1*e4a36f41SAndroid Build Coastguard Worker# Creating files on sysfs is impossible so this isn't a threat 2*e4a36f41SAndroid Build Coastguard Worker# Sometimes we have to write to non-existent files to avoid conditional 3*e4a36f41SAndroid Build Coastguard Worker# init behavior. See b/35303861 for an example. 4*e4a36f41SAndroid Build Coastguard Workerdontaudit vendor_init sysfs:dir write; 5*e4a36f41SAndroid Build Coastguard Worker 6*e4a36f41SAndroid Build Coastguard Worker# TODO(b/140259336) We want to remove vendor_init in the long term but allow for now 7*e4a36f41SAndroid Build Coastguard Workerallow vendor_init system_data_root_file:dir rw_dir_perms; 8*e4a36f41SAndroid Build Coastguard Worker 9*e4a36f41SAndroid Build Coastguard Worker# Let vendor_init set service.adb.tcp.port. 10*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, adbd_config_prop) 11*e4a36f41SAndroid Build Coastguard Worker 12*e4a36f41SAndroid Build Coastguard Worker# Let vendor_init react to AVF device config changes 13*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, device_config_virtualization_framework_native_prop) 14*e4a36f41SAndroid Build Coastguard Worker 15*e4a36f41SAndroid Build Coastguard Worker# Let vendor_init use apex.<name>.ready to start services from vendor APEX 16*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, apex_ready_prop) 17*e4a36f41SAndroid Build Coastguard Worker 18*e4a36f41SAndroid Build Coastguard Worker# Let vendor_init read ro.fstype.data to process init.rc triggers 19*e4a36f41SAndroid Build Coastguard Worker# for this property 20*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, fstype_prop) 21*e4a36f41SAndroid Build Coastguard Worker 22*e4a36f41SAndroid Build Coastguard Worker# chown/chmod on devices, e.g. /dev/ttyHS0 23*e4a36f41SAndroid Build Coastguard Workerallow vendor_init { 24*e4a36f41SAndroid Build Coastguard Worker dev_type 25*e4a36f41SAndroid Build Coastguard Worker -keychord_device 26*e4a36f41SAndroid Build Coastguard Worker -vm_manager_device_type 27*e4a36f41SAndroid Build Coastguard Worker -port_device 28*e4a36f41SAndroid Build Coastguard Worker -lowpan_device 29*e4a36f41SAndroid Build Coastguard Worker -hw_random_device 30*e4a36f41SAndroid Build Coastguard Worker}:chr_file setattr; 31*e4a36f41SAndroid Build Coastguard Worker 32*e4a36f41SAndroid Build Coastguard Worker# Communication to the main init process 33*e4a36f41SAndroid Build Coastguard Workerallow vendor_init init:unix_stream_socket { read write }; 34*e4a36f41SAndroid Build Coastguard Worker 35*e4a36f41SAndroid Build Coastguard Worker# Logging to kmsg 36*e4a36f41SAndroid Build Coastguard Workerallow vendor_init kmsg_device:chr_file { open getattr write }; 37*e4a36f41SAndroid Build Coastguard Worker 38*e4a36f41SAndroid Build Coastguard Worker# Mount on /dev/usb-ffs/adb. 39*e4a36f41SAndroid Build Coastguard Workerallow vendor_init device:dir mounton; 40*e4a36f41SAndroid Build Coastguard Worker 41*e4a36f41SAndroid Build Coastguard Worker# Create and remove symlinks in /. 42*e4a36f41SAndroid Build Coastguard Workerallow vendor_init rootfs:lnk_file { create unlink }; 43*e4a36f41SAndroid Build Coastguard Worker 44*e4a36f41SAndroid Build Coastguard Worker# Create cgroups mount points in tmpfs and mount cgroups on them. 45*e4a36f41SAndroid Build Coastguard Workerallow vendor_init cgroup:dir create_dir_perms; 46*e4a36f41SAndroid Build Coastguard Workerallow vendor_init cgroup:file w_file_perms; 47*e4a36f41SAndroid Build Coastguard Workerallow vendor_init cgroup_v2:dir create_dir_perms; 48*e4a36f41SAndroid Build Coastguard Workerallow vendor_init cgroup_v2:file w_file_perms; 49*e4a36f41SAndroid Build Coastguard Worker 50*e4a36f41SAndroid Build Coastguard Worker# /config 51*e4a36f41SAndroid Build Coastguard Workerallow vendor_init configfs:dir mounton; 52*e4a36f41SAndroid Build Coastguard Workerallow vendor_init configfs:dir create_dir_perms; 53*e4a36f41SAndroid Build Coastguard Workerallow vendor_init configfs:{ file lnk_file } create_file_perms; 54*e4a36f41SAndroid Build Coastguard Worker 55*e4a36f41SAndroid Build Coastguard Worker# Create directories under /dev/cpuctl after chowning it to system. 