PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

allow priv_apps to read from incremental_control_file

Browse Source 
Denial messages:

02-21 20:19:41.817  1439  1439 I Binder:1439_3: type=1400 audit(0.0:1851): avc: denied { read } for path=2F2E70656E64696E675F7265616473202864656C6574656429 dev="incremental-fs" ino=2 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:incremental_control_file:s0 tclass=file permissive=1
02-21 20:19:41.817 20337 20337 I Binder:20337_2: type=1400 audit(0.0:1852): avc: denied { getattr } for path=2F2E70656E64696E675F7265616473202864656C6574656429 dev="incremental-fs" ino=2 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:incremental_control_file:s0 tclass=file permissive=1 app=com.android.vending

Test: manual
Change-Id: Ie188f294ea2a6aff71a49a6f17679c3cf810b69d
This commit is contained in:
Songchun Fan 2020-02-21 17:41:40 -08:00
parent e39f8d23ed
commit 82ea55def0
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
private/priv_app.te
View File

@ -150,6 +150,9 @@ allow priv_app system_server:udp_socket {
# the Incremental File System
allowxperm priv_app apk_data_file:file ioctl INCFS_IOCTL_READ_SIGNATURE;
# allow privileged data loader apps (e.g. com.android.vending) to read logs from Incremental File System
allow priv_app incremental_control_file:file { read getattr };
###
### neverallow rules
###