Merge "Allow init to run vendor toybox for modprobe" into oc-dev am: d5a2f3e2

am: 3abc81ce Change-Id: If6350ea61bd6447af7913a7b474e719e0f7707d3

Merge "Allow init to run vendor toybox for modprobe" into oc-dev am: d5a2f3e2
8da4bf51 · Sandeep Patil · android-build-merger · d1d6b39d · 3abc81ce · 8da4bf51
Commit 8da4bf51 authored 7 years ago by Sandeep Patil Committed by android-build-merger 7 years ago
--- a/private/init.te
+++ b/private/init.te
@@ -14,8 +14,7 @@ recovery_only(`
 domain_trans(init, shell_exec, shell)
 domain_trans(init, init_exec, ueventd)
 domain_trans(init, init_exec, watchdogd)
-domain_trans(init, rootfs, modprobe)
+domain_trans(init, { rootfs toolbox_exec vendor_toolbox_exec }, modprobe)
-domain_trans(init, toolbox_exec, modprobe)
 # case where logpersistd is actually logcat -f in logd context (nee: logcatd)
 userdebug_or_eng(`
  domain_auto_trans(init, logcat_exec, logpersist)

--- a/public/vendor_toolbox.te
+++ b/public/vendor_toolbox.te
@@ -7,6 +7,10 @@ type vendor_toolbox_exec, exec_type, vendor_file_type, file_type;
 # or read, execute the vendor_toolbox file.
 full_treble_only(`
    # Do not allow non-vendor domains to transition
-    # to vendor toolbox
+    # to vendor toolbox except for the whitelisted domains.
-    neverallow coredomain vendor_toolbox_exec:file { entrypoint execute execute_no_trans };
+    neverallow {
+        coredomain
+        -init
+        -modprobe
+    } vendor_toolbox_exec:file { entrypoint execute execute_no_trans };
 ')