8c11cc3db5b5229e0bf65bbbc346dc8d3200cd95 - android_system_sepolicy

commit	8c11cc3db5b5229e0bf65bbbc346dc8d3200cd95	[log] [tgz]
author	Maciej Żenczykowski <maze@google.com>	Fri Jan 15 20:42:20 2021 -0800
committer	Maciej Żenczykowski <maze@google.com>	Fri Jan 15 20:50:00 2021 -0800
tree	f4dedbcb0a611de149d394e980a2c2e767b1a256
parent	1c343047e9107332c44a38d74a6a6353ff467cd6 [diff]

bpfloader.te - allow creation of subdirectories of /sys/fs/bpf

(and while we're at it make sure noone else creates subdirs)

Resolves:
  avc: denied { create } for comm="bpfloader" name="tethering" scontext=u:r:bpfloader:s0 tcontext=u:object_r:fs_bpf:s0 tclass=dir

Test: builds and boots with bpfloader changes
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I27a4e0793ed039feab84ac5658e36b68dcca2631

private/bpfloader.te[diff]

1 file changed