1 # update_verifier 2 # update_verifier uses the boot_control_hal. 3 type update_verifier, domain, boot_control_hal; 4 type update_verifier_exec, exec_type, file_type; 5 6 init_daemon_domain(update_verifier) 7 8 # Allow update_verifier to reach block devices in /dev/block. 9 allow update_verifier block_device:dir search; 10 11 # Read care map in /data/ota_package/. 12 allow update_verifier ota_package_file:dir r_dir_perms; 13 allow update_verifier ota_package_file:file r_file_perms; 14 15 # Read all blocks in system partition. 16 allow update_verifier system_block_device:blk_file r_file_perms; 17 18
