Merge "init: change overlayfs_file rule to dontaudit" into sc-dev am: 3582ffbdbf

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15243218

Change-Id: If111d5fe0ec75703abb1ca01a40820165e41d0c1
This commit is contained in:
Salmax Chang 2021-07-12 02:54:39 +00:00 committed by Automerger Merge Worker
commit dc5f944d31

View file

@ -19,7 +19,6 @@ allow init per_boot_file:file ioctl;
allowxperm init per_boot_file:file ioctl { F2FS_IOC_SET_PIN_FILE };
allow init sysfs_scsi_devices_0000:file w_file_perms;
userdebug_or_eng(`
allow init overlayfs_file:file { rename };
allow init overlayfs_file:chr_file { unlink };
')
# Workaround for b/193113005 that modem_img unlabeled after disable-verity
dontaudit init overlayfs_file:file { rename };
dontaudit init overlayfs_file:chr_file { unlink };