Merge "[selinux] allow system_server to call INCFS_IOC_GET_FILLED_BLOCKS ioctl" am: 1d4f2221cd
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1404978 Change-Id: Id571d508cb5f699f2970d1d53225c106cac8234c
This commit is contained in:
commit
8af2dcd05c
4 changed files with 4 additions and 2 deletions
|
@ -29,7 +29,7 @@ allow system_server incremental_control_file:file { ioctl r_file_perms };
|
|||
allowxperm system_server incremental_control_file:file ioctl { INCFS_IOCTL_CREATE_FILE INCFS_IOCTL_PERMIT_FILL };
|
||||
|
||||
# To get signature of an APK installed on Incremental File System and fill in data blocks
|
||||
allowxperm system_server apk_data_file:file ioctl { INCFS_IOCTL_READ_SIGNATURE INCFS_IOCTL_FILL_BLOCKS };
|
||||
allowxperm system_server apk_data_file:file ioctl { INCFS_IOCTL_READ_SIGNATURE INCFS_IOCTL_FILL_BLOCKS INCFS_IOCTL_GET_FILLED_BLOCKS };
|
||||
|
||||
# For art.
|
||||
allow system_server dalvikcache_data_file:dir r_dir_perms;
|
||||
|
|
|
@ -1059,6 +1059,7 @@ define(`INCFS_IOCTL_CREATE_FILE', `0x0000671e')
|
|||
define(`INCFS_IOCTL_READ_SIGNATURE', `0x0000671f')
|
||||
define(`INCFS_IOCTL_FILL_BLOCKS', `0x00006720')
|
||||
define(`INCFS_IOCTL_PERMIT_FILL', `0x00006721')
|
||||
define(`INCFS_IOCTL_GET_FILLED_BLOCKS', `0x00006722')
|
||||
define(`IOCTL_EVTCHN_BIND_INTERDOMAIN', `0x00084501')
|
||||
define(`IOCTL_EVTCHN_BIND_UNBOUND_PORT', `0x00044502')
|
||||
define(`IOCTL_EVTCHN_BIND_VIRQ', `0x00044500')
|
||||
|
|
|
@ -29,7 +29,7 @@ allow system_server incremental_control_file:file { ioctl r_file_perms };
|
|||
allowxperm system_server incremental_control_file:file ioctl { INCFS_IOCTL_CREATE_FILE INCFS_IOCTL_PERMIT_FILL };
|
||||
|
||||
# To get signature of an APK installed on Incremental File System and fill in data blocks
|
||||
allowxperm system_server apk_data_file:file ioctl { INCFS_IOCTL_READ_SIGNATURE INCFS_IOCTL_FILL_BLOCKS };
|
||||
allowxperm system_server apk_data_file:file ioctl { INCFS_IOCTL_READ_SIGNATURE INCFS_IOCTL_FILL_BLOCKS INCFS_IOCTL_GET_FILLED_BLOCKS };
|
||||
|
||||
# For art.
|
||||
allow system_server dalvikcache_data_file:dir r_dir_perms;
|
||||
|
|
|
@ -1059,6 +1059,7 @@ define(`INCFS_IOCTL_CREATE_FILE', `0x0000671e')
|
|||
define(`INCFS_IOCTL_READ_SIGNATURE', `0x0000671f')
|
||||
define(`INCFS_IOCTL_FILL_BLOCKS', `0x00006720')
|
||||
define(`INCFS_IOCTL_PERMIT_FILL', `0x00006721')
|
||||
define(`INCFS_IOCTL_GET_FILLED_BLOCKS', `0x00006722')
|
||||
define(`IOCTL_EVTCHN_BIND_INTERDOMAIN', `0x00084501')
|
||||
define(`IOCTL_EVTCHN_BIND_UNBOUND_PORT', `0x00044502')
|
||||
define(`IOCTL_EVTCHN_BIND_VIRQ', `0x00044500')
|
||||
|
|
Loading…
Reference in a new issue