tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Allow snapuserd interaction in recovery and fastbootd."

Browse source
This commit is contained in:
Treehugger Robot 2021-02-08 21:30:11 +00:00 committed by Gerrit Code Review
commit 585b826c7e
2 changed files with 16 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
private/fastbootd.te
View file

@ -28,6 +28,14 @@ recovery_only(`
allow fastbootd port:tcp_socket name_bind;
allow fastbootd self:tcp_socket { create_socket_perms_no_ioctl listen accept };
# Start snapuserd for merging VABC updates
set_prop(fastbootd, ctl_snapuserd_prop)
# Needed to communicate with snapuserd to complete merges.
allow fastbootd snapuserd_socket:sock_file write;
allow fastbootd snapuserd:unix_stream_socket connectto;
allow fastbootd dm_user_device:dir r_dir_perms;
# Get fastbootd protocol property
get_prop(fastbootd, fastbootd_protocol_prop)
')

8
private/recovery.te
View file

@ -31,6 +31,14 @@ recovery_only(`
allow recovery self:tcp_socket { create ioctl };
allowxperm recovery self:tcp_socket ioctl { SIOCGIFFLAGS SIOCSIFFLAGS };
# Start snapuserd for merging VABC updates
set_prop(recovery, ctl_snapuserd_prop)
# Needed to communicate with snapuserd to complete merges.
allow recovery snapuserd_socket:sock_file write;
allow recovery snapuserd:unix_stream_socket connectto;
allow recovery dm_user_device:dir r_dir_perms;
# Set fastbootd protocol property
set_prop(recovery, fastbootd_protocol_prop)