ADHOC/replicant-vendor_replicant
3
0
Fork 0
Code Issues 6 Pull Requests Releases Activity

recovery: Add new rules for recursive wipe

Browse Source 
We now use a temporary context when mounting /data, so add permissions
to do that, and add permissions necessary to do the recursive wipe.

Change-Id: Ic925c70f1cf01c8b19a6ac48a9468d6eb9205321
This commit is contained in:
Pat Erley 2016-01-12 17:46:52 -08:00 committed by Gerrit Code Review
parent 86020c9066
commit db4fb0ee6b
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sepolicy/recovery.te
View File

@ -30,6 +30,10 @@ allow recovery sdcard_posix:file r_file_perms;
allow recovery recovery_prop:property_service set; allow recovery recovery_prop:property_service set;
# recursive rm for wipes... :( # recursive rm for wipes... :(
allow app_data_file self:filesystem associate;
allow recovery app_data_file:file { read open create write };
allow recovery app_data_file:filesystem { relabelto relabelfrom mount unmount };
allow recovery file_type:dir { rw_dir_perms rmdir }; allow recovery file_type:dir { rw_dir_perms rmdir };
allow recovery file_type:notdevfile_class_set { unlink getattr }; allow recovery file_type:notdevfile_class_set { unlink getattr };
# wipe saves and restores the layout version # wipe saves and restores the layout version