Exclude /mnt/vendor from vold's ownership.

Addresses this selinux denial: avc: denied { search } for name="vendor" dev="tmpfs" ino=11069 scontext=u:r:vold:s0 tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=0 Bug: 64905218 Test: fixes above denial. Change-Id: I670b2148e65c7e0fcabd1e11f5bace0c4f4e18bd
2018-04-16 14:27:10 -07:00 · 2018-04-16 14:27:10 -07:00 · bca5cd78fe
commit bca5cd78fe
parent c1903ad3d6
1 changed files with 3 additions and 2 deletions
--- a/VolumeManager.cpp
+++ b/VolumeManager.cpp
@ -623,8 +623,9 @@ int VolumeManager::unmountAll() {
    mntent* mentry;
    while ((mentry = getmntent(fp)) != NULL) {
        auto test = std::string(mentry->mnt_dir);
-        if (android::base::StartsWith(test, "/mnt/")
-                || android::base::StartsWith(test, "/storage/")) {
+        if ((android::base::StartsWith(test, "/mnt/") &&
+             !android::base::StartsWith(test, "/mnt/vendor")) ||
+            android::base::StartsWith(test, "/storage/")) {
            toUnmount.push_front(test);
        }
    }