tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "authfs - remove getattr perm for fd pass"

Browse source
This commit is contained in:
Steven Moreland 2021-10-13 17:30:11 +00:00 committed by Gerrit Code Review
commit 0c1991eee4
1 changed files with 2 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
microdroid/system/private/authfs_service.te
View file

@ -24,11 +24,9 @@ allow authfs_service authfs_data_file:dir create_dir_perms;
# Allow opening a file from the FUSE mount.
# Note: authfs_service doesn't really need to read and write the file, but the
# check seems to happen on open anyway. It also doesn't need getattr, but it is
# currently called internally by binder to estimate ashmem size.
# check seems to happen on open anyway.
allow authfs_service authfs_fuse:dir search;
# TODO(195752513): Remove getattr once the binder bug is fixed.
allow authfs_service authfs_fuse:file { getattr open read write };
allow authfs_service authfs_fuse:file { open read write };
# Allow killing the authfs process and unmount.
allow authfs_service authfs:process sigkill;