diff options
Diffstat (limited to 'sdcardd.te')
| -rw-r--r-- | sdcardd.te | 14 |
1 files changed, 12 insertions, 2 deletions
@@ -1,11 +1,14 @@ type sdcardd, domain; type sdcardd_exec, exec_type, file_type; -init_daemon_domain(sdcardd) +init_daemon_domain(sdcardd) # TODO: deprecated in M allow sdcardd cgroup:dir create_dir_perms; allow sdcardd fuse_device:chr_file rw_file_perms; -allow sdcardd rootfs:dir mounton; +allow sdcardd rootfs:dir mounton; # TODO: deprecated in M +allow sdcardd mnt_media_rw_file:dir r_dir_perms; +allow sdcardd storage_file:dir search; +allow sdcardd storage_stub_file:dir { search mounton }; allow sdcardd sdcard_type:filesystem { mount unmount }; allow sdcardd self:capability { setuid setgid dac_override sys_admin sys_resource }; @@ -21,3 +24,10 @@ allow sdcardd system_data_file:file r_file_perms; # Read /data/.layout_version allow sdcardd install_data_file:file r_file_perms; + +# Allow stdin/out back to vold +allow sdcardd vold:fd use; +allow sdcardd vold:fifo_file { read write getattr }; + +# Allow running on top of expanded storage +allow sdcardd mnt_expand_file:dir search; |