diff options
author | Enzo Liao <enzoliao@google.com> | 2023-03-15 19:17:28 +0800 |
---|---|---|
committer | Enzo Liao <enzoliao@google.com> | 2023-03-15 19:18:50 +0800 |
commit | 226be8fd93ea7ef4510d06a85d6d11e92a99a36d (patch) | |
tree | c2b1719a7653a52ca188136ed23d8f1084857bca | |
parent | d2137b8ece96be2813d80beb9e249bac01e5cd0e (diff) | |
download | redbull-sepolicy-226be8fd93ea7ef4510d06a85d6d11e92a99a36d.tar.gz |
SSRestarDetector: modify the SELinux policy to allow access files owned by system.android-13.0.0_r82android-13.0.0_r81android-13.0.0_r80android-13.0.0_r74android-13.0.0_r73android-13.0.0_r72android-13.0.0_r66android-13.0.0_r65android-13.0.0_r64android-13.0.0_r60android-13.0.0_r59android-13.0.0_r58android13-qpr3-c-s8-releaseandroid13-qpr3-c-s7-releaseandroid13-qpr3-c-s6-releaseandroid13-qpr3-c-s5-releaseandroid13-qpr3-c-s4-releaseandroid13-qpr3-c-s3-releaseandroid13-qpr3-c-s2-releaseandroid13-qpr3-c-s12-releaseandroid13-qpr3-c-s11-releaseandroid13-qpr3-c-s10-releaseandroid13-qpr3-c-s1-release
It needs to access a file pushed by hosts of test suites (details: http://go/pd-client-for-lab#heading=h.wtp07hbqvwgx)
This CL is used to pass DeviceBootTest.DeviceBootTest#SELinuxUncheckedDenialBootTest.
Bug: 234359369
Bug: 273662631
Design: http://go/pd-client-for-lab
Test: manual
Ignore-AOSP-First: only for google devices.
Change-Id: I30c70f8510464d47a840d60f8d7ccd55b443d665
-rw-r--r-- | vendor/google/ssr_detector.te | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/vendor/google/ssr_detector.te b/vendor/google/ssr_detector.te index 039eadc..3a44e9a 100644 --- a/vendor/google/ssr_detector.te +++ b/vendor/google/ssr_detector.te @@ -16,7 +16,8 @@ get_prop(ssr_detector_app, vendor_wifi_version) get_prop(ssr_detector_app, vendor_adsp_version_prop) # ssr_detector app's data type is system_app_data_file. -allow ssr_detector_app system_app_data_file:dir { getattr search }; +allow ssr_detector_app system_app_data_file:dir create_dir_perms; +allow ssr_detector_app system_app_data_file:file create_file_perms; allow ssr_detector_app cgroup:file w_file_perms; |