Skip to content
Snippets Groups Projects
Commit 832f8af0 authored by Tao Bao's avatar Tao Bao
Browse files

recovery: Address the ioctl denials during wiping. 

avc:  denied  { ioctl } for  pid=599 comm="mke2fs" path="/dev/block/sda13" dev="tmpfs" ino=18975 ioctlcmd=127b scontext=u:r:recovery:s0 tcontext=u:object_r:userdata_block_device:s0 tclass=blk_file
avc:  denied  { ioctl } for  pid=587 comm="mke2fs" path="/dev/block/sda20" dev="tmpfs" ino=17931 ioctlcmd=0x127b scontext=u:r:recovery:s0 tcontext=u:object_r:metadata_block_device:s0 tclass=blk_file

0x127b (BLKPBSZGET) is called by mke2fs that queries physical sector
size. Although the denial is currently non-fatal, as mke2fs falls back
to use logical sector size, it might lead to undesired result in future.

Test: Factory reset on taimen and blueline respectively.
Change-Id: I14fc6593aeae309c79f5eadcffc8158b0a2ab2f6
parent a22f9b80
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 1 addition and 0 deletions
public/recovery.te
+ 1
0
View file @ 832f8af0
...@@ -85,6 +85,7 @@ recovery_only(` ...@@ -85,6 +85,7 @@ recovery_only(`
allow recovery device:dir r_dir_perms; allow recovery device:dir r_dir_perms;
allow recovery block_device:dir r_dir_perms; allow recovery block_device:dir r_dir_perms;
allow recovery dev_type:blk_file rw_file_perms; allow recovery dev_type:blk_file rw_file_perms;
allowxperm recovery { userdata_block_device metadata_block_device }:blk_file ioctl BLKPBSZGET;
# GUI # GUI
allow recovery graphics_device:chr_file rw_file_perms; allow recovery graphics_device:chr_file rw_file_perms;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment