tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Allow system_server_startup to read ART config

Browse source 
Denial:

06-03 14:18:31.491   691   691 I auditd  : type=1400 audit(0.0:88): avc:
denied { read } for comm="system_server"
name="u:object_r:device_config_runtime_native_prop:s0" dev="tmpfs"
ino=140 scontext=u:r:system_server_startup:s0
tcontext=u:object_r:device_config_runtime_native_prop:s0 tclass=file
permissive=0

Test: DeviceBootTest.DeviceBootTest#SELinuxUncheckedDenialBootTest
Bug: 181748174
Change-Id: I5e7624e2410e6c533e7ef238a0c3cc38ff6e368a
This commit is contained in:
Calin Juravle 2021-06-03 08:16:22 -07:00
parent c4efcbdc06
commit cf6a7e9821
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
private/system_server_startup.te
View file

@ -14,3 +14,7 @@ allow system_server_startup system_server:process dyntransition;
# Child of the zygote. # Child of the zygote.
allow system_server_startup zygote:process sigchld; allow system_server_startup zygote:process sigchld;
# Allow query ART device config properties
get_prop(system_server_startup, device_config_runtime_native_boot_prop)
get_prop(system_server_startup, device_config_runtime_native_prop)