1type remount, domain, coredomain; 2type remount_exec, system_file_type, exec_type, file_type; 3 4userdebug_or_eng(` 5 # Allow init to run clean_scratch_files and do auto domain transfer. 6 init_daemon_domain(remount) 7 8 # Allow talking to gsid. 9 binder_use(remount) 10 allow remount gsi_service:service_manager find; 11 binder_call(remount, gsid) 12 13 # Allow searching for /metadata/gsi/remount/lp_metadata. 14 allow remount { metadata_file gsi_metadata_file_type }:dir search; 15 16 # Allow remount to flip the overlayfs bit in the super partition. 17 # This requires being able to read fstab, find /dev/block/by-name/super, 18 # and read-write super. 19 r_dir_file(remount, sysfs_dt_firmware_android) 20 allow remount proc_bootconfig:file r_file_perms; 21 allow remount proc_cmdline:file r_file_perms; 22 allow remount block_device:dir r_dir_perms; 23 allow remount super_block_device_type:blk_file rw_file_perms; 24 allowxperm remount super_block_device_type:blk_file ioctl { BLKIOMIN BLKALIGNOFF }; 25') 26