56*e4a36f41SAndroid Build Coastguard Workerallow vendor_init self:global_capability_class_set { dac_override dac_read_search }; 57*e4a36f41SAndroid Build Coastguard Worker 58*e4a36f41SAndroid Build Coastguard Worker# mkdir, symlink, write, rm/rmdir, chown/chmod, restorecon/restorecon_recursive from init.rc files. 59*e4a36f41SAndroid Build Coastguard Worker# chown/chmod require open+read+setattr required for open()+fchown/fchmod(). 60*e4a36f41SAndroid Build Coastguard Worker# system/core/init.rc requires at least cache_file and data_file_type. 61*e4a36f41SAndroid Build Coastguard Worker# init.<board>.rc files often include device-specific types, so 62*e4a36f41SAndroid Build Coastguard Worker# we just allow all file types except /system files here. 63*e4a36f41SAndroid Build Coastguard Workerallow vendor_init self:global_capability_class_set { chown fowner fsetid }; 64*e4a36f41SAndroid Build Coastguard Worker 65*e4a36f41SAndroid Build Coastguard Worker# mkdir with FBE requires reading /data/unencrypted/{ref,mode}. 66*e4a36f41SAndroid Build Coastguard Workerallow vendor_init unencrypted_data_file:dir search; 67*e4a36f41SAndroid Build Coastguard Workerallow vendor_init unencrypted_data_file:file r_file_perms; 68*e4a36f41SAndroid Build Coastguard Worker 69*e4a36f41SAndroid Build Coastguard Worker# Set encryption policy on dirs in /data 70*e4a36f41SAndroid Build Coastguard Workerallowxperm vendor_init data_file_type:dir ioctl { 71*e4a36f41SAndroid Build Coastguard Worker FS_IOC_GET_ENCRYPTION_POLICY 72*e4a36f41SAndroid Build Coastguard Worker FS_IOC_SET_ENCRYPTION_POLICY 73*e4a36f41SAndroid Build Coastguard Worker}; 74*e4a36f41SAndroid Build Coastguard Worker 75*e4a36f41SAndroid Build Coastguard Workerallow vendor_init system_data_file:dir getattr; 76*e4a36f41SAndroid Build Coastguard Worker 77*e4a36f41SAndroid Build Coastguard Workerallow vendor_init { 78*e4a36f41SAndroid Build Coastguard Worker file_type 79*e4a36f41SAndroid Build Coastguard Worker -bpffs_type 80*e4a36f41SAndroid Build Coastguard Worker -core_data_file_type 81*e4a36f41SAndroid Build Coastguard Worker -exec_type 82*e4a36f41SAndroid Build Coastguard Worker -system_dlkm_file_type 83*e4a36f41SAndroid Build Coastguard Worker -system_file_type 84*e4a36f41SAndroid Build Coastguard Worker -mnt_product_file 85*e4a36f41SAndroid Build Coastguard Worker -password_slot_metadata_file 86*e4a36f41SAndroid Build Coastguard Worker -ota_metadata_file 87*e4a36f41SAndroid Build Coastguard Worker -unlabeled 88*e4a36f41SAndroid Build Coastguard Worker -vendor_file_type 89*e4a36f41SAndroid Build Coastguard Worker -vold_metadata_file 90*e4a36f41SAndroid Build Coastguard Worker -gsi_metadata_file_type 91*e4a36f41SAndroid Build Coastguard Worker -apex_metadata_file 92*e4a36f41SAndroid Build Coastguard Worker -userspace_reboot_metadata_file 93*e4a36f41SAndroid Build Coastguard Worker -aconfig_storage_metadata_file 94*e4a36f41SAndroid Build Coastguard Worker -aconfig_storage_flags_metadata_file 95*e4a36f41SAndroid Build Coastguard Worker}:dir { create search getattr open read setattr ioctl write add_name remove_name rmdir relabelfrom }; 96*e4a36f41SAndroid Build Coastguard Worker 97*e4a36f41SAndroid Build Coastguard Workerallow vendor_init unlabeled:{ dir notdevfile_class_set } { getattr relabelfrom }; 98*e4a36f41SAndroid Build Coastguard Worker 99*e4a36f41SAndroid Build Coastguard Workerallow vendor_init { 100*e4a36f41SAndroid Build Coastguard Worker file_type 101*e4a36f41SAndroid Build Coastguard Worker -bpffs_type 102*e4a36f41SAndroid