Allow adbd to pull sepolicy from device.
Address the following denial when running CTS: avc: denied { search } for comm=73657276696365203136 name="/" dev="selinuxfs" ino=1 scontext=u:r:adbd:s0 tcontext=u:object_r:selinuxfs:s0 tclass=dir permissive=0 Bug: 26290097 Change-Id: Icf51061a65a5fda15f7e7ef78200a62ffbd1ca9b
This commit is contained in:
parent
dc37ea7393
commit
0fb0ab4107
3
adbd.te
3
adbd.te
@ -86,6 +86,9 @@ allow adbd appdomain:unix_stream_socket connectto;
|
||||
allow adbd zygote_exec:file r_file_perms;
|
||||
allow adbd system_file:file r_file_perms;
|
||||
|
||||
# Allow pulling the SELinux policy for CTS purposes
|
||||
allow adbd selinuxfs:dir r_dir_perms;
|
||||
allow adbd selinuxfs:file r_file_perms;
|
||||
allow adbd kernel:security read_policy;
|
||||
|
||||
allow adbd surfaceflinger_service:service_manager find;
|
||||
|
Loading…
Reference in New Issue
Block a user