diff options
| author | Bowgo Tsai <bowgotsai@google.com> | 2020-03-30 21:45:52 +0800 |
|---|---|---|
| committer | Bruno Martins <bgcngm@gmail.com> | 2020-06-06 18:18:10 +0200 |
| commit | 99492ff21eaa33f724af12d683d24d918ec4ff76 (patch) | |
| tree | ac8aba4268698426bed0b87e083e7af3f7e9da74 /public/property_contexts | |
| parent | bf981a39769a14b7d4057c4782a8a6621d9de92a (diff) | |
| download | android_system_sepolicy-99492ff21eaa33f724af12d683d24d918ec4ff76.tar.gz android_system_sepolicy-99492ff21eaa33f724af12d683d24d918ec4ff76.tar.bz2 android_system_sepolicy-99492ff21eaa33f724af12d683d24d918ec4ff76.zip | |
Ignore the denial when system_other is erased
This CL addresses the following denial, when the system_other
partition is erased. This happens when 1) the device gets an
OTA update and 2) factory reset to wipe userdata partition.
Note that the system_other partition will be mounted under
/postinstall only in the first boot after factory reset.
Also, system_other.img is only included in the factory ROM and
is absent in the OTA package. When it is absent and userdata
is wiped, the mount will fail and triggers the following denials
when both cppreopts.sh and preloads_copy.sh access /postinstall dir.
SELinux denials to address:
avc: denied { search } for comm="find" name="postinstall" dev="dm-5"
ino=44 scontext=u:r:preloads_copy:s0
tcontext=u:object_r:postinstall_mnt_dir:s0 tclass=dir permissive=0
avc: denied { search } for comm="cppreopts.sh" name="postinstall" dev="dm-5"
ino=44 scontext=u:r:cppreopts:s0
tcontext=u:object_r:postinstall_mnt_dir:s0 tclass=dir permissive=0
Bug: 152453231
Test: fastboot erase system_other (e.g., system_b) and fastboot -w
Change-Id: Ie67f02467d5da51b0caba6e8fda56bc2c6bbc944
(cherry picked from commit 35c2f102f29a0f9d73e526f1fa6fdb163f75b48c)
Diffstat (limited to 'public/property_contexts')
0 files changed, 0 insertions, 0 deletions