allow to load kernel modules from vendor partition
The kernel modules under /vendor partition has been relabeled to vendor_file. This CL allows for the modprobe to load modules labeled vendor_file. Kernel modules are loaded in init.rc with following commands: exec u:r:modprobe:s0 -- /system/bin/modprobe -d /vendor/lib/modules MODULE Bug: 35653245 Test: tested on sailfish Change-Id: I2132ca4de01c5c60476dad8496e98266de5a1bb7
This commit is contained in:
parent
f69311300f
commit
a6ac1147c3
@ -994,7 +994,7 @@ neverallow {
|
||||
# Enforce restrictions on kernel module origin.
|
||||
# Do not allow kernel module loading except from system,
|
||||
# vendor, and boot partitions.
|
||||
neverallow * ~{ system_file vendor_file_type rootfs }:system module_load;
|
||||
neverallow * ~{ system_file vendor_file rootfs }:system module_load;
|
||||
|
||||
# Only allow filesystem caps to be set at build time or
|
||||
# during upgrade by recovery.
|
||||
|
@ -6,4 +6,5 @@ recovery_only(`
|
||||
allow modprobe rootfs:system module_load;
|
||||
allow modprobe rootfs:file r_file_perms;
|
||||
')
|
||||
allow modprobe system_file:system module_load;
|
||||
allow modprobe { system_file vendor_file }:system module_load;
|
||||
r_dir_file(modprobe, { system_file vendor_file })
|
||||
|
Loading…
Reference in New Issue
Block a user