summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAdam Shih <adamshih@google.com>2022-06-14 04:58:45 +0000
committerAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>2022-06-14 04:58:45 +0000
commit203f473af5099dc1ab867bf4492e586138465ea5 (patch)
treefeadb249e3c12cd3f8a46d9d117b4333341049a8
parentb982767162929d088f96d82dd7cacd49c9d060d5 (diff)
parent5889704effb759a1ea12d7725c4eddf1551e1c12 (diff)
downloadgs101-sepolicy-temp_sam_236045730.tar.gz
mute update_engine probing mnt_vendor_file am: 5889704efftemp_sam_236045730
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2124912 Change-Id: I289ba5aa69251d8575f4bd65fbeb7a38c3e03886 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
Diffstat
-rw-r--r--tracking_denials/update_engine.te2
-rw-r--r--whitechapel/vendor/google/update_engine.te3
2 files changed, 3 insertions, 2 deletions
diff --git a/tracking_denials/update_engine.te b/tracking_denials/update_engine.te
deleted file mode 100644
index 98e7b85..0000000
--- a/tracking_denials/update_engine.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# b/187016910
-dontaudit update_engine mnt_vendor_file:dir search ;
diff --git a/whitechapel/vendor/google/update_engine.te b/whitechapel/vendor/google/update_engine.te
index a403d9e..8342f12 100644
--- a/whitechapel/vendor/google/update_engine.te
+++ b/whitechapel/vendor/google/update_engine.te
@@ -1,3 +1,6 @@
allow update_engine custom_ab_block_device:blk_file rw_file_perms;
allow update_engine modem_block_device:blk_file rw_file_perms;
allow update_engine proc_bootconfig:file r_file_perms;
+
+# update_engine probe mnt_vendor_file during OTA, which is a permission not required
+dontaudit update_engine mnt_vendor_file:dir search;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-26 21:29:00 +0000