Allow shell to start vendor shell am: 00ab5d86 am: 8fe0a12f

am: bf7d3284 Change-Id: Ia7d99d5c945309f612a53dbc5bab25be7c5ff772

Allow shell to start vendor shell am: 00ab5d86 am: 8fe0a12f
am: bf7d3284 Change-Id: Ia7d99d5c945309f612a53dbc5bab25be7c5ff772
4f1bb3ee · Yifan Hong · android-build-merger · 74209724 · bf7d3284 · 4f1bb3ee
Commit 4f1bb3ee authored 7 years ago by Yifan Hong Committed by android-build-merger 7 years ago
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -81,6 +81,7 @@
    update_engine_log_data_file
    vendor_default_prop
    vendor_init
+    vendor_shell
    vold_prepare_subdirs
    vold_prepare_subdirs_exec
    vold_service

--- a/private/shell.te
+++ b/private/shell.te
@@ -36,3 +36,5 @@ unix_socket_connect(shell, traced_consumer, traced)
 allow shell traced:fd use;
 allow shell traced_tmpfs:file { read write getattr map };
 unix_socket_connect(shell, traced_producer, traced)
+
+domain_auto_trans(shell, vendor_shell_exec, vendor_shell)
--- a/public/domain.te
+++ b/public/domain.te
@@ -874,6 +874,7 @@ full_treble_only(`
        coredomain
        -init
        -vendor_init
+        -shell
    } vendor_shell_exec:file { execute execute_no_trans };

    # Do not allow vendor components to execute files from system

--- a/public/shell.te
+++ b/public/shell.te
@@ -185,6 +185,9 @@ allow shell seapp_contexts_file:file r_file_perms;
 allow shell service_contexts_file:file r_file_perms;
 allow shell sepolicy_file:file r_file_perms;

+# Allow shell to start up vendor shell
+allow shell vendor_shell_exec:file rx_file_perms;
+
 ###
 ### Neverallow rules
 ###

--- a/public/vendor_shell.te
+++ b/public/vendor_shell.te
-# vendor shell MUST never run as interactive or login shell.
-# vendor shell CAN never be traisitioned to by any process, so it is
-# only intended by shell script interpreter.
+type vendor_shell, domain;
 type vendor_shell_exec, exec_type, vendor_file_type, file_type;
+
+allow vendor_shell vendor_shell_exec:file rx_file_perms;
+allow vendor_shell vendor_toolbox_exec:file rx_file_perms;
+
+# Use fd from shell when vendor_shell is started from shell
+allow vendor_shell shell:fd use;
+
+# adbd: allow `adb shell /vendor/bin/sh` and `adb shell` then `/vendor/bin/sh`
+allow vendor_shell adbd:fd use;
+allow vendor_shell adbd:process sigchld;
+allow vendor_shell adbd:unix_stream_socket { getattr ioctl read write };
+
+allow vendor_shell devpts:chr_file rw_file_perms;
+allow vendor_shell tty_device:chr_file rw_file_perms;
+allow vendor_shell console_device:chr_file rw_file_perms;
+allow vendor_shell input_device:dir r_dir_perms;
+allow vendor_shell input_device:chr_file rw_file_perms;