Build Coastguard Worker -core_data_file_type 103*e4a36f41SAndroid Build Coastguard Worker -exec_type 104*e4a36f41SAndroid Build Coastguard Worker -password_slot_metadata_file 105*e4a36f41SAndroid Build Coastguard Worker -ota_metadata_file 106*e4a36f41SAndroid Build Coastguard Worker -runtime_event_log_tags_file 107*e4a36f41SAndroid Build Coastguard Worker -system_dlkm_file_type 108*e4a36f41SAndroid Build Coastguard Worker -system_file_type 109*e4a36f41SAndroid Build Coastguard Worker -unlabeled 110*e4a36f41SAndroid Build Coastguard Worker -vendor_file_type 111*e4a36f41SAndroid Build Coastguard Worker -vold_metadata_file 112*e4a36f41SAndroid Build Coastguard Worker -gsi_metadata_file_type 113*e4a36f41SAndroid Build Coastguard Worker -apex_metadata_file 114*e4a36f41SAndroid Build Coastguard Worker -apex_info_file 115*e4a36f41SAndroid Build Coastguard Worker -userspace_reboot_metadata_file 116*e4a36f41SAndroid Build Coastguard Worker -aconfig_storage_metadata_file 117*e4a36f41SAndroid Build Coastguard Worker -aconfig_storage_flags_metadata_file 118*e4a36f41SAndroid Build Coastguard Worker -tradeinmode_metadata_file 119*e4a36f41SAndroid Build Coastguard Worker enforce_debugfs_restriction(`-debugfs_type') 120*e4a36f41SAndroid Build Coastguard Worker}:file { create getattr open read write setattr relabelfrom unlink map }; 121*e4a36f41SAndroid Build Coastguard Worker 122*e4a36f41SAndroid Build Coastguard Workerallow vendor_init { 123*e4a36f41SAndroid Build Coastguard Worker file_type 124*e4a36f41SAndroid Build Coastguard Worker -bpffs_type 125*e4a36f41SAndroid Build Coastguard Worker -core_data_file_type 126*e4a36f41SAndroid Build Coastguard Worker -exec_type 127*e4a36f41SAndroid Build Coastguard Worker -password_slot_metadata_file 128*e4a36f41SAndroid Build Coastguard Worker -ota_metadata_file 129*e4a36f41SAndroid Build Coastguard Worker -system_dlkm_file_type 130*e4a36f41SAndroid Build Coastguard Worker -system_file_type 131*e4a36f41SAndroid Build Coastguard Worker -unlabeled 132*e4a36f41SAndroid Build Coastguard Worker -vendor_file_type 133*e4a36f41SAndroid Build Coastguard Worker -vold_metadata_file 134*e4a36f41SAndroid Build Coastguard Worker -gsi_metadata_file_type 135*e4a36f41SAndroid Build Coastguard Worker -apex_metadata_file 136*e4a36f41SAndroid Build Coastguard Worker -userspace_reboot_metadata_file 137*e4a36f41SAndroid Build Coastguard Worker -aconfig_storage_metadata_file 138*e4a36f41SAndroid Build Coastguard Worker -aconfig_storage_flags_metadata_file 139*e4a36f41SAndroid Build Coastguard Worker}:{ sock_file fifo_file } { create getattr open read setattr relabelfrom unlink }; 140*e4a36f41SAndroid Build Coastguard Worker 141*e4a36f41SAndroid Build Coastguard Workerallow vendor_init { 142*e4a36f41SAndroid Build Coastguard Worker file_type 143*e4a36f41SAndroid Build Coastguard Worker -apex_mnt_dir 144*e4a36f41SAndroid Build Coastguard Worker -bpffs_type 145*e4a36f41SAndroid Build Coastguard Worker -core_data_file_type 146*e4a36f41SAndroid Build Coastguard Worker -exec_type 147*e4a36f41SAndroid Build Coastguard Worker -password_slot_metadata_file 148*e4a36f41SAndroid Build Coastguard Worker -ota_metadata_file 149*e4a36f41SAndroid Build Coastguard Worker -system_dlkm_file_type 150*e4a36f41SAndroid Build Coastguard Worker -system_file_type 151*e4a36f41SAndroid Build Coastguard Worker -unlabeled 152*e4a36f41SAndroid Build Coastguard Worker -vendor_file_type 153*e4a36f41SAndroid Build Coastguard Worker -vold_metadata_file 154*e4a36f41SAndroid Build Coastguard Worker -gsi_metadata_file_type 155*e4a36f41SAndroid Build Coastguard Worker -apex_metadata_file 156*e4a36f41SAndroid Build Coastguard Worker -userspace_reboot_metadata_file 157*e4a36f41SAndroid Build Coastguard Worker -aconfig_storage_metadata_file 158*e4a36f41SAndroid Build Coastguard Worker -aconfig_storage_flags_metadata_file 