Add hal_bootctl_default read permission to rootfs in Recovery mode am: 90a1f80488

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24143123 Change-Id: I72d2747b0751ff8b462e59abf974dc3a1a1a1aea Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
author: Jason Chiu <jasoncschiu@google.com> 2023-07-27 12:28:20 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2023-07-27 12:28:20 +0000
commit: 65ce874b81135b2e51b61136b29d51a576472556 (patch)
tree: 181a95fcca9519aec7ad745984b3e7f0f3132fb6
parent: 27e2aeafa7ba27e427072543831edd37f25c3d9e (diff)
parent: 90a1f8048869ab478c66fc657a7ffd96809cb5f3 (diff)
download: zuma-sepolicy-65ce874b81135b2e51b61136b29d51a576472556.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/vendor/hal_bootctl_default.te b/vendor/hal_bootctl_default.te
index 2db4651..2ffeb27 100644
--- a/vendor/hal_bootctl_default.te
+++ b/vendor/hal_bootctl_default.te
@@ -2,3 +2,7 @@ allow hal_bootctl_default devinfo_block_device:blk_file rw_file_perms;
 allow hal_bootctl_default sda_block_device:blk_file rw_file_perms;
 allow hal_bootctl_default sysfs_ota:file rw_file_perms;
 allow hal_bootctl_default tee_device:chr_file rw_file_perms;
+
+recovery_only(`
+  allow hal_bootctl_default rootfs:dir r_dir_perms;
+')
author	Jason Chiu <jasoncschiu@google.com>	2023-07-27 12:28:20 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2023-07-27 12:28:20 +0000
commit	65ce874b81135b2e51b61136b29d51a576472556 (patch)
tree	181a95fcca9519aec7ad745984b3e7f0f3132fb6
parent	27e2aeafa7ba27e427072543831edd37f25c3d9e (diff)
parent	90a1f8048869ab478c66fc657a7ffd96809cb5f3 (diff)
download	zuma-sepolicy-65ce874b81135b2e51b61136b29d51a576472556.tar.gz