tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Allow more file ioctls"

Browse source
This commit is contained in:
Treehugger Robot 2018-10-13 04:59:21 +00:00 committed by Gerrit Code Review
commit 03453d0a95
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
public/domain.te
View file

@ -325,11 +325,17 @@ allowxperm domain devpts:chr_file ioctl unpriv_tty_ioctls;
# named pipes, and named sockets)
allowxperm domain { file_type fs_type }:{ dir notdevfile_class_set } ioctl { 0 };
# Allow a process to make a determination whether a file descriptor
# for a plain file is a tty. Note that granting this whitelist to domain
# does not grant the ioctl permission to these files. That must be granted
# separately.
allowxperm domain { file_type fs_type }:file ioctl { TCGETS };
# Support sqlite F2FS specific optimizations
# ioctl permission on the specific file type is still required
# TODO: consider only compiling these rules if we know the
# /data partition is F2FS
allowxperm domain file_type:file ioctl {
allowxperm domain { file_type sdcard_type }:file ioctl {
F2FS_IOC_ABORT_VOLATILE_WRITE
F2FS_IOC_COMMIT_ATOMIC_WRITE
F2FS_IOC_GET_FEATURES