1*e4a36f41SAndroid Build Coastguard Worker# Any fsck program run by init 2*e4a36f41SAndroid Build Coastguard Workertype fsck, domain; 3*e4a36f41SAndroid Build Coastguard Workertype fsck_exec, system_file_type, exec_type, file_type; 4*e4a36f41SAndroid Build Coastguard Worker 5*e4a36f41SAndroid Build Coastguard Worker# /dev/__null__ created by init prior to policy load, 6*e4a36f41SAndroid Build Coastguard Worker# open fd inherited by fsck. 7*e4a36f41SAndroid Build Coastguard Workerallow fsck tmpfs:chr_file { read write ioctl }; 8*e4a36f41SAndroid Build Coastguard Worker 9*e4a36f41SAndroid Build Coastguard Worker# Inherit and use pty created by android_fork_execvp_ext(). 10*e4a36f41SAndroid Build Coastguard Workerallow fsck devpts:chr_file { read write ioctl getattr }; 11*e4a36f41SAndroid Build Coastguard Worker 12*e4a36f41SAndroid Build Coastguard Worker# Allow stdin/out back to vold 13*e4a36f41SAndroid Build Coastguard Workerallow fsck vold:fd use; 14*e4a36f41SAndroid Build Coastguard Workerallow fsck vold:fifo_file { read write getattr }; 15*e4a36f41SAndroid Build Coastguard Worker 16*e4a36f41SAndroid Build Coastguard Worker# Run fsck on certain block devices 17*e4a36f41SAndroid Build Coastguard Workerallow fsck block_device:dir search; 18*e4a36f41SAndroid Build Coastguard Workerallow fsck userdata_block_device:blk_file rw_file_perms; 19*e4a36f41SAndroid Build Coastguard Workerallow fsck cache_block_device:blk_file rw_file_perms; 20*e4a36f41SAndroid Build Coastguard Workerallow fsck dm_device:blk_file rw_file_perms; 21*e4a36f41SAndroid Build Coastguard Workeruserdebug_or_eng(` 22*e4a36f41SAndroid Build Coastguard Workerallow fsck system_block_device:blk_file rw_file_perms; 23*e4a36f41SAndroid Build Coastguard Worker') 24*e4a36f41SAndroid Build Coastguard Worker 25*e4a36f41SAndroid Build Coastguard Worker# For the block devices where we have ioctl access, 26*e4a36f41SAndroid Build Coastguard Worker# allow at a minimum the following common fsck ioctls. 27*e4a36f41SAndroid Build Coastguard Workerallowxperm fsck dev_type:blk_file ioctl { 28*e4a36f41SAndroid Build Coastguard Worker BLKDISCARDZEROES 29*e4a36f41SAndroid Build Coastguard Worker BLKROGET 30*e4a36f41SAndroid Build Coastguard Worker}; 31*e4a36f41SAndroid Build Coastguard Worker 32*e4a36f41SAndroid Build Coastguard Worker# To determine if it is safe to run fsck on a filesystem, e2fsck 33*e4a36f41SAndroid Build Coastguard Worker# must first determine if the filesystem is mounted. To do that, 34*e4a36f41SAndroid Build Coastguard Worker# e2fsck scans through /proc/mounts and collects all the mounted 35*e4a36f41SAndroid Build Coastguard Worker# block devices. With that information, it runs stat() on each block 36*e4a36f41SAndroid Build Coastguard Worker# device, comparing the major and minor numbers to the filesystem 37*e4a36f41SAndroid Build Coastguard Worker# passed in on the command line. If there is a match, then the filesystem 38*e4a36f41SAndroid Build Coastguard Worker# is currently mounted and running fsck is dangerous. 39*e4a36f41SAndroid Build Coastguard Worker# Allow stat access to all block devices so that fsck can compare 40*e4a36f41SAndroid Build Coastguard Worker# major/minor values. 41*e4a36f41SAndroid Build Coastguard Workerallow fsck dev_type:blk_file getattr; 42*e4a36f41SAndroid Build Coastguard Worker 43*e4a36f41SAndroid Build Coastguard Workerallow fsck { 44*e4a36f41SAndroid Build Coastguard Worker proc_mounts 45*e4a36f41SAndroid Build Coastguard Worker proc_swaps 46*e4a36f41SAndroid Build Coastguard Worker}:file r_file_perms; 47*e4a36f41SAndroid Build Coastguard Workerallow fsck rootfs:dir r_dir_perms; 48*e4a36f41SAndroid Build Coastguard Worker 49*e4a36f41SAndroid Build Coastguard Worker### 50*e4a36f41SAndroid Build Coastguard Worker### neverallow rules 51*e4a36f41SAndroid Build Coastguard Worker### 52*e4a36f41SAndroid Build Coastguard Worker 53*e4a36f41SAndroid Build Coastguard Worker# fsck should never be run on these block devices 54*e4a36f41SAndroid Build Coastguard Workerneverallow fsck { 55*e4a36f41SAndroid Build Coastguard Worker boot_block_device 56*e4a36f41SAndroid Build Coastguard Worker frp_block_device 57*e4a36f41SAndroid Build Coastguard Worker recovery_block_device 58*e4a36f41SAndroid Build Coastguard Worker root_block_device 59*e4a36f41SAndroid Build Coastguard Worker swap_block_device 60*e4a36f41SAndroid Build Coastguard Worker system_block_device 61*e4a36f41SAndroid Build Coastguard Worker userdebug_or_eng(`-system_block_device') 62*e4a36f41SAndroid Build Coastguard Worker vold_device 63*e4a36f41SAndroid Build Coastguard Worker}:blk_file no_rw_file_perms; 64*e4a36f41SAndroid Build Coastguard Worker 65*e4a36f41SAndroid Build Coastguard Worker# Only allow entry from init or vold via fsck binaries 66*e4a36f41SAndroid Build Coastguard Workerneverallow { domain -init -vold } fsck:process transition; 67*e4a36f41SAndroid Build Coastguard Workerneverallow * fsck:process dyntransition; 68*e4a36f41SAndroid Build Coastguard Workerneverallow fsck { file_type fs_type -fsck_exec }:file entrypoint; 69