287 files changed, 177798 insertions, 0 deletions
diff --git a/sepolicy/update_verifier.te b/sepolicy/update_verifier.te new file mode 100644 index 0000000..1235cd2 --- a/dev/null +++ b/sepolicy/update_verifier.te @@ -0,0 +1,5 @@ +# TODO: Add rules to allow update_verifier to read system_block_device. +allow update_verifier system_block_device:blk_file r_file_perms; +allow update_verifier rootfs:file { getattr read open }; +allow update_verifier proc:file { read open getattr }; +#allow update_verifier misc_block_device:blk_file rw_file_perms; |