63492cd625
Copy init's dontaudit for sysfs:dir write; to calm the below denials:
avc: denied { write } for pid=542 comm="init" name="1da4000.ufshc" dev="sysfs" ino=21752 scontext=u:r:vendor_init:s0 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=1
avc: denied { write } for pid=542 comm="init" name="1da4000.ufshc" dev="sysfs" ino=21752 scontext=u:r:vendor_init:s0 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=1
Bug: 62875318
Test: use pixel + factory reset + vendor_init
Change-Id: I686b51c4f340b3565ea24f00516ebde846be7a89
6 lines
261 B
Text
6 lines
261 B
Text
typeattribute vendor_init coredomain;
|
|
|
|
# Creating files on sysfs is impossible so this isn't a threat
|
|
# Sometimes we have to write to non-existent files to avoid conditional
|
|
# init behavior. See b/35303861 for an example.
|
|
dontaudit vendor_init sysfs:dir write;
|