From 980f1d09bc4ae81daa04893bf94498360d6309f7 Mon Sep 17 00:00:00 2001 From: weishu Date: Mon, 26 Jun 2023 19:29:29 +0800 Subject: [PATCH] kernel: allow kernel to mount loop devices. close #514 --- kernel/selinux/rules.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/kernel/selinux/rules.c b/kernel/selinux/rules.c index 3ccab7bb..dbc9aef3 100644 --- a/kernel/selinux/rules.c +++ b/kernel/selinux/rules.c @@ -114,6 +114,10 @@ void apply_kernelsu_rules() ksu_allow(db, "hwservicemanager", KERNEL_SU_DOMAIN, "process", "getattr"); + // For mounting loop devices, mirrors, tmpfs + ksu_allow(db, "kernel", ALL, "file", "read"); + ksu_allow(db, "kernel", ALL, "file", "write"); + // Allow all binder transactions ksu_allow(db, ALL, KERNEL_SU_DOMAIN, "binder", ALL);