Allow vold to create subdirectories within its private area.

AVC message we get without this change creating
/data/misc/vold/user_keys

05-12 08:57:54.839   189   189 W vold    : type=1400 audit(0.0:176):
avc: denied { create } for name="user_keys" scontext=u:r:vold:s0
tcontext=u:object_r:vold_data_file:s0 tclass=dir permissive=0

Bug: 19704432
Change-Id: I10fc90c64c7c10fa9811133a4289663ae8617607
This commit is contained in:
Paul Crowley 2015-05-11 10:46:22 +01:00
parent 540be83b82
commit 421dadbc9d

View file

@ -145,7 +145,7 @@ allow vold unencrypted_data_file:{ file } create_file_perms;
allow vold unencrypted_data_file:dir create_dir_perms; allow vold unencrypted_data_file:dir create_dir_perms;
# Give vold a place where only vold can store files; everyone else is off limits # Give vold a place where only vold can store files; everyone else is off limits
allow vold vold_data_file:dir rw_dir_perms; allow vold vold_data_file:dir create_dir_perms;
allow vold vold_data_file:file create_file_perms; allow vold vold_data_file:file create_file_perms;
# linux keyring configuration # linux keyring configuration