tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Allow system_server to enable fs-verity." am: 3ca356b7df

Browse source 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2364635

Change-Id: I5d5f1a9855a087c2fd40756c8657515f4952bb36
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Treehugger Robot 2022-12-21 02:14:43 +00:00 committed by Automerger Merge Worker
commit b839e55d39
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
private/system_server.te
View file

@ -1087,7 +1087,7 @@ set_prop(system_server, system_adbd_prop)
allow system_server toolbox_exec:file rx_file_perms;
# Allow system process to setup fs-verity
allowxperm system_server apk_data_file:file ioctl FS_IOC_ENABLE_VERITY;
allowxperm system_server { apk_data_file system_data_file apex_system_server_data_file }:file ioctl FS_IOC_ENABLE_VERITY;
# Allow system process to measure fs-verity for apps, apps being installed and system files
allowxperm system_server { apk_data_file apk_tmp_file system_file }:file ioctl FS_IOC_MEASURE_VERITY;