287 files changed, 177798 insertions, 0 deletions
diff --git a/sepolicy/update_engine.te b/sepolicy/update_engine.te new file mode 100644 index 0000000..9d11e2c --- a/dev/null +++ b/sepolicy/update_engine.te @@ -0,0 +1,9 @@ +# Allow read/write on system and boot partitions. +allow update_engine misc_block_device:blk_file rw_file_perms; +allow update_engine vendor_block_device:blk_file rw_file_perms; +allow update_engine odm_block_device:blk_file rw_file_perms; +allow update_engine system_app:binder { call }; +allow update_engine sysfs:file {read open getattr}; +allow update_engine sysfs:blk_file {read write getattr}; +allow update_engine rootfs:dir {getattr}; +allow update_engine system_block_fsck_device:blk_file { getattr ioctl open read write }; |