Evolution-x-devices/device_google_gs201
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_gs201 synced 2026-02-01 05:38:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

sepolicy: add permissions to let recovery wipe citadel

Browse Source 
This gives recovery the ability to remove user data from citadel in the
same manner as issuing a `fastboot -w` does.  This doesn't allow for
resetting FRP data, just user data.

audit: type=1400 audit(1646379959.016:9): avc:  denied  { getattr } for
  pid=348 comm="recovery" path="/dev/gsc0" dev="tmpfs" ino=754
  scontext=u:r:recovery:s0 tcontext=u:object_r:citadel_device:s0
  tclass=chr_file permissive=0

Bug: 222005928
Change-Id: Ia6113999aecacbbbb31d7a8659a45c0e5a0db2c9
This commit is contained in:
Tommy Chiu
2022-03-04 16:50:01 +08:00
committed by TreeHugger Robot
parent 9fe6aa97af
commit 94995cd0d3
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
whitechapel_pro/recovery.te
View File

@@ -1,3 +1,4 @@
recovery_only(`
allow recovery sysfs_ota:file rw_file_perms;
allow recovery citadel_device:chr_file rw_file_perms;
')