Move staged backup content to a specific cache subdir

Also narrowly specify the domain for the local transport's bookkeeping. Bug 26834865 Change-Id: I2eea8a10f29356ffecabd8e102f7afa90123c535

Move staged backup content to a specific cache subdir
b8104a47 · Christopher Tate · 02bffbb8 · b8104a47 · b8104a47 · b8104a47
Commit b8104a47 authored 9 years ago by Christopher Tate
--- a/domain.te
+++ b/domain.te
@@ -270,7 +270,7 @@ neverallow {
    -recovery # for /tmp/update_binary in tmpfs
 } { fs_type -rootfs }:file execute;
 # Files from cache should never be executed
-neverallow domain { cache_file cache_backup_file cache_recovery_file }:file execute;
+neverallow domain { cache_file cache_backup_file cache_private_backup_file cache_recovery_file }:file execute;

 # Protect most domains from executing arbitrary content from /data.
 neverallow {

--- a/file.te
+++ b/file.te
@@ -145,9 +145,10 @@ typealias app_data_file alias platform_app_data_file;
 typealias app_data_file alias download_file;
 # Default type for anything under /cache
 type cache_file, file_type, mlstrustedobject;
-# Type for /cache/.*\.{data|restore} and default
-# type for anything under /cache/backup
+# Type for /cache/backup_stage/* (fd interchange with apps)
 type cache_backup_file, file_type, mlstrustedobject;
+# type for anything under /cache/backup (local transport storage)
+type cache_private_backup_file, file_type;
 # Type for anything under /cache/recovery
 type cache_recovery_file, file_type, mlstrustedobject;
 # Default type for anything under /efs

--- a/file_contexts
+++ b/file_contexts
@@ -319,11 +319,12 @@
 # Cache files
 #
 /cache(/.*)?		u:object_r:cache_file:s0
-/cache/.*\.data	u:object_r:cache_backup_file:s0
-/cache/.*\.restore	u:object_r:cache_backup_file:s0
-# LocalTransport (backup) uses this directory
-/cache/backup(/.*)?	u:object_r:cache_backup_file:s0
 /cache/recovery(/.*)?	u:object_r:cache_recovery_file:s0
+# General backup/restore interchange with apps
+/cache/backup_stage(/.*)?	u:object_r:cache_backup_file:s0
+# LocalTransport (backup) uses this subtree
+/cache/backup(/.*)?		u:object_r:cache_private_backup_file:s0
+
 #############################
 # sysfs files
 #

--- a/system_server.te
+++ b/system_server.te
@@ -337,14 +337,12 @@ allow system_server { appdomain autoplay_app }:{ fifo_file unix_stream_socket }
 # Allow abstract socket connection
 allow system_server rild:unix_stream_socket connectto;

-# BackupManagerService lets PMS create a data backup file
+# BackupManagerService needs to manipulate backup data files
+allow system_server cache_backup_file:dir rw_dir_perms;
 allow system_server cache_backup_file:file create_file_perms;
-# Relabel /data/backup
-allow system_server backup_data_file:dir { relabelto relabelfrom };
-# Relabel /cache/.*\.{data|restore}
-allow system_server cache_backup_file:file { relabelto relabelfrom };
-# LocalTransport creates and relabels /cache/backup
-allow system_server cache_backup_file:dir { relabelto relabelfrom create_dir_perms };
+# LocalTransport works inside /cache/backup
+allow system_server cache_private_backup_file:dir create_dir_perms;
+allow system_server cache_private_backup_file:file create_file_perms;

 # Allow system to talk to usb device
 allow system_server usb_device:chr_file rw_file_perms;