diff options
| author | Nolen Johnson <johnsonnolen@gmail.com> | 2020-11-13 16:28:58 -0500 |
|---|---|---|
| committer | doc HD <doc.divxm@gmail.com> | 2020-11-16 08:21:23 +0300 |
| commit | 3f194aa4123cd872a5cfa7716a7f57f9593a1630 (patch) | |
| tree | 39b993899a7e2088c70c0275e2629350a0132db8 | |
| parent | 308b1bdf03fb8861e4510453a8cdf19cf2ce6aa1 (diff) | |
updater_app: Grant additional permissions
avc: denied { search } for name="recovery" dev="mmcblk0p53" ino=25601 scontext=u:r:updater_app:s0:c512,c768 tcontext=u:object_r:cache_recovery_file:s0 tclass=dir permissive=1 app=org.lineageos.updater
avc: denied { write } for name="recovery" dev="mmcblk0p53" ino=25601 scontext=u:r:updater_app:s0:c512,c768 tcontext=u:object_r:cache_recovery_file:s0 tclass=dir permissive=1 app=org.lineageos.updater
avc: denied { write open } for path="/cache/recovery/uncrypt_file" dev="mmcblk0p53" ino=25625 scontext=u:r:updater_app:s0:c512,c768 tcontext=u:object_r:cache_recovery_file:s0:c512,c768 tclass=file permissive=1 app=org.lineageos.updater
avc: denied { setattr } for name="uncrypt_file" dev="mmcblk0p53" ino=25625 scontext=u:r:updater_app:s0:c512,c768 tcontext=u:object_r:cache_recovery_file:s0:c512,c768 tclass=file permissive=1 app=org.lineageos.updater
avc: denied { find } for pid=18378 uid=10077 name=recovery scontext=u:r:updater_app:s0:c512,c768 tcontext=u:object_r:recovery_service:s0 tclass=service_manager permissive=1
avc: denied { search } for name="/" dev="mmcblk0p53" ino=2 scontext=u:r:updater_app:s0:c512,c768 tcontext=u:object_r:cache_file:s0 tclass=dir permissive=0 app=org.lineageos.updater
avc: denied { unlink } for name="uncrypt_file" dev="mmcblk0p53" ino=25625 scontext=u:r:updater_app:s0:c512,c768 tcontext=u:object_r:cache_recovery_file:s0 tclass=file permissive=1 app=org.lineageos.updater
avc: denied { create } for name="uncrypt_file" scontext=u:r:updater_app:s0:c512,c768 tcontext=u:object_r:cache_recovery_file:s0:c512,c768 tclass=file permissive=1 app=org.lineageos.updater
Change-Id: I55d9809be8d3782b33ec088f965ce1dd06401175
| -rw-r--r-- | common/private/updater_app.te | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/common/private/updater_app.te b/common/private/updater_app.te index b4b2dd5..f0d2243 100644 --- a/common/private/updater_app.te +++ b/common/private/updater_app.te @@ -7,12 +7,18 @@ binder_call(updater_app, gpuservice) binder_call(updater_app, update_engine) allow updater_app app_api_service:service_manager find; +allow updater_app recovery_service:service_manager find; allow updater_app system_api_service:service_manager find; allow updater_app update_engine_service:service_manager find; allow updater_app app_data_file:dir create_dir_perms; allow updater_app app_data_file:{ file lnk_file } create_file_perms; +allow updater_app cache_file:dir r_dir_perms; + +allow updater_app cache_recovery_file:dir rw_dir_perms; +allow updater_app cache_recovery_file:file create_file_perms; + allow updater_app ota_package_file:dir create_dir_perms; allow updater_app ota_package_file:file create_file_perms; |