generic/vendor/common/hal_bootctl.te - LeafOS-Project/android_device_qcom_sepolicy - Gitiles

 # Copyright (c) 2018, The Linux Foundation. All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions are
 # met:
 #     * Redistributions of source code must retain the above copyright
 #       notice, this list of conditions and the following disclaimer.
 #     * Redistributions in binary form must reproduce the above
 #       copyright notice, this list of conditions and the following
 #       disclaimer in the documentation and/or other materials provided
 #       with the distribution.
 #     * Neither the name of The Linux Foundation nor the names of its
 #       contributors may be used to endorse or promote products derived
 #       from this software without specific prior written permission.
 #
 # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
 # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
 # ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
 # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 # These are the permissions required to use the boot_control HAL implemented
 # here: hardware/qcom/bootctrl/boot_control.c

 # Getting and setting GPT attributes for the bootloader iterates over all the
 # partition names in the block_device directory /dev/block/.../by-name
 allow hal_bootctl block_device:dir r_dir_perms;

 #Opening /dev directory from bootctl to query /dev/ufs-bsg* filename
 allow hal_bootctl device:dir r_dir_perms;
 # Edit the attributes stored in the GPT.
 allow hal_bootctl vendor_gpt_block_device:blk_file rw_file_perms;
 allow hal_bootctl root_block_device:blk_file rw_file_perms;

 # Allow boot_control_hal to get attributes on all the A/B partitions.
 allow hal_bootctl boot_block_device:blk_file rw_file_perms;
 allow hal_bootctl vendor_ab_block_device:blk_file getattr;
 allow hal_bootctl vendor_xbl_block_device:blk_file getattr;
 allow hal_bootctl vendor_modem_block_device:blk_file getattr;
 allow hal_bootctl system_block_device:blk_file getattr;
 allow hal_bootctl vendor_custom_ab_block_device:blk_file getattr;
 allow hal_bootctl vendor_ab_block_device:blk_file getattr;
 allow hal_bootctl recovery_block_device:blk_file getattr;
 allow hal_bootctl vendor_mdtp_device:blk_file getattr;
 allow hal_bootctl_server misc_block_device:blk_file rw_file_perms;

 # Access /dev/sgN or /dev/ufs-bsg* devices (generic SCSI) to write the
 # A/B slot selection for the XBL partition. Allow also to issue a
 # UFS_IOCTL_QUERY or SG_IO ioctl.
 allow hal_bootctl vendor_sg_device:chr_file rw_file_perms;
 allow hal_bootctl vendor_bsg_device:chr_file rw_file_perms;

 # The sys_rawio denial message is benign, and shows up due to a capability()
 # call made by the scsi driver to check for CAP_SYS_RAWIO. Not having this
 # does not result in a error
 dontaudit hal_bootctl self:capability sys_rawio;


 #scsi driver does a capability check (CAP_SYS_RAWIO) when bootctl does
 # an ioctl to /dev/ufs-bsg .Adding this rule to avoid ioctl error.
 allow hal_bootctl_server self:capability { sys_rawio };
 # Read the sysfs to lookup what /dev/sgN device
 # corresponds to the XBL partitions.
 allow hal_bootctl vendor_sysfs_scsi_target:dir r_dir_perms;

 # Write to the XBL devices.
 allow hal_bootctl vendor_xbl_block_device:blk_file rw_file_perms;

 # Read dir permission for dt_firmware
 allow hal_bootctl sysfs_dt_firmware_android:dir r_dir_perms;
	# Copyright (c) 2018, The Linux Foundation. All rights reserved.
	#
	# Redistribution and use in source and binary forms, with or without
	# modification, are permitted provided that the following conditions are
	# met:
	# * Redistributions of source code must retain the above copyright
	# notice, this list of conditions and the following disclaimer.
	# * Redistributions in binary form must reproduce the above
	# copyright notice, this list of conditions and the following
	# disclaimer in the documentation and/or other materials provided
	# with the distribution.
	# * Neither the name of The Linux Foundation nor the names of its
	# contributors may be used to endorse or promote products derived
	# from this software without specific prior written permission.
	#
	# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
	# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
	# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
	# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
	# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
	# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
	# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
	# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
	# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
	# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
	# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	# These are the permissions required to use the boot_control HAL implemented
	# here: hardware/qcom/bootctrl/boot_control.c

	# Getting and setting GPT attributes for the bootloader iterates over all the
	# partition names in the block_device directory /dev/block/.../by-name
	allow hal_bootctl block_device:dir r_dir_perms;

	#Opening /dev directory from bootctl to query /dev/ufs-bsg* filename
	allow hal_bootctl device:dir r_dir_perms;
	# Edit the attributes stored in the GPT.
	allow hal_bootctl vendor_gpt_block_device:blk_file rw_file_perms;
	allow hal_bootctl root_block_device:blk_file rw_file_perms;

	# Allow boot_control_hal to get attributes on all the A/B partitions.
	allow hal_bootctl boot_block_device:blk_file rw_file_perms;
	allow hal_bootctl vendor_ab_block_device:blk_file getattr;
	allow hal_bootctl vendor_xbl_block_device:blk_file getattr;
	allow hal_bootctl vendor_modem_block_device:blk_file getattr;
	allow hal_bootctl system_block_device:blk_file getattr;
	allow hal_bootctl vendor_custom_ab_block_device:blk_file getattr;
	allow hal_bootctl vendor_ab_block_device:blk_file getattr;
	allow hal_bootctl recovery_block_device:blk_file getattr;
	allow hal_bootctl vendor_mdtp_device:blk_file getattr;
	allow hal_bootctl_server misc_block_device:blk_file rw_file_perms;

	# Access /dev/sgN or /dev/ufs-bsg* devices (generic SCSI) to write the
	# A/B slot selection for the XBL partition. Allow also to issue a
	# UFS_IOCTL_QUERY or SG_IO ioctl.
	allow hal_bootctl vendor_sg_device:chr_file rw_file_perms;
	allow hal_bootctl vendor_bsg_device:chr_file rw_file_perms;

	# The sys_rawio denial message is benign, and shows up due to a capability()
	# call made by the scsi driver to check for CAP_SYS_RAWIO. Not having this
	# does not result in a error
	dontaudit hal_bootctl self:capability sys_rawio;


	#scsi driver does a capability check (CAP_SYS_RAWIO) when bootctl does
	# an ioctl to /dev/ufs-bsg .Adding this rule to avoid ioctl error.
	allow hal_bootctl_server self:capability { sys_rawio };
	# Read the sysfs to lookup what /dev/sgN device
	# corresponds to the XBL partitions.
	allow hal_bootctl vendor_sysfs_scsi_target:dir r_dir_perms;

	# Write to the XBL devices.
	allow hal_bootctl vendor_xbl_block_device:blk_file rw_file_perms;

	# Read dir permission for dt_firmware
	allow hal_bootctl sysfs_dt_firmware_android:dir r_dir_perms;