sepolicy: add sepolicy rules for vold to write sysfs gc_urgent

03-22 02:01:02.656 561 561 W Binder:561_4: type=1400 audit(0.0:1895354): avc: denied { write } for name="gc_urgent" dev="sysfs" ino=76829 scontext=u:r:vold:s0 tcontext=u:object_r:sysfs_fs_f2fs:s0 tclass=file permissive=0 Test: adb shell sm idle-maint run Bug: 128935241 Change-Id: I2ae5477c9e605e6d1060565cacc520d696469af2 Signed-off-by: YH_Lin <yhli@google.com>
2019-03-24 13:19:46 +08:00 · 2019-03-24 13:19:46 +08:00 · a5ff1bae61
commit a5ff1bae61
parent c848dee19c
1 changed files with 1 additions and 0 deletions
--- a/public/vold.te
+++ b/public/vold.te
@ -16,6 +16,7 @@ allow vold {
  sysfs_loop # writing to /sys/block/loop*/uevent during coldboot.
  sysfs_usb
  sysfs_zram_uevent
+  sysfs_fs_f2fs
 }:file w_file_perms;

 r_dir_file(vold, rootfs)