Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 7ad383f1810d2f8efc9556c336d69030a6082789
commit7ad383f1810d2f8efc9556c336d69030a6082789[log] [tgz]
authorFlorian Mayer <fmayer@google.com>Tue Apr 10 16:12:54 2018 +0100
committerFlorian Mayer <fmayer@google.com>Tue Apr 10 18:44:20 2018 +0100
tree0d0fc646de54da85f0167694efb3dbf77c21fa8e
parentd4dd2f57106b468327d9ba1243510ccdffc9a09c [diff]
Expose filesystem read events in SELinux policy.

Without this, we only have visibility into writes.

Looking at traces, we realised for many of the files we care about (.dex, .apk)
most filesystem events are actually reads.

See aosp/661782 for matching filesystem permission change.

Bug: 73625480

Change-Id: I6ec71d82fad8f4679c7b7d38e3cb90aff0b9e298
1 file changed
tree: 0d0fc646de54da85f0167694efb3dbf77c21fa8e
  1. build/
  2. prebuilts/
  3. private/
  4. public/
  5. reqd_mask/
  6. tests/
  7. tools/
  8. vendor/
  9. Android.bp
  10. Android.mk
  11. CleanSpec.mk
  12. definitions.mk
  13. MODULE_LICENSE_PUBLIC_DOMAIN
  14. NOTICE
  15. OWNERS
  16. PREUPLOAD.cfg
  17. README
  18. treble_sepolicy_tests_for_release.mk