Fix denial for ioctl FS Verity
For unknown reason, denial still happens with system app after applying ag/20712480. This commit adds a work around to fix this. Bug: 258093107 Fixes: 272530397 Test: flash build, pair watch with phone, check SE denials log (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0ade3b2183d850fd508569782e35a59ef2bd4dce) Merged-In: I16932c793c5ca144746d0903ed1826c1847d2add Change-Id: I16932c793c5ca144746d0903ed1826c1847d2add
This commit is contained in:
Eric Rahm
parent
d073bd4209
commit
af6035c64f
1 changed files with 1 additions and 0 deletions
|
|
@ -1107,6 +1107,7 @@ allowxperm system_server { apk_data_file system_data_file apex_system_server_dat
|
|||
|
||||
# Allow system process to measure fs-verity for apps, apps being installed and system files
|
||||
allowxperm system_server { apk_data_file apk_tmp_file system_file }:file ioctl FS_IOC_MEASURE_VERITY;
|
||||
allow system_server system_file:file ioctl;
|
||||
|
||||
# Postinstall
|
||||
#
|
||||
|
|
|
|||
Loading…
Reference in a new issue