159*e4a36f41SAndroid Build Coastguard Worker}:lnk_file { create getattr setattr relabelfrom unlink }; 160*e4a36f41SAndroid Build Coastguard Worker 161*e4a36f41SAndroid Build Coastguard Workerallow vendor_init { 162*e4a36f41SAndroid Build Coastguard Worker file_type 163*e4a36f41SAndroid Build Coastguard Worker -bpffs_type 164*e4a36f41SAndroid Build Coastguard Worker -core_data_file_type 165*e4a36f41SAndroid Build Coastguard Worker -exec_type 166*e4a36f41SAndroid Build Coastguard Worker -mnt_product_file 167*e4a36f41SAndroid Build Coastguard Worker -password_slot_metadata_file 168*e4a36f41SAndroid Build Coastguard Worker -ota_metadata_file 169*e4a36f41SAndroid Build Coastguard Worker -system_dlkm_file_type 170*e4a36f41SAndroid Build Coastguard Worker -system_file_type 171*e4a36f41SAndroid Build Coastguard Worker -vendor_file_type 172*e4a36f41SAndroid Build Coastguard Worker -vold_metadata_file 173*e4a36f41SAndroid Build Coastguard Worker -gsi_metadata_file_type 174*e4a36f41SAndroid Build Coastguard Worker -apex_metadata_file 175*e4a36f41SAndroid Build Coastguard Worker -userspace_reboot_metadata_file 176*e4a36f41SAndroid Build Coastguard Worker -aconfig_storage_metadata_file 177*e4a36f41SAndroid Build Coastguard Worker -aconfig_storage_flags_metadata_file 178*e4a36f41SAndroid Build Coastguard Worker}:dir_file_class_set relabelto; 179*e4a36f41SAndroid Build Coastguard Worker 180*e4a36f41SAndroid Build Coastguard Workerallow vendor_init dev_type:dir create_dir_perms; 181*e4a36f41SAndroid Build Coastguard Workerallow vendor_init dev_type:lnk_file create; 182*e4a36f41SAndroid Build Coastguard Worker 183*e4a36f41SAndroid Build Coastguard Worker# Disable tracing by writing to /sys/kernel/debug/tracing/tracing_on 184*e4a36f41SAndroid Build Coastguard Workerallow vendor_init debugfs_tracing:file w_file_perms; 185*e4a36f41SAndroid Build Coastguard Worker 186*e4a36f41SAndroid Build Coastguard Worker# chown/chmod on pseudo files. 187*e4a36f41SAndroid Build Coastguard Workerallow vendor_init { 188*e4a36f41SAndroid Build Coastguard Worker fs_type 189*e4a36f41SAndroid Build Coastguard Worker -bpffs_type 190*e4a36f41SAndroid Build Coastguard Worker -contextmount_type 191*e4a36f41SAndroid Build Coastguard Worker -keychord_device 192*e4a36f41SAndroid Build Coastguard Worker -sdcard_type 193*e4a36f41SAndroid Build Coastguard Worker -fusefs_type 194*e4a36f41SAndroid Build Coastguard Worker -rootfs 195*e4a36f41SAndroid Build Coastguard Worker -proc_uid_time_in_state 196*e4a36f41SAndroid Build Coastguard Worker -proc_uid_concurrent_active_time 197*e4a36f41SAndroid Build Coastguard Worker -proc_uid_concurrent_policy_time 198*e4a36f41SAndroid Build Coastguard Worker enforce_debugfs_restriction(`-debugfs_type') 199*e4a36f41SAndroid Build Coastguard Worker}:file { open read setattr map }; 200*e4a36f41SAndroid Build Coastguard Worker 201*e4a36f41SAndroid Build Coastguard Workerallow vendor_init tracefs_type:file { open read setattr map }; 202*e4a36f41SAndroid Build Coastguard Worker 203*e4a36f41SAndroid Build Coastguard Workerallow vendor_init { 204*e4a36f41SAndroid Build Coastguard Worker fs_type 205*e4a36f41SAndroid Build Coastguard Worker -bpffs_type 206*e4a36f41SAndroid Build Coastguard Worker -contextmount_type 207*e4a36f41SAndroid Build Coastguard Worker -sdcard_type 208*e4a36f41SAndroid Build Coastguard Worker -fusefs_type 209*e4a36f41SAndroid Build Coastguard Worker -rootfs 210*e4a36f41SAndroid Build Coastguard Worker -proc_uid_time_in_state 211*e4a36f41SAndroid Build Coastguard Worker -proc_uid_concurrent_active_time 212*e4a36f41SAndroid Build Coastguard Worker -proc_uid_concurrent_policy_time 213*e4a36f41SAndroid Build Coastguard Worker}:dir { open read setattr search }; 214*e4a36f41SAndroid Build Coastguard Worker 215*e4a36f41SAndroid Build Coastguard Workerallow vendor_init dev_type:blk_file getattr; 216*e4a36f41SAndroid Build Coastguard Worker 217*e4a36f41SAndroid Build Coastguard Worker# Write to /proc/sys/net/ping_group_range and other /proc/sys/net files. 