start enforcing ioctl restrictions on blk_file
Start enforcing the use of ioctl restrictions on all Android block devices. Domains which perform ioctls on block devices must be explicit about what ioctls they issue. The only ioctls allowed by default are BLKGETSIZE64, BLKSSZGET, FIOCLEX, and FIONCLEX. Test: device boots and no problems. Change-Id: I1195756b20cf2b50bede1eb04a48145a97a35867
Showing
- private/apexd.te 1 addition, 0 deletionsprivate/apexd.te
- public/domain.te 6 additions, 2 deletionspublic/domain.te
- public/e2fs.te 5 additions, 2 deletionspublic/e2fs.te
- public/fsck.te 7 additions, 0 deletionspublic/fsck.te
- public/init.te 1 addition, 0 deletionspublic/init.te
- public/vold.te 1 addition, 0 deletionspublic/vold.te
Loading
Please register or sign in to comment