[rpc_binder] Enable connection for authfs_service socket am: b1c2e19a71
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2305572 Change-Id: I96b21eb9b60613ac516bcfa0ba594c589e84e7fb Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
commit
c7e13ae286
3 changed files with 5 additions and 0 deletions
|
@ -73,6 +73,7 @@
|
|||
/dev/socket/tombstoned_crash u:object_r:tombstoned_crash_socket:s0
|
||||
/dev/socket/tombstoned_java_trace u:object_r:tombstoned_java_trace_socket:s0
|
||||
/dev/socket/tombstoned_intercept u:object_r:tombstoned_intercept_socket:s0
|
||||
/dev/socket/authfs_service u:object_r:authfs_service_socket:s0
|
||||
/dev/socket/vm_payload_service u:object_r:vm_payload_service_socket:s0
|
||||
/dev/sys/block/by-name/userdata(/.*)? u:object_r:userdata_sysdev:s0
|
||||
/dev/sys/fs/by-name/userdata(/.*)? u:object_r:userdata_sysdev:s0
|
||||
|
|
|
@ -49,6 +49,9 @@ binder_use(microdroid_payload);
|
|||
allow microdroid_payload authfs_binder_service:service_manager find;
|
||||
binder_call(microdroid_payload, authfs_service);
|
||||
|
||||
# Allow payload to communicate with authfs_service
|
||||
unix_socket_connect(microdroid_payload, authfs_service, authfs_service)
|
||||
|
||||
# Allow locating the authfs mount directory.
|
||||
allow microdroid_payload authfs_data_file:dir search;
|
||||
|
||||
|
|
|
@ -5,6 +5,7 @@ type adbd_socket, file_type, coredomain_socket;
|
|||
type apex_info_file, file_type;
|
||||
type apex_mnt_dir, file_type;
|
||||
type authfs_data_file, file_type, data_file_type, core_data_file_type;
|
||||
type authfs_service_socket, file_type, coredomain_socket;
|
||||
type cgroup_desc_api_file, file_type, system_file_type;
|
||||
type cgroup_desc_file, file_type, system_file_type;
|
||||
type cgroup_rc_file, file_type;
|
||||
|
|
Loading…
Reference in a new issue