vold: allow ioctls BLKDISCARD and BLKGETSIZE
BLKDISCARD is used by vold while wiping block devicesb2455747a9/Utils.cpp (619)
BLKGETSIZE is used to determine the size of the block device. Ideally code should not be using this ioctl, as it fails for devices >= 2T in size. Vold indirectly uses this when executing /system/bin/newfs_msdos. Arguably this is a bug in newfs_msdos, as BLKGETSIZE64 should be used instead. Code:0c7e133c7f/mkfs_msdos.c (845)
Addresses the following denials: audit(0.0:24): avc: denied { ioctl } for comm="Binder:588_2" path="/dev/block/vold/public:7,9" dev="tmpfs" ino=106407 ioctlcmd=1277 scontext=u:r:vold:s0 tcontext=u:object_r:vold_device:s0 tclass=blk_file permissive=0 audit(0.0:25): avc: denied { ioctl } for comm="newfs_msdos" path="/dev/block/vold/public:7,9" dev="tmpfs" ino=106407 ioctlcmd=1260 scontext=u:r:vold:s0 tcontext=u:object_r:vold_device:s0 tclass=blk_file permissive=0 Test: policy compiles. Bug: 119562530 Change-Id: Ib7198daf150d6f2578545a6a402e0313069ea2b4
This commit is contained in:
parent
a8dd89f80f
commit
fefc887eda
@ -107,6 +107,7 @@ allowxperm vold loop_device:blk_file ioctl {
|
||||
LOOP_SET_STATUS64
|
||||
};
|
||||
allow vold vold_device:blk_file { create setattr unlink rw_file_perms };
|
||||
allowxperm vold vold_device:blk_file ioctl { BLKDISCARD BLKGETSIZE };
|
||||
allow vold dm_device:chr_file rw_file_perms;
|
||||
allow vold dm_device:blk_file rw_file_perms;
|
||||
allowxperm vold dm_device:blk_file ioctl BLKSECDISCARD;
|
||||
|
Loading…
Reference in New Issue
Block a user