Support copy-on-write persistent data block when running a DSU The persistent data block is protected by a copy-on-write scratchpad when running a Dynamic System Update (DSU). The copy-on-write scratchpad uses a backing file for write operations. This CL adds permissions to write the backing file for the PersistentDataBlockService. Bug: 175852148 Test: gsi_tool install & vts_kernel_net_tests Change-Id: Id0efe407e707fc382679c0eee249af52f877f5d2

commit: 55665d63da39dab2bd8ede1825469d57b78bbbfd [log] [tgz]
author: Howard Chen <howardsoc@google.com> Fri Dec 25 17:32:13 2020 +0800
committer: Howard Chen <howardsoc@google.com> Wed Mar 10 13:02:02 2021 +0800
tree: c8b42adfc55ac389a6fd3cc832ea91107daa0d26
parent: 23c2021d89bc71b15473f402b26a2892bef080c9 [diff] [blame]
diff --git a/private/system_server.te b/private/system_server.te
index 05a6e48..b5da474 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -1261,6 +1261,9 @@
 allow system_server watchdog_metadata_file:dir rw_dir_perms;
 allow system_server watchdog_metadata_file:file create_file_perms;
 
+allow system_server gsi_persistent_data_file:dir rw_dir_perms;
+allow system_server gsi_persistent_data_file:file create_file_perms;
+
 # Allow system server r access to /system/bin/surfaceflinger for PinnerService.
 allow system_server surfaceflinger_exec:file r_file_perms;
commit	55665d63da39dab2bd8ede1825469d57b78bbbfd	[log] [tgz]
author	Howard Chen <howardsoc@google.com>	Fri Dec 25 17:32:13 2020 +0800
committer	Howard Chen <howardsoc@google.com>	Wed Mar 10 13:02:02 2021 +0800
tree	c8b42adfc55ac389a6fd3cc832ea91107daa0d26
parent	23c2021d89bc71b15473f402b26a2892bef080c9 [diff] [blame]