e47b3d9991
Branch zuma from gs201 sha1 63751751aa91275b083797278d638078b3a0bf7a cp/pantah/ripcurrent cp/gs201/zuma Bug: 229340586 Change-Id: Ie692d8dbbf0fc4d3b376dc9fe3e930bd3955a88e Signed-off-by: Aaron Ding <aaronding@google.com>
21 lines
902 B
Text
21 lines
902 B
Text
allow init modem_img_file:dir mounton;
|
|
allow init mnt_vendor_file:dir mounton;
|
|
allow init modem_img_file:filesystem { getattr mount relabelfrom };
|
|
allow init custom_ab_block_device:lnk_file relabelto;
|
|
|
|
# This is needed for chaining a boot partition vbmeta
|
|
# descriptor, where init will probe the boot partition
|
|
# to read the chained vbmeta in the first-stage, then
|
|
# relabel /dev/block/by-name/boot_[a|b] to block_device
|
|
# after loading sepolicy in the second stage.
|
|
allow init boot_block_device:lnk_file relabelto;
|
|
|
|
allow init persist_file:dir mounton;
|
|
allow init modem_efs_file:dir mounton;
|
|
allow init modem_userdata_file:dir mounton;
|
|
allow init ram_device:blk_file w_file_perms;
|
|
allow init sysfs_scsi_devices_0000:file w_file_perms;
|
|
|
|
# Workaround for b/193113005 that modem_img unlabeled after disable-verity
|
|
dontaudit init overlayfs_file:file rename;
|
|
dontaudit init overlayfs_file:chr_file unlink;
|