Allow init to mkdir inside /data/gsi.

Bug: 133435561 Test: adb shell gsi_tool install Change-Id: Iaa610c72d8098e157bb89e321624369f86f4ea19 Merged-In: Iaa610c72d8098e157bb89e321624369f86f4ea19
2019-05-23 13:44:22 -07:00 · 2019-05-23 13:44:22 -07:00 · 51fae66027
commit 51fae66027
parent 4cd2db897d
4 changed files with 2 additions and 2 deletions
--- a/prebuilts/api/29.0/private/gsid.te
+++ b/prebuilts/api/29.0/private/gsid.te
@ -118,6 +118,7 @@ neverallow {
 neverallow {
    domain
    -gsid
    -init
 } gsi_data_file:dir ~{ open create read getattr setattr search relabelto ioctl };
 neverallow {
--- a/prebuilts/api/29.0/public/init.te
+++ b/prebuilts/api/29.0/public/init.te
@ -167,7 +167,6 @@ allow init {
  file_type
  -app_data_file
  -exec_type
  -gsi_data_file
  -iorapd_data_file
  -keystore_data_file
  -misc_logd_file
--- a/private/gsid.te
+++ b/private/gsid.te
@ -118,6 +118,7 @@ neverallow {
 neverallow {
    domain
    -gsid
    -init
 } gsi_data_file:dir ~{ open create read getattr setattr search relabelto ioctl };
 neverallow {
--- a/public/init.te
+++ b/public/init.te
@ -167,7 +167,6 @@ allow init {
  file_type
  -app_data_file
  -exec_type
  -gsi_data_file
  -iorapd_data_file
  -keystore_data_file
  -misc_logd_file