Merge "Allow the kernel to read shell_data_file"

commit: 8ea29cd4debd10a278529dd8a53fcd3bc7749613 [log] [tgz]
author: Treehugger Robot <treehugger-gerrit@google.com> Fri Jul 02 19:13:46 2021 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Fri Jul 02 19:13:46 2021 +0000
tree: 9e8f8cf1550415c75cf1b357bfa7877bee94613b
parent: e43222e19b8da35e78e0a6ed0873d123bbbacd13 [diff]
parent: 4b8ece36835ac7bf61647936785510b466b8d878 [diff]
diff --git a/public/kernel.te b/public/kernel.te
index 902933d..09d2480 100644
--- a/public/kernel.te
+++ b/public/kernel.te

@@ -95,6 +95,11 @@
   staging_data_file
   vendor_apex_file
 }:file read;
+# Also allow the kernel to read /data/local/tmp files via loop device
+# for ApexTestCases
+userdebug_or_eng(`
+  allow kernel shell_data_file:file read;
+')
 
 # Allow the first-stage init (which is running in the kernel domain) to execute the
 # dynamic linker when it re-executes /init to switch into the second stage.
commit	8ea29cd4debd10a278529dd8a53fcd3bc7749613	[log] [tgz]
author	Treehugger Robot <treehugger-gerrit@google.com>	Fri Jul 02 19:13:46 2021 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Fri Jul 02 19:13:46 2021 +0000
tree	9e8f8cf1550415c75cf1b357bfa7877bee94613b
parent	e43222e19b8da35e78e0a6ed0873d123bbbacd13 [diff]
parent	4b8ece36835ac7bf61647936785510b466b8d878 [diff]