tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/vendor/hal_bootctl_default.te
David Anderson 549e3c6d91 Add sepolicy for IBootControl 1.1 and the default HAL. 
Bug: 138861550
Test: manual test
Change-Id: Ibc9a55266a2726cb8dc8550be0264db30b66109e
2019-10-08 14:24:38 -07:00

18 lines
703 B
Text
Raw Blame History

# Boot control subsystem
type hal_bootctl_default, domain;
hal_server_domain(hal_bootctl_default, hal_bootctl)
type hal_bootctl_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_bootctl_default)
# Needed for ReadDefaultFstab.
allow hal_bootctl_default proc_cmdline:file r_file_perms;
allow hal_bootctl_default sysfs_dt_firmware_android:dir search;
# ReadDefaultFstab looks for /metadata/gsi/booted. We don't care about getting
# a GSI-corrected fstab.
dontaudit hal_bootctl_default metadata_file:dir search;
# Needed for reading/writing misc partition.
allow hal_bootctl_default block_device:dir search;
allow hal_bootctl_default misc_block_device:blk_file rw_file_perms;
Reference in a new issue View git blame Copy permalink