mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
529b47039c
- Functionality tested on mako and klte - In-place upgrade from 17.1 tested working on klte - Compile tested on bacon and klte - Recovery OTA key patch missing, unsure if still needed. - Deblobber needs support for removing vintf manifest paths from vendor Android.bp - Launcher needs more default_workspace grid variants (eg. 4x5)
36 lines
1.1 KiB
Diff
36 lines
1.1 KiB
Diff
From acf37ef4f2f187641d1f0a8bd5a313ee46135ef9 Mon Sep 17 00:00:00 2001
|
|
From: Tad <tad@spotco.us>
|
|
Date: Tue, 14 Apr 2020 17:16:42 -0400
|
|
Subject: [PATCH] Fix -user builds for many LGE devices
|
|
|
|
Change-Id: I7d7e366f51d376ccba01fda9a2d5276c20cf77f4
|
|
---
|
|
public/domain.te | 4 ++++
|
|
1 file changed, 4 insertions(+)
|
|
|
|
diff --git a/public/domain.te b/public/domain.te
|
|
index 6f3a19cd..87ca0e6c 100644
|
|
--- a/public/domain.te
|
|
+++ b/public/domain.te
|
|
@@ -597,6 +597,9 @@ neverallow {
|
|
-update_engine
|
|
} system_block_device:blk_file { write append };
|
|
|
|
+# Select devices have policies prevented by the following neverallow
|
|
+attribute misc_block_device_exception;
|
|
+
|
|
# No domains other than a select few can access the misc_block_device. This
|
|
# block device is reserved for OTA use.
|
|
# Do not assert this rule on userdebug/eng builds, due to some devices using
|
|
@@ -614,6 +617,7 @@ neverallow {
|
|
-vold
|
|
-recovery
|
|
-ueventd
|
|
+ -misc_block_device_exception
|
|
} misc_block_device:blk_file { append link relabelfrom rename write open read ioctl lock };
|
|
|
|
# Only (hw|vnd|)servicemanager should be able to register with binder as the context manager
|
|
--
|
|
2.26.0
|
|
|