Allow update_verifier to reboot the device
Currently update_verifier only verifies the blocks when dm-verity is in
'enforcing' mode; and dm-verity will reboot the device upon detection of
errors. However, sometimes the verity mode is not guaranteed to be
correct. When mode is 'eio' for example, dm-verity will not trigger
a reboot but rather fail the read. So update_verifier need to take the
responsibility to reboot the device. Otherwise the device will continue
to boot without setting the flag "isSlotMarkedSuccessful".
Denial message:
update_verifier: type=1400 audit(0.0:18): avc: denied { write } for
name="property_service" dev="tmpfs" ino=14678 scontext=u:r:update_verifier:s0
tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0
Bug: 36260064
Test: powerctl property sets successfully
Change-Id: I7431f87e2d61be1425397732aebb369d4ad4c26c
diff --git a/public/update_verifier.te b/public/update_verifier.te
index 8c8e9a9..4d4e1f9 100644
--- a/public/update_verifier.te
+++ b/public/update_verifier.te
@@ -12,5 +12,8 @@
# Read all blocks in dm wrapped system partition.
allow update_verifier dm_device:blk_file r_file_perms;
+# Allow update_verifier to reboot the device.
+set_prop(update_verifier, powerctl_prop)
+
# Use Boot Control HAL
hal_client_domain(update_verifier, hal_bootctl)