Allow access to /proc/config.gz for priv_app and recovery Bug: 37485771 Test: sideloaded OTA through recovery on sailfish Change-Id: I98bb4e0e919db585131391f57545f1a9a0096701 Signed-off-by: Sandeep Patil <sspatil@google.com>

commit: 04654427f1e3a81f1a5c9810f2fffd642ad803eb [log] [tgz]
author: Sandeep Patil <sspatil@google.com> Wed Apr 19 11:35:15 2017 -0700
committer: Sandeep Patil <sspatil@google.com> Wed Apr 19 12:48:08 2017 -0700
tree: 3d18fec3a68d0f735179fb56178e7469004abac7
parent: 557d1916b7628eced290b4a2b3a83990f6b9b824 [diff] [blame]
diff --git a/private/priv_app.te b/private/priv_app.te
index bb7598e..065ea1a 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te

@@ -82,6 +82,9 @@
 r_dir_file(priv_app, proc)
 r_dir_file(priv_app, rootfs)
 
+# Allow GMS core to open kernel config for OTA matching through libvintf
+allow priv_app config_gz:file { open read getattr };
+
 # access the mac address
 allowxperm priv_app self:udp_socket ioctl SIOCGIFHWADDR;
commit	04654427f1e3a81f1a5c9810f2fffd642ad803eb	[log] [tgz]
author	Sandeep Patil <sspatil@google.com>	Wed Apr 19 11:35:15 2017 -0700
committer	Sandeep Patil <sspatil@google.com>	Wed Apr 19 12:48:08 2017 -0700
tree	3d18fec3a68d0f735179fb56178e7469004abac7
parent	557d1916b7628eced290b4a2b3a83990f6b9b824 [diff] [blame]