Allow virtualizationservice to check parent dir am: a9d70d7ba8

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2967573

Change-Id: I915ec4bc0144cc9a1a9ac20525f48ad1b33af3d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
David Drysdale 2024-02-21 11:39:06 +00:00 committed by Automerger Merge Worker
commit bd6d03f58b

View file

@ -59,8 +59,9 @@ allow virtualizationservice adbd:unix_stream_socket { read write };
virtualizationservice_use(virtualizationservice)
# Allow virtualizationservice to read and write in the apex data directory
# /data/misc/apexdata/com.android.virt
allow virtualizationservice apex_module_data_file:dir search;
# /data/misc/apexdata/com.android.virt. Also allow checking of the parent directory
# (needed for SQLite database creation).
allow virtualizationservice apex_module_data_file:dir { search getattr };
allow virtualizationservice apex_virt_data_file:dir create_dir_perms;
allow virtualizationservice apex_virt_data_file:file create_file_perms;