Allow mediaprovider to search /mnt/media_rw

Mtp needs access to this path in order to change files on an sdcard. Fixes denial: 05-14 17:40:58.803 3004 3004 W MtpServer: type=1400 audit(0.0:46): avc: denied { search } for name="media_rw" dev="tmpfs" ino=10113 scontext=u:r:mediaprovider:s0:c512,c768 tcontext=u:object_r:mnt_media_rw_file:s0 tclass=dir permissive=0 b/77925342 app=com.android.providers.media Bug: 77849654 Test: no denials using mtp with emulated sdcard Change-Id: I27b5294fa211bb1eff6d011638b5fdc90334bc80
2018-05-11 18:35:55 -07:00 · 2018-05-11 18:35:55 -07:00 · ddb89ab785
commit ddb89ab785
parent 81bb3c6e18
1 changed files with 2 additions and 0 deletions
--- a/private/mediaprovider.te
+++ b/private/mediaprovider.te
@ -19,6 +19,8 @@ allow mediaprovider cache_file:lnk_file r_file_perms;
 dontaudit mediaprovider cache_private_backup_file:dir getattr;
 dontaudit mediaprovider cache_recovery_file:dir getattr;

+# Access external sdcards through /mnt/media_rw
+allow mediaprovider { mnt_media_rw_file }:dir search;

 allow mediaprovider app_api_service:service_manager find;
 allow mediaprovider audioserver_service:service_manager find;