow mediaprovider functionfs:file rw_file_perms;
-# MtpServer sets sys.usb.ffs.mtp.ready
-set_prop(mediaprovider, ffs_prop)
-allow mediaprovider mediacodec_service:service_manager find;
-allow mediaprovider mediadrmserver_service:service_manager find;
-allow mediaprovider mediaextractor_service:service_manager find;
-allow mediaprovider mediaserver_service:service_manager find;
-allow mediaprovider app_api_service:service_manager find;
-allow mediaprovider system_api_service:service_manager find;
-# /sys and /proc access
-r_dir_file(mediaprovider, sysfs_type)
-r_dir_file(mediaprovider, proc)
-r_dir_file(mediaprovider, rootfs)
-# Access to /data/preloads
-allow mediaprovider preloads_data_file:file r_file_perms;
-###
-### neverallow rules (see corresponding rules in priv_app)
-###
-# Receive or send uevent messages.
-neverallow mediaprovider domain:netlink_kobject_uevent_socket *;
-# Receive or send generic netlink messages
-neverallow mediaprovider domain:netlink_socket *;
-# Too much leaky information in debugfs. It's a security
-# best practice to ensure these files aren't readable.
-neverallow mediaprovider debugfs:file read;
-# Only trusted components of Android should be registering
-# services.
-neverallow mediaprovider service_manager_type:service_manager add;
-# Do not allow mediaprovider to be assigned mlstrustedsubject.
-neverallow mediaprovider mlstrustedsubject:process fork;
-# Do not allow mediaprovider to hard link to any files.
-neverallow mediaprovider file_type:file link;
--- a/public/priv_app.te
+++ b/public/priv_app.te
@@ -89,6 +89,20 @@ allow priv_app ringtone_file:file { getattr read write };
 allow priv_app preloads_data_file:file r_file_perms;
 allow priv_app preloads_data_file:dir r_dir_perms;
+# TODO: revert this as part of fixing 33574909
+# android.process.media uses /dev/mtp_usb
+allow priv_app mtp_device:chr_file rw_file_perms;
+# TODO: revert this as part of fixing 33574909
+# MtpServer uses /dev/usb-ffs/mtp
+allow priv_app functionfs:dir search;
+allow priv_app functionfs:file rw_file_perms;
+# TODO: revert this as part of fixing 33574909
+# Traverse into /mnt/media_rw for bypassing FUSE daemon
+# TODO: narrow this to just MediaProvider
+allow priv_app mnt_media_rw_file:dir search;
 ###
 ### neverallow rules
 ###