218*e4a36f41SAndroid Build Coastguard Workerr_dir_file(vendor_init, proc_net_type) 219*e4a36f41SAndroid Build Coastguard Workerallow vendor_init proc_net_type:file w_file_perms; 220*e4a36f41SAndroid Build Coastguard Workerallow vendor_init self:global_capability_class_set net_admin; 221*e4a36f41SAndroid Build Coastguard Worker 222*e4a36f41SAndroid Build Coastguard Worker# Write to /proc/sys/vm/page-cluster 223*e4a36f41SAndroid Build Coastguard Workerallow vendor_init proc_page_cluster:file w_file_perms; 224*e4a36f41SAndroid Build Coastguard Worker 225*e4a36f41SAndroid Build Coastguard Worker# Write to sysfs nodes. 226*e4a36f41SAndroid Build Coastguard Workerallow vendor_init sysfs_type:dir r_dir_perms; 227*e4a36f41SAndroid Build Coastguard Workerallow vendor_init sysfs_type:lnk_file read; 228*e4a36f41SAndroid Build Coastguard Workerallow vendor_init { sysfs_type -sysfs_usermodehelper }:file rw_file_perms; 229*e4a36f41SAndroid Build Coastguard Worker 230*e4a36f41SAndroid Build Coastguard Worker# setfscreatecon() for labeling directories and socket files. 231*e4a36f41SAndroid Build Coastguard Workerallow vendor_init self:process { setfscreate }; 232*e4a36f41SAndroid Build Coastguard Worker 233*e4a36f41SAndroid Build Coastguard Workerr_dir_file(vendor_init, vendor_file_type) 234*e4a36f41SAndroid Build Coastguard Worker 235*e4a36f41SAndroid Build Coastguard Worker# Vendor init can read properties 236*e4a36f41SAndroid Build Coastguard Workerallow vendor_init serialno_prop:file { getattr open read map }; 237*e4a36f41SAndroid Build Coastguard Worker 238*e4a36f41SAndroid Build Coastguard Worker# Vendor init can perform operations on trusted and security Extended Attributes 239*e4a36f41SAndroid Build Coastguard Workerallow vendor_init self:global_capability_class_set sys_admin; 240*e4a36f41SAndroid Build Coastguard Worker 241*e4a36f41SAndroid Build Coastguard Worker# Raw writes to misc block device 242*e4a36f41SAndroid Build Coastguard Workerallow vendor_init misc_block_device:blk_file w_file_perms; 243*e4a36f41SAndroid Build Coastguard Worker 244*e4a36f41SAndroid Build Coastguard Worker# vendor_init is using bootstrap bionic 245*e4a36f41SAndroid Build Coastguard Workeruse_bootstrap_libs(vendor_init) 246*e4a36f41SAndroid Build Coastguard Worker 247*e4a36f41SAndroid Build Coastguard Worker# allow filesystem tuning 248*e4a36f41SAndroid Build Coastguard Workerallow vendor_init userdata_sysdev:file create_file_perms; 249*e4a36f41SAndroid Build Coastguard Worker 250*e4a36f41SAndroid Build Coastguard Worker# Everything is labeled as rootfs in recovery mode. Vendor init has to execute 251*e4a36f41SAndroid Build Coastguard Worker# the dynamic linker and shared libraries. 252*e4a36f41SAndroid Build Coastguard Workerrecovery_only(` 253*e4a36f41SAndroid Build Coastguard Worker allow vendor_init rootfs:file { r_file_perms execute }; 254*e4a36f41SAndroid Build Coastguard Worker') 255*e4a36f41SAndroid Build Coastguard Worker 256*e4a36f41SAndroid Build Coastguard Workernot_compatible_property(` 257*e4a36f41SAndroid Build Coastguard Worker set_prop(vendor_init, { 258*e4a36f41SAndroid Build Coastguard Worker property_type 259*e4a36f41SAndroid Build Coastguard Worker -system_internal_property_type 260*e4a36f41SAndroid Build Coastguard Worker -system_restricted_property_type 261*e4a36f41SAndroid Build Coastguard Worker }) 262*e4a36f41SAndroid Build Coastguard Worker') 263*e4a36f41SAndroid Build Coastguard Worker 264*e4a36f41SAndroid Build Coastguard Worker# Get file context 265*e4a36f41SAndroid Build Coastguard Workerallow vendor_init file_contexts_file:file r_file_perms; 266*e4a36f41SAndroid Build Coastguard Worker 