Merge changes I1dd435e3,I779e4d49 am: 86209626ce
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1415849 Change-Id: Idcae2f7db280aa0169c933dc931fdd841377110c
This commit is contained in:
Yo Chiang
Automerger Merge Worker
commit
e54e86ee05
1 changed files with 11 additions and 4 deletions
|
|
@ -69,10 +69,17 @@ allow gsid sdcard_block_device:blk_file r_file_perms;
|
|||
# requirement, but the kernel does not implement FIEMAP support for VFAT.
|
||||
allow gsid self:global_capability_class_set sys_rawio;
|
||||
|
||||
# gsi_tool passes the system image over the adb connection, via stdin.
|
||||
allow gsid adbd:fd use;
|
||||
# Needed when running gsi_tool through "su root" rather than adb root.
|
||||
allow gsid adbd:unix_stream_socket rw_socket_perms;
|
||||
# Allow rules for gsi_tool.
|
||||
userdebug_or_eng(`
|
||||
# gsi_tool passes the system image over the adb connection, via stdin.
|
||||
allow gsid adbd:fd use;
|
||||
# Needed when running gsi_tool through "su root" rather than adb root.
|
||||
allow gsid adbd:unix_stream_socket rw_socket_perms;
|
||||
# gsi_tool passes a FIFO to gsid if invoked with pipe redirection.
|
||||
allow gsid { shell su }:fifo_file r_file_perms;
|
||||
# Allow installing images from /storage/emulated/...
|
||||
allow gsid sdcard_type:file r_file_perms;
|
||||
')
|
||||
|
||||
neverallow {
|
||||
domain
|
||||
|
|
|
|||
Loading…
Reference in a new issue