tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "sepolicy: new prereboot_data_file type"

Browse source
This commit is contained in:
Jerry Chang 2020-02-11 02:49:29 +00:00 committed by Gerrit Code Review
commit e8b7cecad3
5 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
private/compat/29.0/29.0.ignore.cil
View file

@ -65,6 +65,7 @@
module_sdkextensions_prop
ota_metadata_file
ota_prop
prereboot_data_file
art_apex_dir
rebootescrow_hal_prop
service_manager_service

1
private/file_contexts
View file

@ -541,6 +541,7 @@
/data/misc/net(/.*)? u:object_r:net_data_file:s0
/data/misc/network_watchlist(/.*)? u:object_r:network_watchlist_data_file:s0
/data/misc/perfetto-traces(/.*)? u:object_r:perfetto_traces_data_file:s0
/data/misc/prereboot(/.*)? u:object_r:prereboot_data_file:s0
/data/misc/recovery(/.*)? u:object_r:recovery_data_file:s0
/data/misc/shared_relro(/.*)? u:object_r:shared_relro_file:s0
/data/misc/sms(/.*)? u:object_r:radio_data_file:s0

4
private/system_server.te
View file

@ -441,6 +441,10 @@ allow system_server incidentd:fifo_file read;
# with no DAC access to it, for dropbox to read.
allow system_server incident_data_file:file read;
# Manage /data/misc/prereboot.
allow system_server prereboot_data_file:dir rw_dir_perms;
allow system_server prereboot_data_file:file create_file_perms;
# Allow dropbox to read /data/misc/perfetto-traces. Only the fd is sent over
# binder.
allow system_server perfetto_traces_data_file:file read;

4
public/dumpstate.te
View file

@ -218,6 +218,10 @@ userdebug_or_eng(`
allow dumpstate misc_logd_file:dir r_dir_perms;
allow dumpstate misc_logd_file:file r_file_perms;
# Access /data/misc/prereboot
allow dumpstate prereboot_data_file:dir r_dir_perms;
allow dumpstate prereboot_data_file:file r_file_perms;
allow dumpstate app_fuse_file:dir r_dir_perms;
allow dumpstate overlayfs_file:dir r_dir_perms;

2
public/file.te
View file

@ -283,6 +283,8 @@ type ota_package_file, file_type, data_file_type, core_data_file_type, mlstruste
type user_profile_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject;
# /data/misc/profman
type profman_dump_data_file, file_type, data_file_type, core_data_file_type;
# /data/misc/prereboot
type prereboot_data_file, file_type, data_file_type, core_data_file_type;
# /data/resource-cache
type resourcecache_data_file, file_type, data_file_type, core_data_file_type;
# /data/local - writable by shell