blob: 7517388e59d920f489a94dfd7d7e0224de28977e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
allow update_engine self:capability { dac_override dac_read_search sys_rawio };
# Allow to install OTA's from local storage
allow update_engine backuptool:process noatsecure;
allow update_engine media_rw_data_file:file { open read getattr };
# Allow update_engine to call the callback function provided by updater_app
binder_call(update_engine, updater_app)
binder_call(update_engine, system_app)
# Read updates from storage data
r_dir_file(update_engine, mnt_user_file)
r_dir_file(update_engine, storage_file)
# Allow mount and unmount of system partition
allow update_engine labeledfs:filesystem { mount unmount };
# Additional A13 rules
allow update_engine fuse:file { getattr open read };
|
