From 5b5a004593d329f0c9501450f9d9c734727bd963 Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Wed, 24 Mar 2021 18:11:37 +0800 Subject: [PATCH] allow bootctl to access devinfo [ 22.798274] type=1400 audit(1616580486.404:10): avc: denied { write } for comm="boot@1.2-servic" name="sdd1" dev="tmpfs" ino=705 scontext=u:r:hal_bootctl_default:s0 tcontext=u:object_r:devinfo_block_device:s0 tclass=blk_file permissive=1 Bug: 177882574 Test: boot to home after factory reset Change-Id: I6774ffd46a74c75b2fee962757901ea97e9033fe --- whitechapel/vendor/google/hal_bootctl_default.te | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/whitechapel/vendor/google/hal_bootctl_default.te b/whitechapel/vendor/google/hal_bootctl_default.te index 0e0c3c24..30db79bd 100644 --- a/whitechapel/vendor/google/hal_bootctl_default.te +++ b/whitechapel/vendor/google/hal_bootctl_default.te @@ -1,3 +1,3 @@ allow hal_bootctl_default sda_block_device:blk_file rw_file_perms; -allow hal_bootctl_default devinfo_block_device:blk_file r_file_perms; +allow hal_bootctl_default devinfo_block_device:blk_file rw_file_perms; allow hal_bootctl_default sysfs_ota:file rw_file_perms;