tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Allow priv_app to measure fs-verity on tmp apk files am: 6543cf9843

Browse source 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/3063020

Change-Id: I0c6d644107aeab8233efd9460bdbe166e95644bb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Victor Hsieh 2024-04-26 22:08:07 +00:00 committed by Automerger Merge Worker
commit 4d7627e3aa
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
private/priv_app.te
View file

@ -96,6 +96,7 @@ allow priv_app perfetto_traces_data_file:file { read getattr };
# Allow verifier to access staged apks. # Allow verifier to access staged apks.
allow priv_app { apk_tmp_file apk_private_tmp_file }:dir r_dir_perms; allow priv_app { apk_tmp_file apk_private_tmp_file }:dir r_dir_perms;
allow priv_app { apk_tmp_file apk_private_tmp_file }:file r_file_perms; allow priv_app { apk_tmp_file apk_private_tmp_file }:file r_file_perms;
allowxperm priv_app { apk_tmp_file apk_private_tmp_file }:file ioctl FS_IOC_MEASURE_VERITY;
# For AppFuse. # For AppFuse.
allow priv_app vold:fd use; allow priv_app vold:fd use;