-
Nick Kralevich authored
Update engine is responsible for updating various partitions, which includes enabling or disabling the read-only bit on the underlying block device. Rather than try to list out each block device separately, generalize the ioctl rules to apply to all block device nodes. If the ioctl permission is granted via a normal allow rule, then the allowxperm statement will allow BLKROGET and BLKROSET by default on those block devices. Test: policy compiles Bug: 118150702 Change-Id: I7bca52e0f442df7320748f6d6371e5016aa6dd0b
Nick Kralevich authoredUpdate engine is responsible for updating various partitions, which includes enabling or disabling the read-only bit on the underlying block device. Rather than try to list out each block device separately, generalize the ioctl rules to apply to all block device nodes. If the ioctl permission is granted via a normal allow rule, then the allowxperm statement will allow BLKROGET and BLKROSET by default on those block devices. Test: policy compiles Bug: 118150702 Change-Id: I7bca52e0f442df7320748f6d6371e5016aa6dd0b
