From 346ca0c0126c9e09de6e7701a9f025dc273324ea Mon Sep 17 00:00:00 2001 From: Denis Hsu Date: Sat, 18 Jan 2020 10:15:00 +0800 Subject: [PATCH] [ALPS04631260] skip selinux violation log for fstrim vendor folder vold cannot do fstrim on vendor folders (ex: nvdata, protect_f) because of never allow rule. Thus, skip selinux violation log for fstrim vendor folder. MTK-Commit-Id: cf15f3ec6ae93e65c1f13b22f044e766a63eaece Change-Id: I9c26ee000b8554df7abb03141ecf73a78d727f87 CR-Id: ALPS04631260 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK --- non_plat/vold.te | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/non_plat/vold.te b/non_plat/vold.te index 95c7ebe..d946bbc 100644 --- a/non_plat/vold.te +++ b/non_plat/vold.te @@ -25,3 +25,9 @@ dontaudit vold proc_thermal:dir { read open }; allow vold mdlog_data_file:dir { create_dir_perms }; allow vold mtd_device:blk_file rw_file_perms; + +# dontaudit for fstrim on 'vendor' folder +dontaudit vold nvdata_file:dir r_dir_perms; +dontaudit vold nvcfg_file:dir r_dir_perms; +dontaudit vold protect_f_data_file:dir r_dir_perms; +dontaudit vold protect_s_data_file:dir r_dir_perms;