53ee1c09b9
Bug: 254378739 Test: boot with cbd launched Change-Id: I9c89c0fc3b40957bc60dd7854788d49e498fc0cd
17 lines
712 B
Text
17 lines
712 B
Text
allow init mnt_vendor_file:dir mounton;
|
|
allow init custom_ab_block_device:lnk_file relabelto;
|
|
|
|
# This is needed for chaining a boot partition vbmeta
|
|
# descriptor, where init will probe the boot partition
|
|
# to read the chained vbmeta in the first-stage, then
|
|
# relabel /dev/block/by-name/boot_[a|b] to block_device
|
|
# after loading sepolicy in the second stage.
|
|
allow init boot_block_device:lnk_file relabelto;
|
|
|
|
allow init persist_file:dir mounton;
|
|
allow init ram_device:blk_file w_file_perms;
|
|
allow init sysfs_scsi_devices_0000:file w_file_perms;
|
|
|
|
# Workaround for b/193113005 that modem_img unlabeled after disable-verity
|
|
dontaudit init overlayfs_file:file rename;
|
|
dontaudit init overlayfs_file:chr_file unlink;
|