sepolicy: add chr_file access rule for citadel_updater am: 3b6e8a0a4c am: 52257953bf

Original change: https://googleplex-android-review.googlesource.com/c/device/google/crosshatch-sepolicy/+/11761865 Change-Id: Ia35cdcfbac7430a99cafdbdd8943c9fd74f0151f
author: dybertwang <dybertwang@google.com> 2020-06-08 09:38:57 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2020-06-08 09:38:57 +0000
commit: 47ecd715df06356d8fc5ebf930753714957296c6 (patch)
tree: 3efe19a573e10d90abdea1932fb6180e17cbd43c
parent: 2f535b52f77e2140a21ca51e460f9cee7132f63e (diff)
parent: 52257953bf8d437a4023b1dd49ade7fe2234c4c4 (diff)
download: crosshatch-sepolicy-47ecd715df06356d8fc5ebf930753714957296c6.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/vendor/google/init_citadel.te b/vendor/google/init_citadel.te
index f96ab15..1f055c6 100644
--- a/vendor/google/init_citadel.te
+++ b/vendor/google/init_citadel.te
@@ -6,6 +6,8 @@ allow init_citadel vendor_shell_exec:file r_file_perms;
 allow init_citadel vendor_toolbox_exec:file rx_file_perms;
 allow init_citadel vendor_file:file rx_file_perms;
 
+allow init_citadel citadel_device:chr_file rw_file_perms;
+
 # Citadel communication must be via citadeld
 vndbinder_use(init_citadel)
 binder_call(init_citadel, citadeld)
author	dybertwang <dybertwang@google.com>	2020-06-08 09:38:57 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2020-06-08 09:38:57 +0000
commit	47ecd715df06356d8fc5ebf930753714957296c6 (patch)
tree	3efe19a573e10d90abdea1932fb6180e17cbd43c
parent	2f535b52f77e2140a21ca51e460f9cee7132f63e (diff)
parent	52257953bf8d437a4023b1dd49ade7fe2234c4c4 (diff)
download	crosshatch-sepolicy-47ecd715df06356d8fc5ebf930753714957296c6.tar.gz