From 31c4b4eabf9e866d34ad863394ba14d43cede78b Mon Sep 17 00:00:00 2001
From: Jerry Zhang <zhangjerry@google.com>
Date: Fri, 11 May 2018 18:35:55 -0700
Subject: [PATCH] Allow mediaprovider to search /mnt/media_rw
Mtp needs access to this path in order to
change files on an sdcard.
Fixes denial:
05-14 17:40:58.803 3004 3004 W MtpServer: type=1400 audit(0.0:46):
avc: denied { search } for name="media_rw" dev="tmpfs" ino=10113
scontext=u:r:mediaprovider:s0:c512,c768
tcontext=u:object_r:mnt_media_rw_file:s0 tclass=dir permissive=0
b/77925342 app=com.android.providers.media
Bug: 77849654
Test: no denials using mtp with emulated sdcard
Change-Id: I27b5294fa211bb1eff6d011638b5fdc90334bc80
---
prebuilts/api/28.0/private/mediaprovider.te | 2 ++
private/mediaprovider.te | 2 ++
2 files changed, 4 insertions(+)
diff --git a/prebuilts/api/28.0/private/mediaprovider.te b/prebuilts/api/28.0/private/mediaprovider.te
index fc6ec5a1c..f5c9f690e 100644
--- a/prebuilts/api/28.0/private/mediaprovider.te
+++ b/prebuilts/api/28.0/private/mediaprovider.te
@@ -19,6 +19,8 @@ allow mediaprovider cache_file:lnk_file r_file_perms;
dontaudit mediaprovider cache_private_backup_file:dir getattr;
dontaudit mediaprovider cache_recovery_file:dir getattr;
+# Access external sdcards through /mnt/media_rw
+allow mediaprovider { mnt_media_rw_file }:dir search;
allow mediaprovider app_api_service:service_manager find;
allow mediaprovider audioserver_service:service_manager find;
diff --git a/private/mediaprovider.te b/private/mediaprovider.te
index fc6ec5a1c..f5c9f690e 100644
--- a/private/mediaprovider.te
+++ b/private/mediaprovider.te
@@ -19,6 +19,8 @@ allow mediaprovider cache_file:lnk_file r_file_perms;
dontaudit mediaprovider cache_private_backup_file:dir getattr;
dontaudit mediaprovider cache_recovery_file:dir getattr;
+# Access external sdcards through /mnt/media_rw
+allow mediaprovider { mnt_media_rw_file }:dir search;
allow mediaprovider app_api_service:service_manager find;
allow mediaprovider audioserver_service:service_manager find;
--
GitLab