reject mnt_vendor_file access in user ROM am: bedd866505

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213986

Change-Id: Id9efbf8949047e65c36ccf33a465189aa3be6302
This commit is contained in:
Adam Shih 2022-03-16 09:29:29 +00:00 committed by Automerger Merge Worker
commit 66f8cc7ba0

View file

@ -111,6 +111,7 @@ userdebug_or_eng(`
allow hal_dumpstate_default vendor_dri_debugfs:file r_file_perms;
')
dontaudit hal_dumpstate_default mnt_vendor_file:dir search;
dontaudit hal_dumpstate_default vendor_dri_debugfs:dir r_dir_perms;
dontaudit hal_dumpstate_default vendor_dri_debugfs:file r_file_perms;
dontaudit hal_dumpstate_default debugfs:dir r_dir_perms;