1# Any fsck program run on untrusted block devices
2type fsck_untrusted, domain;
3
4# Inherit and use pty created by android_fork_execvp_ext().
5allow fsck_untrusted devpts:chr_file { read write ioctl getattr };
6
7# Allow stdin/out back to vold
8allow fsck_untrusted vold:fd use;
9allow fsck_untrusted vold:fifo_file { read write getattr };
10
11# Run fsck on vold block devices
12allow fsck_untrusted block_device:dir search;
13allow fsck_untrusted vold_device:blk_file rw_file_perms;
14
15###
16### neverallow rules
17###
18
19# Untrusted fsck should never be run on block devices holding sensitive data
20neverallow fsck_untrusted {
21  boot_block_device
22  frp_block_device
23  metadata_block_device
24  recovery_block_device
25  root_block_device
26  swap_block_device
27  system_block_device
28  userdata_block_device
29  cache_block_device
30  dm_device
31}:blk_file no_rw_file_perms;
32
33# Only allow entry from vold via fsck binaries
34neverallow { domain -vold } fsck_untrusted:process transition;
35neverallow domain fsck_untrusted:process dyntransition;
36neverallow fsck_untrusted { file_type fs_type -fsck_exec }:file entrypoint;
37