From e2423d149b6a5b9119965c097a2a75cb8d052763 Mon Sep 17 00:00:00 2001
From: Bowgo Tsai <bowgotsai@google.com>
Date: Mon, 31 Jul 2017 18:38:28 +0800
Subject: [PATCH] Moving adbd from rootdir to system/bin

Bug: 63910933
Test: boot sailfish in normal mode, checks adbd is started
Test: boot sailfish in recovery mode, checks adbd is started
Test: boot bullhead in normal mode, checks adbd is started
Test: boot bullhead in recovery mode, checks adbd is started

Change-Id: I35ed78a15a34626fbd3c21d030e2bf51033f7b79
---
 private/adbd.te                     | 2 ++
 private/compat/26.0/26.0.ignore.cil | 6 ++++--
 private/file_contexts               | 1 +
 private/init.te                     | 2 +-
 public/adbd.te                      | 1 +
 5 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/private/adbd.te b/private/adbd.te
index 200836428..d28b836f1 100644
--- a/private/adbd.te
+++ b/private/adbd.te
@@ -3,6 +3,8 @@
 typeattribute adbd coredomain;
 typeattribute adbd mlstrustedsubject;
 
+init_daemon_domain(adbd)
+
 domain_auto_trans(adbd, shell_exec, shell)
 
 userdebug_or_eng(`
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index 6b37df7fa..a04e02622 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -3,7 +3,8 @@
 ;;   previous ones.  Add here to pass checkapi tests.
 (typeattribute new_objects)
 (typeattributeset new_objects
-  ( broadcastradio_service
+  ( adbd_exec
+    broadcastradio_service
     e2fs
     e2fs_exec
     hal_cas_hwservice
@@ -29,5 +30,6 @@
 ;;     Thus, these types are also not mapped, but recorded for checkapi tests
 (typeattribute priv_objects)
 (typeattributeset priv_objects
-     ( screencap
+     ( adbd_tmpfs
+       screencap
        screencap_exec ))
diff --git a/private/file_contexts b/private/file_contexts
index eb31faf1f..49d954b2e 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -273,6 +273,7 @@
 /system/etc/selinux/plat_sepolicy.cil       u:object_r:sepolicy_file:s0
 /system/etc/selinux/plat_and_mapping_sepolicy\.cil\.sha256 u:object_r:sepolicy_file:s0
 /system/bin/vr_hwc               u:object_r:vr_hwc_exec:s0
+/system/bin/adbd                 u:object_r:adbd_exec:s0
 
 #############################
 # Vendor files
diff --git a/private/init.te b/private/init.te
index 558ba966b..5c23f66f1 100644
--- a/private/init.te
+++ b/private/init.te
@@ -3,12 +3,12 @@ typeattribute init coredomain;
 tmpfs_domain(init)
 
 # Transitions to seclabel processes in init.rc
-domain_trans(init, rootfs, adbd)
 domain_trans(init, rootfs, charger)
 domain_trans(init, rootfs, healthd)
 domain_trans(init, rootfs, slideshow)
 domain_auto_trans(init, e2fs_exec, e2fs)
 recovery_only(`
+  domain_trans(init, rootfs, adbd)
   domain_trans(init, rootfs, recovery)
 ')
 domain_trans(init, shell_exec, shell)
diff --git a/public/adbd.te b/public/adbd.te
index 7ecd045fc..95854c01e 100644
--- a/public/adbd.te
+++ b/public/adbd.te
@@ -1,3 +1,4 @@
 # adbd seclabel is specified in init.rc since
 # it lives in the rootfs and has no unique file type.
 type adbd, domain;
+type adbd_exec, exec_type, file_type;
-- 
GitLab