379d6e6659
fix selinux permission for AB update with dynamic partition MTK-Commit-Id: c2d57620806b07535ab52f11924d25561d8758f8 Change-Id: I8d2dfae862ace8f7b82d4b7cd543291886b19078 Signed-off-by: Freddy Hsin <freddy.hsin@mediatek.com> CR-Id: ALPS04401328 Feature: [Android Default] SIU (SD Image Update)
30 lines
1.5 KiB
Plaintext
30 lines
1.5 KiB
Plaintext
# MTK Add policy for update_engine
|
|
# Add for update_engine update block device
|
|
allow update_engine preloader_block_device:blk_file rw_file_perms;
|
|
allow update_engine lk_block_device:blk_file rw_file_perms;
|
|
allow update_engine dtbo_block_device:blk_file rw_file_perms;
|
|
allow update_engine tee_block_device:blk_file rw_file_perms;
|
|
allow update_engine vendor_block_device:blk_file rw_file_perms;
|
|
allow update_engine odm_block_device:blk_file rw_file_perms;
|
|
allow update_engine oem_block_device:blk_file rw_file_perms;
|
|
allow update_engine md_block_device:blk_file rw_file_perms;
|
|
allow update_engine dsp_block_device:blk_file rw_file_perms;
|
|
allow update_engine scp_block_device:blk_file rw_file_perms;
|
|
allow update_engine sspm_block_device:blk_file rw_file_perms;
|
|
allow update_engine spmfw_block_device:blk_file rw_file_perms;
|
|
allow update_engine mcupmfw_block_device:blk_file rw_file_perms;
|
|
allow update_engine loader_ext_block_device:blk_file rw_file_perms;
|
|
allow update_engine cam_vpu_block_device:blk_file rw_file_perms;
|
|
allow update_engine para_block_device:blk_file rw_file_perms;
|
|
allow update_engine vbmeta_block_device:blk_file rw_file_perms;
|
|
allow update_engine proc_filesystems:file r_file_perms;
|
|
|
|
# Add for update_engine call by system_app
|
|
allow update_engine system_app:binder { call transfer };
|
|
|
|
# Add for update_engine with postinstall
|
|
allow update_engine postinstall_mnt_dir:dir { search getattr open read write search unlink};
|
|
|
|
# Add for AVB20
|
|
allow update_engine tmpfs:lnk_file read;
|