| type composd, domain, coredomain; |
| type composd_exec, system_file_type, exec_type, file_type; |
| |
| # Host dynamic AIDL services |
| init_daemon_domain(composd) |
| binder_use(composd) |
| add_service(composd, compos_service) |
| |
| # Call back into system server |
| binder_call(composd, system_server) |
| |
| # Start a VM |
| virtualizationservice_use(composd) |
| |
| # Prepare staging directory for odrefresh |
| allow composd apex_art_data_file:dir { create_dir_perms relabelfrom }; |
| allow composd apex_art_staging_data_file:dir { create_dir_perms relabelto }; |
| allow composd apex_art_staging_data_file:file { getattr unlink }; |
| |
| # Delete files or enable fs-verity in the odrefresh target directory |
| allow composd apex_art_data_file:file { open ioctl read unlink write }; |
| allowxperm composd apex_art_data_file:file ioctl FS_IOC_ENABLE_VERITY; |
| |
| # Access our APEX data files |
| allow composd apex_module_data_file:dir search; |
| allow composd apex_compos_data_file:dir create_dir_perms; |
| allow composd apex_compos_data_file:file create_file_perms; |
| |
| # Run fd_server in its own domain, and send SIGTERM when finished. |
| domain_auto_trans(composd, fd_server_exec, compos_fd_server) |
| allow composd compos_fd_server:process signal; |
| |
| # Read properties used to configure the CompOS VM |
| get_prop(composd, composd_vm_art_prop) |
| get_prop(composd, composd_vm_vendor_prop) |
| |
| # Read ART's properties |
| get_prop(composd, dalvik_config_prop_type) |
| get_prop(composd, device_config_runtime_native_boot_prop) |
| |
| # We never create any artifact files directly |
| neverallow composd apex_art_data_file:file create; |
| |
| # ART sets these properties via init script, nothing else should |
| neverallow { domain -init } composd_vm_art_prop:property_service set; |