diff options
author | josephjang <josephjang@google.com> | 2020-09-17 16:50:48 +0800 |
---|---|---|
committer | josephjang <josephjang@google.com> | 2020-09-17 16:50:48 +0800 |
commit | 2a5a8e5fe94c2fdf853b73b95b064f2806cba150 (patch) | |
tree | bd2c42ab01903c59e88f5353a8f3595df19167d4 | |
parent | 9117d1711d80e4cf9888c7a21ba887cb203b291c (diff) | |
download | crosshatch-sepolicy-2a5a8e5fe94c2fdf853b73b95b064f2806cba150.tar.gz |
fastbootd: Add sepolicy rule for fastbootd
Add sepolicy to allow fastbootd to access citadel_device
Note:
avc: denied { read write } for pid=526 comm="fastbootd" name="citadel0" dev="tmpfs" ino=18498 scontext=u:r:fastbootd:s0 tcontext=u:object_r:citadel_device:s0 tclass=chr_file permissive=1
Bug: 150929955
Change-Id: I0762c1174d02ebf54f6ba6929265468463e46162
-rw-r--r-- | vendor/google/fastbootd.te | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/vendor/google/fastbootd.te b/vendor/google/fastbootd.te index 505f26d..2488ddf 100644 --- a/vendor/google/fastbootd.te +++ b/vendor/google/fastbootd.te @@ -6,6 +6,7 @@ recovery_only(` allow fastbootd devinfo_block_device:blk_file r_file_perms; allow fastbootd sysfs_leds:file w_file_perms; + allow fastbootd citadel_device:chr_file rw_file_perms; userdebug_or_eng(` allow fastbootd firmware_file:dir { remove_name rmdir search write }; allow fastbootd firmware_file:{ file lnk_file } unlink; |