Merge "Confine healthd, but leave it permissive for now."

842a1111 · Nick Kralevich · Gerrit Code Review · fec3c5ad · 2a604adf · 842a1111
Commit 842a1111 authored 11 years ago by Nick Kralevich Committed by Gerrit Code Review 11 years ago
--- a/healthd.te
+++ b/healthd.te
@@ -4,8 +4,15 @@ type healthd, domain;
 type healthd_exec, exec_type, file_type;

 init_daemon_domain(healthd)
-unconfined_domain(healthd)
-allow healthd rootfs:file entrypoint;
+allow healthd rootfs:file { read entrypoint };
 write_klog(healthd)

+allow healthd self:capability { net_admin mknod };
+allow healthd self:capability2 block_suspend;
+allow healthd self:netlink_kobject_uevent_socket create_socket_perms;
+binder_use(healthd)
+binder_call(healthd, system_server)

+# Workaround for 0x10 / block_suspend capability2 denials.
+# Requires a kernel patch to fix properly.
+permissive healthd;
--- a/system_server.te
+++ b/system_server.te
@@ -89,6 +89,7 @@ tmpfs_domain(system_server)
 binder_use(system_server)
 binder_call(system_server, binderservicedomain)
 binder_call(system_server, appdomain)
+binder_call(system_server, healthd)
 binder_service(system_server)

 # Read /proc/pid files for Binder clients.