NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ALPS04667690] Add policy for format as internal

Browse Source 
add some policy to prevent form selinux violation
when formatting as internal.

MTK-Commit-Id: 11a1e82eea3751a833fdf92aea8b31012f948bdc

Change-Id: I44ea4c0b3eb2699a51d0cdf3881e2b4971c0c3cd
CR-Id: ALPS04667690
Feature: [Android Default] Download Manager
This commit is contained in:
Denis Hsu 2020-01-18 10:17:18 +08:00
parent 270ef77677
commit 315c48bc5f
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
non_plat/vold.te
View File

@ -31,3 +31,16 @@ dontaudit vold nvdata_file:dir r_dir_perms;
dontaudit vold nvcfg_file:dir r_dir_perms; dontaudit vold nvcfg_file:dir r_dir_perms;
dontaudit vold protect_f_data_file:dir r_dir_perms; dontaudit vold protect_f_data_file:dir r_dir_perms;
dontaudit vold protect_s_data_file:dir r_dir_perms; dontaudit vold protect_s_data_file:dir r_dir_perms;
# execute mke2fs when format as internal
allow vold cache_block_device:blk_file getattr;
allowxperm vold dm_device:blk_file ioctl {
BLKSECDISCARD BLKDISCARD BLKPBSZGET BLKDISCARDZEROES BLKROGET
};
allow vold nvcfg_block_device:blk_file getattr;
allow vold nvdata_device:blk_file getattr;
allow vold proc_swaps:file r_file_perms;
allow vold protect1_block_device:blk_file getattr;
allow vold protect2_block_device:blk_file getattr;
allow vold proc_swaps:file getattr;
allow vold swap_block_device:blk_file getattr;