Skip to content
Snippets Groups Projects
Commit 597be44e authored by Joel Galenson's avatar Joel Galenson
Browse files

Allow vendor_init to getattr vold_metadata_file. 

This relaxes the neverallow rule blocking vendor_init from doing
anything to vold_metadata_file.  The rules above it still prevent it
from doing anything other than relabelto and getattr.

Bug: 79681561
Test: Boot device and see no denials.
Change-Id: I1beb25bb9f8d69323c9fee53a140c2a084b12124
parent d9c7a606
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
prebuilts/api/28.0/public/vold.te
+ 1
0
View file @ 597be44e
......@@ -244,6 +244,7 @@ neverallow {
domain
-init
-kernel
-vendor_init
-vold
-vold_prepare_subdirs
} { vold_data_file vold_metadata_file }:notdevfile_class_set *;
......
public/vold.te
+ 1
0
View file @ 597be44e
......@@ -244,6 +244,7 @@ neverallow {
domain
-init
-kernel
-vendor_init
-vold
-vold_prepare_subdirs
} { vold_data_file vold_metadata_file }:notdevfile_class_set *;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment