Creates a new permission for /cache/recovery This permission was created mostly for dumpstate (so it can include recovery files on bugreports when an OTA fails), but it was applied to uncrypt and recovery as well (since it had a wider access before). Grant access to cache_recovery_file where we previously granted access to cache_file. Add auditallow rules to determine if this is really needed. BUG: 25351711 Change-Id: I07745181dbb4f0bde75694ea31b3ab79a4682f18

commit: 549ccf77e3fd23bb6c690da7023441c1007c4fd8 [log] [tgz]
author: Felipe Leme <felipeal@google.com> Tue Dec 22 12:37:17 2015 -0800
committer: Felipe Leme <felipeal@google.com> Mon Jan 04 23:11:28 2016 +0000
tree: 3185e58342bb2716ddf1df42a49d7b2cd1112050
parent: 36f255ff5209cb8b13217ec050d8def5472aed23 [diff] [blame]
diff --git a/file_contexts b/file_contexts
index 0201a6d..a1fa804 100644
--- a/file_contexts
+++ b/file_contexts

@@ -317,6 +317,7 @@
 /cache/.*\.restore	u:object_r:cache_backup_file:s0
 # LocalTransport (backup) uses this directory
 /cache/backup(/.*)?	u:object_r:cache_backup_file:s0
+/cache/recovery(/.*)?	u:object_r:cache_recovery_file:s0
 #############################
 # sysfs files
 #
commit	549ccf77e3fd23bb6c690da7023441c1007c4fd8	[log] [tgz]
author	Felipe Leme <felipeal@google.com>	Tue Dec 22 12:37:17 2015 -0800
committer	Felipe Leme <felipeal@google.com>	Mon Jan 04 23:11:28 2016 +0000
tree	3185e58342bb2716ddf1df42a49d7b2cd1112050
parent	36f255ff5209cb8b13217ec050d8def5472aed23 [diff] [blame]