tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Allow virtualizationservice to check parent dir am: a9d70d7ba8

Browse source 
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2967573

Change-Id: I915ec4bc0144cc9a1a9ac20525f48ad1b33af3d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
David Drysdale 2024-02-21 11:39:06 +00:00 committed by Automerger Merge Worker
commit bd6d03f58b
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
private/virtualizationservice.te
View file

@ -59,8 +59,9 @@ allow virtualizationservice adbd:unix_stream_socket { read write };
virtualizationservice_use(virtualizationservice) virtualizationservice_use(virtualizationservice)
# Allow virtualizationservice to read and write in the apex data directory # Allow virtualizationservice to read and write in the apex data directory
# /data/misc/apexdata/com.android.virt # /data/misc/apexdata/com.android.virt. Also allow checking of the parent directory
allow virtualizationservice apex_module_data_file:dir search; # (needed for SQLite database creation).
allow virtualizationservice apex_module_data_file:dir { search getattr };
allow virtualizationservice apex_virt_data_file:dir create_dir_perms; allow virtualizationservice apex_virt_data_file:dir create_dir_perms;
allow virtualizationservice apex_virt_data_file:file create_file_perms; allow virtualizationservice apex_virt_data_file:file create_file_perms;