mirror of
https://github.com/Evolution-X-Devices/device_google_gs201
synced 2026-02-01 05:38:17 +00:00
fd31c0c64a
git-subtree-dir: sepolicy git-subtree-mainline:5cd89d8075git-subtree-split:4a08341deaChange-Id: I48384ddf513f6de75e77a5c55ff848498a5e88b6
22 lines
902 B
Plaintext
22 lines
902 B
Plaintext
allow init modem_img_file:dir mounton;
|
|
allow init mnt_vendor_file:dir mounton;
|
|
allow init modem_img_file:filesystem { getattr mount relabelfrom };
|
|
allow init custom_ab_block_device:lnk_file relabelto;
|
|
|
|
# This is needed for chaining a boot partition vbmeta
|
|
# descriptor, where init will probe the boot partition
|
|
# to read the chained vbmeta in the first-stage, then
|
|
# relabel /dev/block/by-name/boot_[a|b] to block_device
|
|
# after loading sepolicy in the second stage.
|
|
allow init boot_block_device:lnk_file relabelto;
|
|
|
|
allow init persist_file:dir mounton;
|
|
allow init modem_efs_file:dir mounton;
|
|
allow init modem_userdata_file:dir mounton;
|
|
allow init ram_device:blk_file w_file_perms;
|
|
allow init sysfs_scsi_devices_0000:file w_file_perms;
|
|
|
|
# Workaround for b/193113005 that modem_img unlabeled after disable-verity
|
|
dontaudit init overlayfs_file:file rename;
|
|
dontaudit init overlayfs_file:chr_file unlink;
|