Merge "Allow update_engine to scan /sys/fs and /sys/fs/f2fs."

commit: 29e51c20957cd63c84b32edadb1881755c376300 [log] [tgz]
author: David Anderson <dvander@google.com> Mon Apr 12 21:04:08 2021 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Mon Apr 12 21:04:08 2021 +0000
tree: cf099d48a5d28ad94e52e425accd40eecb20d7f6
parent: 4ea9b0b9df74a35f80ba5241ec0943b623214eca [diff]
parent: 5a0d5ccdf7743ac9a11213336b23e9d556ad54df [diff]
diff --git a/public/update_engine_common.te b/public/update_engine_common.te
index 286ff4d..e8fd29e 100644
--- a/public/update_engine_common.te
+++ b/public/update_engine_common.te

@@ -59,6 +59,10 @@
 # Needed because libdm reads sysfs to validate when a dm path is ready.
 r_dir_file(update_engine_common, sysfs_dm)
 
+# Scan files in /sys/fs/ext4 and /sys/fs/f2fs for device-mapper diagnostics.
+allow update_engine_common sysfs:dir r_dir_perms;
+allow update_engine_common sysfs_fs_f2fs:dir r_dir_perms;
+
 # read / write on /dev/device-mapper to map / unmap devices
 allow update_engine_common dm_device:chr_file rw_file_perms;
commit	29e51c20957cd63c84b32edadb1881755c376300	[log] [tgz]
author	David Anderson <dvander@google.com>	Mon Apr 12 21:04:08 2021 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Mon Apr 12 21:04:08 2021 +0000
tree	cf099d48a5d28ad94e52e425accd40eecb20d7f6
parent	4ea9b0b9df74a35f80ba5241ec0943b623214eca [diff]
parent	5a0d5ccdf7743ac9a11213336b23e9d556ad54df [diff]