94995cd0d3
This gives recovery the ability to remove user data from citadel in the
same manner as issuing a `fastboot -w` does. This doesn't allow for
resetting FRP data, just user data.
audit: type=1400 audit(1646379959.016:9): avc: denied { getattr } for
pid=348 comm="recovery" path="/dev/gsc0" dev="tmpfs" ino=754
scontext=u:r:recovery:s0 tcontext=u:object_r:citadel_device:s0
tclass=chr_file permissive=0
Bug: 222005928
Change-Id: Ia6113999aecacbbbb31d7a8659a45c0e5a0db2c9
4 lines
122 B
Text
4 lines
122 B
Text
recovery_only(`
|
|
allow recovery sysfs_ota:file rw_file_perms;
|
|
allow recovery citadel_device:chr_file rw_file_perms;
|
|
')
|