Add policy for LOOP_CONFIGURE ioctl.

This is a new ioctl for configuring loop devices, and is used by apexd. Bug: 148607611 Bug: 161575393 Test: boot on device with/without LOOP_CONFIGURE Change-Id: I9ef940c7c9f91eb32a01e68b858169c140d15d0f
2020-08-04 12:09:38 +02:00 · 2020-08-04 12:09:38 +02:00 · 6a8d1bee1c
commit 6a8d1bee1c
parent 0bee120900
4 changed files with 4 additions and 0 deletions
--- a/prebuilts/api/30.0/private/apexd.te
+++ b/prebuilts/api/30.0/private/apexd.te
@ -37,6 +37,7 @@ allowxperm apexd loop_device:blk_file ioctl {
  LOOP_SET_DIRECT_IO
  LOOP_CLR_FD
  BLKFLSBUF
+  LOOP_CONFIGURE
 };
 # allow apexd to access /dev/block
 allow apexd block_device:dir r_dir_perms;
--- a/prebuilts/api/30.0/public/ioctl_defines
+++ b/prebuilts/api/30.0/public/ioctl_defines
@ -1370,6 +1370,7 @@ define(`LOGGER_GET_VERSION', `0x0000ae05')
 define(`LOGGER_SET_VERSION', `0x0000ae06')
 define(`LOOP_CHANGE_FD', `0x00004c06')
 define(`LOOP_CLR_FD', `0x00004c01')
+define(`LOOP_CONFIGURE', `0x00004c0a')
 define(`LOOP_CTL_ADD', `0x00004c80')
 define(`LOOP_CTL_GET_FREE', `0x00004c82')
 define(`LOOP_CTL_REMOVE', `0x00004c81')
--- a/private/apexd.te
+++ b/private/apexd.te
@ -37,6 +37,7 @@ allowxperm apexd loop_device:blk_file ioctl {
  LOOP_SET_DIRECT_IO
  LOOP_CLR_FD
  BLKFLSBUF
+  LOOP_CONFIGURE
 };
 # allow apexd to access /dev/block
 allow apexd block_device:dir r_dir_perms;
--- a/public/ioctl_defines
+++ b/public/ioctl_defines
@ -1370,6 +1370,7 @@ define(`LOGGER_GET_VERSION', `0x0000ae05')
 define(`LOGGER_SET_VERSION', `0x0000ae06')
 define(`LOOP_CHANGE_FD', `0x00004c06')
 define(`LOOP_CLR_FD', `0x00004c01')
+define(`LOOP_CONFIGURE', `0x00004c0a')
 define(`LOOP_CTL_ADD', `0x00004c80')
 define(`LOOP_CTL_GET_FREE', `0x00004c82')
 define(`LOOP_CTL_REMOVE', `0x00004c81')