b638d9493f
This change extends the recovery mode modprobe sepolicy
to support loadable kernel module in normal mode by using
statement below in init.rc:
exec u:r:modprobe:s0 -- /system/bin/modprobe \
-d /vendor/lib/modules mod
Bug: b/35653245
Test: sailfish with local built kernel and LKM enabled
Change-Id: I827e2ce387c899db3e0e179da92e79c75d61f5ae
9 lines
267 B
Text
9 lines
267 B
Text
type modprobe, domain;
|
|
|
|
allow modprobe proc_modules:file r_file_perms;
|
|
allow modprobe self:capability sys_module;
|
|
recovery_only(`
|
|
allow modprobe rootfs:system module_load;
|
|
allow modprobe rootfs:file r_file_perms;
|
|
')
|
|
allow modprobe system_file:system module_load;
|