Evolution-x-devices/device_google_wahoo
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_wahoo synced 2026-02-01 07:50:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Grant update_verifier sysfs access.

Browse Source 
avc: denied { read } for pid=694 comm="update_verifier" name="block" dev="sysfs" ino=27770 scontext=u:r:update_verifier:s0 tcontext=u:object_r:sysfs:s0 tclass=dir
avc: denied { read } for pid=719 comm="update_verifier" name="name" dev="sysfs" ino=51336 scontext=u:r:update_verifier:s0 tcontext=u:object_r:sysfs:s0 tclass=file

update_verifier reads /sys/block/dm-X/dm/name to find the device-mapper
entries for system and vendor partitions.

Also remove the unneeded "block_device:dir r_dir_perms" permission.

Bug: 63146601
Test: As follows.
  a) Set up /data/ota_package/care_map.txt.
  b) Reset the slot boot-successful flag with fastboot set_active.
  c) Boot the device and check update_verifier successfully verifies
     the blocks.
Change-Id: I581136249e93ec2d4bd9ceda316590ee31148643
This commit is contained in:
Tao Bao
2017-06-29 16:49:06 -07:00
parent f5ed4d3d87
commit 13c6400e11
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
sepolicy/vendor/update_verifier.te vendored
View File

@@ -1 +1,4 @@
allow update_verifier block_device:dir r_dir_perms;
# update_verifier reads /sys/block/dm-X/dm/name to find the device-mapper
# entries for system and vendor partitions.
allow update_verifier sysfs:file r_file_perms;
allow update_verifier sysfs:dir r_dir_perms;