Skip to content
Snippets Groups Projects
Commit f19fb0c9 authored by Daichi Hirono's avatar Daichi Hirono
Browse files

Add mlstrustedobject to appfuse object type. 

To write bytes to appfuse file from priv_app, we need to specify
mlstrustedobject.
The CL fixes the following denial.

type=1400 audit(0.0:77): avc: denied { write } for name="10" dev="fuse" ino=10 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:app_fuse_file:s0 tclass=file permissive=0

BUG=23093747

(cherry picked from commit 4d19f98c)

Change-Id: I9901033bb3349d5def0bd7128db45a1169856dc1
parent f51c0548
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 1 addition and 1 deletion
file.te
+ 1
1
View file @ f19fb0c9
...@@ -197,7 +197,7 @@ type bluetooth_efs_file, file_type; ...@@ -197,7 +197,7 @@ type bluetooth_efs_file, file_type;
# Type for fingerprint template file. # Type for fingerprint template file.
type fingerprintd_data_file, file_type, data_file_type; type fingerprintd_data_file, file_type, data_file_type;
# Type for appfuse file. # Type for appfuse file.
type app_fuse_file, file_type, data_file_type; type app_fuse_file, file_type, data_file_type, mlstrustedobject;
# Socket types # Socket types
type adbd_socket, file_type; type adbd_socket, file_type;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment