Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Don't audit storageproxyd unlabeled access

Browse source 
Test: m sepolicy
Bug: 197502330
Change-Id: Ibe7292dc659dd454d3c842f6c48d2d90bc77117d
This commit is contained in:
Tri Vo 2022-03-03 13:15:59 -08:00
parent 9ba4c9120d
commit 9fe6aa97af
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
whitechapel_pro/tee.te
View file

@ -11,3 +11,7 @@ allow tee sg_device:chr_file rw_file_perms;
# Allow storageproxyd access to gsi_public_metadata_file # Allow storageproxyd access to gsi_public_metadata_file
read_fstab(tee) read_fstab(tee)
# storageproxyd starts before /data is mounted. It handles /data not being there
# gracefully. However, attempts to access /data trigger a denial.
dontaudit tee unlabeled:dir { search };