Resolve neverallow in retrofit devices
Commit Ia78d4b0ea942a139c8a4070dc63a0eed218e3e18 added the following rule for debuggable builds: allow remount super_block_device_type:blk_file rw_file_perms; That causes a neverallow on retrofit devices that define this: typeattribute system_block_device super_block_device_type; Test: m; observe no neverallow in userdebug build Change-Id: I7cfe160542b2e9b290bc1d6470c6286b5ca21e1f
This commit is contained in:
parent
9185e3731c
commit
237bbeaf2a
@ -1,4 +1,3 @@
|
||||
type remount, domain, coredomain;
|
||||
type remount_exec, system_file_type, exec_type, file_type;
|
||||
|
||||
userdebug_or_eng(`
|
||||
|
@ -618,6 +618,7 @@ neverallow {
|
||||
userdebug_or_eng(`-fsck')
|
||||
userdebug_or_eng(`-init')
|
||||
-recovery
|
||||
userdebug_or_eng(`-remount')
|
||||
-update_engine
|
||||
} system_block_device:blk_file { write append };
|
||||
|
||||
|
1
public/remount.te
Normal file
1
public/remount.te
Normal file
@ -0,0 +1 @@
|
||||
type remount, domain, coredomain;
|
Loading…
Reference in New Issue
Block a user