-
Jeff Sharkey authored
Historically we pushed all system_server SD card interactions through DefaultContainerService to avoid holding open FDs, but it's safe to measure disk usage for internal emulated storage when looking directly at /data/media, since there is no risk of unsafe ejection. These rule changes give us just enough access to measure statistics. avc: denied { getattr } for path="/data/media/0/DCIM/.thumbnails" dev="sda35" ino=589892 scontext=u:r:system_server:s0 tcontext=u:object_r:media_rw_data_file:s0:c512,c768 tclass=dir permissive=1 avc: denied { open } for path="/data/media/0/DCIM/.thumbnails" dev="sda35" ino=589892 scontext=u:r:system_server:s0 tcontext=u:object_r:media_rw_data_file:s0:c512,c768 tclass=dir permissive=1 avc: denied { read } for name="0" dev="sda35" ino=589827 scontext=u:r:system_server:s0 tcontext=u:object_r:media_rw_data_file:s0 tclass=dir permissive=1 Test: builds, boots, and access allowed Bug: 33298975 Change-Id: I9748608a5c1169d542e763c5a8f79c4f26f7a38217c675b3