267*e4a36f41SAndroid Build Coastguard Worker# Allow vendor_init to (re)set nice 268*e4a36f41SAndroid Build Coastguard Workerallow vendor_init self:capability sys_nice; 269*e4a36f41SAndroid Build Coastguard Worker 270*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, apk_verity_prop) 271*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, bluetooth_a2dp_offload_prop) 272*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, bluetooth_audio_hal_prop) 273*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, bluetooth_config_prop) 274*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, camera2_extensions_prop) 275*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, camerax_extensions_prop) 276*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, cpu_variant_prop) 277*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, dalvik_config_prop) 278*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, dalvik_dynamic_config_prop) 279*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, dalvik_runtime_prop) 280*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, debug_prop) 281*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, exported_bluetooth_prop) 282*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, exported_camera_prop) 283*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, exported_config_prop) 284*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, exported_default_prop) 285*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, exported_overlay_prop) 286*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, exported_pm_prop) 287*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, ffs_control_prop) 288*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, hw_timeout_multiplier_prop) 289*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, incremental_prop) 290*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, lmkd_prop) 291*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, logd_prop) 292*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, log_tag_prop) 293*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, log_prop) 294*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, graphics_config_writable_prop) 295*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, prefetch_boot_prop); 296*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, qemu_hw_prop) 297*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, radio_control_prop) 298*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, rebootescrow_hal_prop) 299*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, serialno_prop) 300*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, soc_prop) 301*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, surfaceflinger_color_prop) 302*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, usb_control_prop) 303*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, userspace_reboot_config_prop) 304*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, vehicle_hal_prop) 305*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, vendor_default_prop) 306*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, keystore_config_prop) 307*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, vendor_security_patch_level_prop) 308*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, vndk_prop) 309*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, virtual_ab_prop) 310*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, vold_post_fs_data_prop) 311*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, wifi_hal_prop) 312*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, wifi_log_prop) 313*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, zram_control_prop) 314*e4a36f41SAndroid Build Coastguard Worker 315*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, boot_status_prop) 