1711a2d5c7
These permissions fix the following denials:
[ 66.641731][ T59] audit: type=1400 audit(1619815760.952:17): avc:
denied { open } for pid=360 comm="fastbootd" path="/dev/block/sdd1"
dev="tmpfs" ino=416 scontext=u:r:fastbootd:s0
tcontext=u:object_r:devinfo_block_device:s0 tclass=blk_file permissive=1
[ 66.664509][ T59] audit: type=1400 audit(1619815760.952:18): avc:
denied { write } for pid=360 comm="fastbootd" name="sdd1" dev="tmpfs"
ino=416 scontext=u:r:fastbootd:s0
tcontext=u:object_r:devinfo_block_device:s0 tclass=blk_file permissive=1
[ 66.686431][ T59] audit: type=1400 audit(1619815760.952:19): avc:
denied { read write } for pid=360 comm="fastbootd"
name="boot_lun_enabled" dev="sysfs" ino=57569 scontext=u:r:fastbootd:s0
tcontext=u:object_r:sysfs_ota:s0 tclass=file permissive=1
[ 66.708623][ T59] audit: type=1400 audit(1619815760.952:20): avc:
denied { open } for pid=360 comm="fastbootd"
path="/sys/devices/platform/14700000.ufs/pixel/boot_lun_enabled"
dev="sysfs" ino=57569 scontext=u:r:fastbootd:s0
tcontext=u:object_r:sysfs_ota:s0 tclass=file permissive=1
[ 56.680861][ T59] audit: type=1400 audit(1619806507.020:10): avc:
denied { read write } for pid=357 comm="fastbootd" name="sda"
dev="tmpfs" ino=476 scontext=u:r:fastbootd:s0
tcontext=u:object_r:sda_block_device:s0 tclass=blk_file permissive=0
Test: fastboot set_active
Bug: 185955438
Change-Id: I9339b2a5f2a00c9e1768f479fdeac2e1f27f04bc
6 lines
247 B
Text
6 lines
247 B
Text
# Required by the bootcontrol HAL for the 'set_active' command.
|
|
recovery_only(`
|
|
allow fastbootd devinfo_block_device:blk_file rw_file_perms;
|
|
allow fastbootd sda_block_device:blk_file rw_file_perms;
|
|
allow fastbootd sysfs_ota:file rw_file_perms;
|
|
')
|