Skip to content
Snippets Groups Projects
Commit 8b0f89e4 authored by Jeff Vander Stoep's avatar Jeff Vander Stoep Committed by android-build-merger
Browse files

domain_deprecated: remove tmpfs dir access am: ca5bb337 am: 453f4a51 

am: 407e9457

Change-Id: If277928809ec2bcaf7f72ef9cba5dd5d45d333ca
parents d006aea0 407e9457
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
private/domain_deprecated.te
+ 0
16
View file @ 8b0f89e4
# rules removed from the domain attribute
# Search /storage/emulated tmpfs mount.
allow { domain_deprecated -installd } tmpfs:dir r_dir_perms;
userdebug_or_eng(`
auditallow {
domain_deprecated
-appdomain
-installd
-recovery
-sdcardd
-surfaceflinger
-system_server
-vold
-zygote
} tmpfs:dir r_dir_perms;
')
# Root fs.
allow domain_deprecated rootfs:dir r_dir_perms;
allow domain_deprecated rootfs:file r_file_perms;
......
public/dumpstate.te
+ 1
1
View file @ 8b0f89e4
......@@ -84,7 +84,7 @@ allow dumpstate sysfs_usb:file w_file_perms;
allow dumpstate qtaguid_proc:file r_file_perms;
allow dumpstate debugfs:file r_file_perms;
# df for /storage/emulated needs search
allow dumpstate { storage_file block_device }:dir { search getattr };
allow dumpstate { block_device storage_file tmpfs }:dir { search getattr };
allow dumpstate fuse_device:chr_file getattr;
allow dumpstate { dm_device cache_block_device }:blk_file getattr;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment