rfs_access: Limit and specify tombstone_rfs_vendor_data_file label for rfs_access

Bug: 121294677 Not impact existing tombstone_wifi_data_file label Change-Id: Ifbeef88ee2de824b788ea971a2c893526c590d0a Signed-off-by: SalmaxChang <salmaxchang@google.com>
2026-02-01 15:09:54 +00:00 · 2018-12-21 10:14:38 +08:00
parent a82169492c
commit fe77ce7472
3 changed files with 5 additions and 5 deletions
--- a/sepolicy/vendor/file.te
+++ b/sepolicy/vendor/file.te
@@ -79,8 +79,8 @@ type sensors_vendor_data_file, file_type, data_file_type;
 type audio_vendor_data_file, file_type, data_file_type;
 type mediadrm_vendor_data_file, file_type, data_file_type;

-# Tombstone vendor data
-type tombstone_vendor_data_file, file_type, data_file_type;
+# Tombstone RFS vendor data
+type tombstone_rfs_vendor_data_file, file_type, data_file_type;

 #diag sysfs files
 type sysfs_diag, fs_type, sysfs_type;
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -256,7 +256,7 @@
 /data/vendor/sensors(/.*)?             u:object_r:sensors_vendor_data_file:s0
 /data/vendor/audio(/.*)?               u:object_r:audio_vendor_data_file:s0
 /data/vendor/mediadrm(/.*)?            u:object_r:mediadrm_vendor_data_file:s0
-/data/vendor/tombstones(/.*)?          u:object_r:tombstone_vendor_data_file:s0
+/data/vendor/tombstones/rfs(/.*)?      u:object_r:tombstone_rfs_vendor_data_file:s0
 /data/vendor_ce/[0-9]+/ramoops(/.*)?   u:object_r:ramoops_vendor_data_file:s0

 # /
--- a/sepolicy/vendor/rfs_access.te
+++ b/sepolicy/vendor/rfs_access.te
@@ -18,5 +18,5 @@ allow rfs_access persist_rfs_file:file create_file_perms;
 allow rfs_access self:socket create_socket_perms_no_ioctl;

 # For ramdump entries in /data/vendor/tombstones
-allow rfs_access tombstone_vendor_data_file:dir create_dir_perms;
-allow rfs_access tombstone_vendor_data_file:file create_file_perms;
+allow rfs_access tombstone_rfs_vendor_data_file:dir create_dir_perms;
+allow rfs_access tombstone_rfs_vendor_data_file:file create_file_perms;