tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Use label staging_data_file for installed APEX. am: 5ed5072e06

Browse source 
am: a2e321d86a

Change-Id: I1ca6e41e2c3437aaf78d8c4c4e9b8d56429e2197
This commit is contained in:
Dario Freni 2019-03-03 15:58:10 -08:00 committed by android-build-merger
commit 489a6a4e50
2 changed files with 2 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
private/apexd.te
View file

@ -45,11 +45,6 @@ allow apexd apex_mnt_dir:lnk_file create_file_perms;
# because it doesn't have write permission for staging_data_file object.
allow apexd staging_data_file:file unlink;
# allow apexd to relabel apk_tmp_file to apex_data_file.
# TODO(b/112669193) remove this when APEXes are staged via file descriptor
allow apexd apk_tmp_file:file relabelfrom;
allow apexd apex_data_file:file relabelto;
# allow apexd to read files from /data/pkg_staging and hardlink them to /data/apex.
allow apexd staging_data_file:dir r_dir_perms;
allow apexd staging_data_file:file { r_file_perms link };

2
private/file_contexts
View file

@ -434,6 +434,8 @@
/data/adb(/.*)? u:object_r:adb_data_file:s0
/data/anr(/.*)? u:object_r:anr_data_file:s0
/data/apex(/.*)? u:object_r:apex_data_file:s0
/data/apex/active/(.*)? u:object_r:staging_data_file:s0
/data/apex/backup/(.*)? u:object_r:staging_data_file:s0
/data/app(/.*)? u:object_r:apk_data_file:s0
/data/app/[^/]+/oat(/.*)? u:object_r:dalvikcache_data_file:s0
/data/app/vmdl[^/]+\.tmp(/.*)? u:object_r:apk_tmp_file:s0