c2c91bba59
We added these rules to the recovery domain when we removed them from unconfined to ensure that we did not break anything. But we have seen no uses of these rules by the recovery domain. Tested wiping userdata and cache from the recovery and performing an adb sideload of an ota zip file. Change-Id: I261cb1124130f73e98b87f3e5a31d6d7f521ff11 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
17 lines
582 B
Text
17 lines
582 B
Text
# recovery console (used in recovery init.rc for /sbin/recovery)
|
|
type recovery, domain;
|
|
allow recovery rootfs:file entrypoint;
|
|
unconfined_domain(recovery)
|
|
|
|
allow recovery self:capability2 mac_admin;
|
|
|
|
allow recovery {fs_type dev_type -kmem_device file_type}:dir_file_class_set relabelto;
|
|
allow recovery unlabeled:filesystem mount;
|
|
allow recovery fs_type:filesystem *;
|
|
|
|
# Required to e.g. wipe userdata/cache.
|
|
allow recovery dev_type:blk_file rw_file_perms;
|
|
|
|
allow recovery self:process execmem;
|
|
allow recovery ashmem_device:chr_file execute;
|
|
allow recovery tmpfs:file rx_file_perms;
|