tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Revert "Stop granting init access to block device properties""

Browse source
This commit is contained in:
Bart Van Assche 2021-10-13 17:11:01 +00:00 committed by Gerrit Code Review
commit 41b61b7772
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
private/init.te
View file

@ -42,6 +42,12 @@ allow init sysfs_dm:file read;
allow init sysfs_loop:dir r_dir_perms; allow init sysfs_loop:dir r_dir_perms;
allow init sysfs_loop:file rw_file_perms; allow init sysfs_loop:file rw_file_perms;
# Allow init to examine the properties of block devices.
allow init sysfs_block_type:file { getattr read };
# Allow init access /dev/block
allow init bdev_type:dir r_dir_perms;
allow init bdev_type:blk_file getattr;
# Allow init to write to the drop_caches file. # Allow init to write to the drop_caches file.
allow init proc_drop_caches:file rw_file_perms; allow init proc_drop_caches:file rw_file_perms;