diff options
author | Joel Galenson <jgalenson@google.com> | 2018-03-05 17:50:45 -0800 |
---|---|---|
committer | Joel Galenson <jgalenson@google.com> | 2018-03-08 15:33:45 -0800 |
commit | 5f7e1326350e6decd31a79502a92e66b964e7601 (patch) | |
tree | 6fd7e31bf644cbc3c1319ffca59e30043964a146 | |
parent | da8c69cd714d911c8a2de37b2d7723ad1b3c5d2b (diff) | |
download | device_google_wahoo-5f7e1326350e6decd31a79502a92e66b964e7601.tar.gz device_google_wahoo-5f7e1326350e6decd31a79502a92e66b964e7601.tar.bz2 device_google_wahoo-5f7e1326350e6decd31a79502a92e66b964e7601.zip |
Remove regex and label the whole directory.
This is cleaner, as it allows us to remove a regex and label the
entire directory, and it will hopefully improve performance.
Bug: 74209458
Bug: 74366296
Test: Boot device, verify file labels, and test wifi and camera.
Test: Locally flashed OTA by following go/manual-ab-ota.
Test: Locally tested updated_verifier by following b/74366296#comment8.
Merged-In: I003dc949cf109cc63d75cee9515ef72cb9d0f055
Change-Id: I85f07b2fc8bfb472f25a66e32d3c7d746886535e
(cherry picked from commit 8a70f7ef1d1805a8f79486c10280407354f1230b)
-rw-r--r-- | sepolicy/vendor/dumpstate.te | 2 | ||||
-rw-r--r-- | sepolicy/vendor/file.te | 2 | ||||
-rw-r--r-- | sepolicy/vendor/file_contexts | 2 | ||||
-rw-r--r-- | sepolicy/vendor/genfs_contexts | 1 | ||||
-rw-r--r-- | sepolicy/vendor/vold.te | 1 |
5 files changed, 4 insertions, 4 deletions
diff --git a/sepolicy/vendor/dumpstate.te b/sepolicy/vendor/dumpstate.te index ad385db0..e2bdda42 100644 --- a/sepolicy/vendor/dumpstate.te +++ b/sepolicy/vendor/dumpstate.te @@ -16,5 +16,5 @@ allow hal_dumpstate sysfs_batteryinfo:file rw_file_perms; # For collecting bugreports. allow dumpstate sysfs_scsi_devices_0000:file r_file_perms; allow dumpstate sysfs_scsi_devices_other:file r_file_perms; -allow dumpstate sysfs_devices_block_stat:file r_file_perms; +allow dumpstate sysfs_devices_block:file r_file_perms; dontaudit dumpstate kernel:system module_request; diff --git a/sepolicy/vendor/file.te b/sepolicy/vendor/file.te index dd2feef5..024dcb3e 100644 --- a/sepolicy/vendor/file.te +++ b/sepolicy/vendor/file.te @@ -12,7 +12,7 @@ type sysfs_rmtfs, sysfs_type, fs_type; type sysfs_soc, sysfs_type, fs_type; type sysfs_scsi_devices_0000, sysfs_type, fs_type; type sysfs_scsi_devices_other, sysfs_type, fs_type; -type sysfs_devices_block_stat, sysfs_type, fs_type; +type sysfs_devices_block, sysfs_type, fs_type; type sysfs_timestamp_switch, sysfs_type, fs_type; type sysfs_touch, sysfs_type, fs_type; type sysfs_usb_c, sysfs_type, fs_type; diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts index 2593a664..e213942c 100644 --- a/sepolicy/vendor/file_contexts +++ b/sepolicy/vendor/file_contexts @@ -285,5 +285,3 @@ /metadata u:object_r:rootfs:s0 /metadata/.* u:object_r:vold_data_file:s0 - -/sys/devices/virtual/block/.*/stat u:object_r:sysfs_devices_block_stat:s0 diff --git a/sepolicy/vendor/genfs_contexts b/sepolicy/vendor/genfs_contexts index 7f05483c..fa5a27c0 100644 --- a/sepolicy/vendor/genfs_contexts +++ b/sepolicy/vendor/genfs_contexts @@ -77,6 +77,7 @@ genfscon sysfs /devices/soc/a800000.ssusb/a800000.dwc3/xhci-hcd.0.auto/usb2 u:ob genfscon sysfs /devices/soc/800f000.qcom,spmi/spmi-0/spmi0-02/800f000.qcom,spmi:qcom,pmi8998@2:qcom,usb-pdphy@1700/usbpd0/typec u:object_r:sysfs_usb_c:s0 genfscon sysfs /module/diagchar u:object_r:sysfs_diag:s0 genfscon sysfs /kernel/irq_helper/irq_blacklist_on u:object_r:sysfs_irq:s0 +genfscon sysfs /devices/virtual/block/ u:object_r:sysfs_devices_block:s0 genfscon debugfs /kgsl/proc u:object_r:debugfs_kgsl:s0 genfscon debugfs /clk/debug_suspend u:object_r:debugfs_clk:s0 diff --git a/sepolicy/vendor/vold.te b/sepolicy/vendor/vold.te index be4eff39..43647df0 100644 --- a/sepolicy/vendor/vold.te +++ b/sepolicy/vendor/vold.te @@ -2,6 +2,7 @@ get_prop(vold, tee_listener_prop) allow vold sysfs_scsi_devices_0000:file write; allow vold sysfs_scsi_devices_other:file write; +allow vold sysfs_devices_block:file write; allow vold persist_file:dir r_dir_perms; |