tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Allow GMS core to call dumpsys storaged

Browse source 
Now that GMS core is running in gmscore_app and not priv_app, we need
this rule for the new domain. This also adds an auditallow to the same
rule for priv_app, so we can delete it once no logs show up in
go/sedenials for this rule triggerring.

Bug: 142672293
Test: TH
Change-Id: I308d40835156e0c19dd5074f69584ebf1c72ad58
This commit is contained in:
Ashwini Oruganti 2019-12-11 12:49:04 -08:00
parent fe55f30397
commit 7493bb52c1
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
private/storaged.te
View file

@ -30,6 +30,12 @@ allow storaged shell:fifo_file write;
# Needed for GMScore to call dumpsys storaged
allow storaged priv_app:fd use;
# b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own domain.
# Remove after no logs are seen for this rule.
userdebug_or_eng(`
auditallow storaged priv_app:fd use;
')
allow storaged gmscore_app:fd use;
allow storaged { privapp_data_file app_data_file }:file write;
allow storaged permission_service:service_manager find;