316*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, exported3_system_prop) 317*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, ota_prop) 318*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, power_debug_prop) 319*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, provisioned_prop) 320*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, retaildemo_prop) 321*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, surfaceflinger_display_prop) 322*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, test_harness_prop) 323*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, theme_prop) 324*e4a36f41SAndroid Build Coastguard Workerset_prop(vendor_init, dck_prop) 325*e4a36f41SAndroid Build Coastguard Worker 326*e4a36f41SAndroid Build Coastguard Worker# Allow vendor_init to read vendor_system_native device config changes 327*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, device_config_vendor_system_native_prop) 328*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, device_config_vendor_system_native_boot_prop) 329*e4a36f41SAndroid Build Coastguard Worker 330*e4a36f41SAndroid Build Coastguard Workeruserdebug_or_eng(` 331*e4a36f41SAndroid Build Coastguard Workerget_prop(vendor_init, profcollectd_etr_prop) 332*e4a36f41SAndroid Build Coastguard Worker') 333*e4a36f41SAndroid Build Coastguard Worker 334*e4a36f41SAndroid Build Coastguard Worker### 335*e4a36f41SAndroid Build Coastguard Worker### neverallow rules 336*e4a36f41SAndroid Build Coastguard Worker### 337*e4a36f41SAndroid Build Coastguard Worker 338*e4a36f41SAndroid Build Coastguard Worker# Vendor init shouldn't communicate with any vendor process, nor most system processes. 339*e4a36f41SAndroid Build Coastguard Workerneverallow_establish_socket_comms(vendor_init, { 340*e4a36f41SAndroid Build Coastguard Worker domain -init -logd -prng_seeder -su -vendor_init }); 341*e4a36f41SAndroid Build Coastguard Worker 342*e4a36f41SAndroid Build Coastguard Worker# The vendor_init domain is only entered via an exec based transition from the 343*e4a36f41SAndroid Build Coastguard Worker# init domain, never via setcon(). 344*e4a36f41SAndroid Build Coastguard Workerneverallow domain vendor_init:process dyntransition; 345*e4a36f41SAndroid Build Coastguard Workerneverallow { domain -init } vendor_init:process transition; 346*e4a36f41SAndroid Build Coastguard Workerneverallow vendor_init { file_type fs_type -init_exec }:file entrypoint; 347*e4a36f41SAndroid Build Coastguard Worker 348*e4a36f41SAndroid Build Coastguard Worker# Never read/follow symlinks created by shell or untrusted apps. 349*e4a36f41SAndroid Build Coastguard Workerneverallow vendor_init app_data_file_type:lnk_file read; 350*e4a36f41SAndroid Build Coastguard Workerneverallow vendor_init shell_data_file:lnk_file read; 351*e4a36f41SAndroid Build Coastguard Worker# Init should not be creating subdirectories in /data/local/tmp 352*e4a36f41SAndroid Build Coastguard Workerneverallow vendor_init shell_data_file:dir { write add_name remove_name }; 353*e4a36f41SAndroid Build Coastguard Worker 354*e4a36f41SAndroid Build Coastguard Worker# init should never execute a program without changing to another domain. 355*e4a36f41SAndroid Build Coastguard Workerneverallow vendor_init { file_type fs_type }:file execute_no_trans; 356*e4a36f41SAndroid Build Coastguard Worker 357*e4a36f41SAndroid Build Coastguard Worker# Init never adds or uses services via service_manager. 358*e4a36f41SAndroid Build Coastguard Workerneverallow vendor_init service_manager_type:service_manager { add find }; 359*e4a36f41SAndroid Build Coastguard Workerneverallow vendor_init servicemanager:service_manager list; 360*e4a36f41SAndroid Build Coastguard Worker 361*e4a36f41SAndroid Build Coastguard Worker# vendor_init should never be ptraced 362*e4a36f41SAndroid Build Coastguard Workerneverallow * vendor_init:process ptrace; 363