From f3b587cab01a7a54a5a2c3296844083d90fc6641 Mon Sep 17 00:00:00 2001
From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Thu, 21 Jun 2012 13:23:45 -0400
Subject: [PATCH] Rewrite app domains and seapp_contexts to leverage new seinfo
 tags.

---
 app.te         | 67 +++++++++++++++++++++++++++++++++++++-------------
 seapp_contexts |  7 ++++--
 2 files changed, 55 insertions(+), 19 deletions(-)

diff --git a/app.te b/app.te
index ed76ccf82..62e4bb1a7 100644
--- a/app.te
+++ b/app.te
@@ -4,31 +4,64 @@
 #
 
 #
-# Trusted apps.
+# Apps signed with the platform key.
 #
-type trusted_app, domain;
-app_domain(trusted_app)
+type platform_app, domain;
+app_domain(platform_app)
 # Access the network.
-net_domain(trusted_app)
+net_domain(platform_app)
 # Access bluetooth.
-bluetooth_domain(trusted_app)
+bluetooth_domain(platform_app)
 # Read logs.
-allow trusted_app log_device:chr_file read;
-# Access /dev/mtp_usb.
-# XXX Split android.process.media into a separate domain?
-allow trusted_app mtp_device:chr_file rw_file_perms;
+allow platform_app log_device:chr_file read;
 # Write to /cache.
-allow trusted_app cache_file:dir rw_dir_perms;
-allow trusted_app cache_file:file create_file_perms;
+allow platform_app cache_file:dir rw_dir_perms;
+allow platform_app cache_file:file create_file_perms;
 # Read from /data/local.
-allow trusted_app shell_data_file:dir search;
-allow trusted_app shell_data_file:file { open getattr read };
-allow trusted_app shell_data_file:lnk_file read;
+allow platform_app shell_data_file:dir search;
+allow platform_app shell_data_file:file { open getattr read };
+allow platform_app shell_data_file:lnk_file read;
 # Access the sdcard.
-allow trusted_app sdcard:dir create_dir_perms;
-allow trusted_app sdcard:file create_file_perms;
+allow platform_app sdcard:dir create_dir_perms;
+allow platform_app sdcard:file create_file_perms;
 # Populate /data/app/vmdl*.tmp file created by system server.
-allow trusted_app apk_tmp_file:file rw_file_perms;
+allow platform_app apk_tmp_file:file rw_file_perms;
+
+# Apps signed with the media key.
+type media_app, domain;
+app_domain(media_app)
+# Access the network.
+net_domain(media_app)
+# Read logs.
+allow media_app log_device:chr_file read;
+# Access /dev/mtp_usb.
+allow media_app mtp_device:chr_file rw_file_perms;
+# Write to /cache.
+allow media_app cache_file:dir rw_dir_perms;
+allow media_app cache_file:file create_file_perms;
+# Access sdcard.
+allow media_app sdcard:dir r_dir_perms;
+allow media_app sdcard:file r_file_perms;
+
+# Apps signed with the shared key.
+type shared_app, domain;
+app_domain(shared_app)
+# Access the network.
+net_domain(shared_app)
+# Access bluetooth.
+bluetooth_domain(shared_app)
+# Read logs.
+allow shared_app log_device:chr_file read;
+
+# Apps signed with the release key (testkey in AOSP).
+type release_app, domain;
+app_domain(release_app)
+# Access the network.
+net_domain(release_app)
+# Access bluetooth.
+bluetooth_domain(release_app)
+# Read logs.
+allow release_app log_device:chr_file read;
 
 #
 # An example of a specific domain for a specific app
diff --git a/seapp_contexts b/seapp_contexts
index c30179251..502206a7b 100644
--- a/seapp_contexts
+++ b/seapp_contexts
@@ -33,5 +33,8 @@ user=system domain=system_app type=system_data_file
 user=nfc domain=nfc type=nfc_data_file
 user=radio domain=radio type=radio_data_file
 user=app_* domain=untrusted_app type=app_data_file levelFromUid=true
-user=app_* seinfo=systemApp domain=trusted_app levelFromUid=true
-user=app_* seinfo=systemApp name=com.android.browser domain=browser_app levelFromUid=true
+user=app_* seinfo=platform domain=platform_app levelFromUid=true
+user=app_* seinfo=shared domain=shared_app levelFromUid=true
+user=app_* seinfo=media domain=media_app levelFromUid=true
+user=app_* seinfo=release domain=release_app levelFromUid=true
+user=app_* seinfo=release name=com.android.browser domain=browser_app levelFromUid=true
-- 
GitLab