global_macros: Allow directory locking

See https://groups.google.com/d/msg/android-ndk/BbEOA9pnR-I/HgLkGy5qAgAJ Addresses the following denial: avc: denied { lock } for path="/data/data/com.mypackage/files/somefilename" dev="mmcblk0p28" ino=114736 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=dir permissive=0 While I'm here, also add lock to w_file_perms. Change-Id: I2568a228099c4e112e4a8b80da3bfcf2e35eb0ea
ResurrectionRemix · Mar 22, 2016 · 4ee494c · 4ee494c
1 parent 9afb407
commit 4ee494c
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/global_macros b/global_macros
@@ -20,15 +20,15 @@ define(`ipc_class_set', `{ sem msgq shm ipc }')
 #
 define(`x_file_perms', `{ getattr execute execute_no_trans }')
 define(`r_file_perms', `{ getattr open read ioctl lock }')
-define(`w_file_perms', `{ open append write }')
+define(`w_file_perms', `{ open append write lock }')
 define(`rx_file_perms', `{ r_file_perms x_file_perms }')
 define(`ra_file_perms', `{ r_file_perms append }')
 define(`rw_file_perms', `{ r_file_perms w_file_perms }')
 define(`rwx_file_perms', `{ rw_file_perms x_file_perms }')
 define(`create_file_perms', `{ create rename setattr unlink rw_file_perms }')
 
-define(`r_dir_perms', `{ open getattr read search ioctl }')
-define(`w_dir_perms', `{ open search write add_name remove_name }')
+define(`r_dir_perms', `{ open getattr read search ioctl lock }')
+define(`w_dir_perms', `{ open search write add_name remove_name lock }')
 define(`ra_dir_perms', `{ r_dir_perms add_name write }')
 define(`rw_dir_perms', `{ r_dir_perms w_dir_perms }')
 define(`create_dir_perms', `{ create reparent rename rmdir setattr rw_dir_perms }')