Blame - sepolicy/vold.te - platform_vendor_bliss

blob: af521e8effa6c5e40fc58298b70839bc50dfec13 [file] [log] [blame]

Tom Marshall	4ad487b	2014-11-26 13:26:14 -0800	[diff] [blame]	1	domain_trans(init, rootfs, vold)
				2
Alberto97	d3359a0	2014-11-30 17:20:55 +0100	[diff] [blame]	3	# Allow vold to manage ASEC
Steve Kondik	12e7c02	2016-08-26 02:31:15 -0700	[diff] [blame]	4	allow vold sdcard_type:file create_file_perms;
Christopher R. Palmer	bd86019	2015-02-19 10:54:30 -0500	[diff] [blame]	5	allow vold vold_tmpfs:file create_file_perms;
Alberto97	d3359a0	2014-11-30 17:20:55 +0100	[diff] [blame]	6
Alberto97	d3359a0	2014-11-30 17:20:55 +0100	[diff] [blame]	7	# Allow vold to access fuse for fuse-based fs
Steve Kondik	12e7c02	2016-08-26 02:31:15 -0700	[diff] [blame]	8	allow vold fuseblk:chr_file rw_file_perms;
Alberto97	d3359a0	2014-11-30 17:20:55 +0100	[diff] [blame]	9
				10	# NTFS-3g wants to drop permission
				11	allow vold self:capability { setgid setuid };
Matt Mower	ff280c9	2014-12-19 10:45:10 -0600	[diff] [blame]	12
				13	# Vold can also run as minivold in the rootfs
				14	recovery_only(`
				15	allow vold rootfs:dir { add_name write };
				16	')
codeworkx	8630bd4	2016-01-01 17:29:10 +0100	[diff] [blame]	17
				18	# External storage
				19	allow vold storage_stub_file:dir { rw_file_perms search add_name };
				20	allow vold mnt_media_rw_stub_file:dir r_dir_perms;
LuK1337	2428342	2016-09-14 20:45:04 +0200	[diff] [blame]	21	allow vold mkfs_exec:file { execute read open getattr execute_no_trans };