Merge "DO NOT MERGE - Merge pi-platform-release (PPRL.190505.001) into stage-aosp-master" into stage-aosp-mastertemp_b_132622481_stage-aosp-master

author: TreeHugger Robot <treehugger-gerrit@google.com> 2019-05-15 23:02:18 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2019-05-15 23:02:18 +0000
commit: d9b07f56e87f7dfa4c750e19ae2add4caf5e657d (patch)
tree: bea3cdbd537238bc062102968095be8b969c1175
parent: 0801fb2d82b26c79779fafe4bd5052e0a4b1ce59 (diff)
parent: 04ffbb1b89401bf6aead6eddace5f1ee38b5a5f9 (diff)
download: bonito-sepolicy-temp_b_132622481_stage-aosp-master.tar.gz
2 files changed, 16 insertions, 0 deletions
diff --git a/vendor/google/file_contexts b/vendor/google/file_contexts
index 4b4bf861..56c530ae 100644
--- a/vendor/google/file_contexts
+++ b/vendor/google/file_contexts
@@ -13,6 +13,7 @@
 /vendor/bin/hw/android\.hardware\.secure_element@1\.0-service-disabled      u:object_r:hal_secure_element_default_exec:s0
 /vendor/bin/hw/android\.hardware\.power@1\.3-service\.bonito-libperfmgr     u:object_r:hal_power_default_exec:s0
 /vendor/bin/perfstatsd                                                      u:object_r:perfstatsd_exec:s0
+/vendor/bin/init\.firstboot\.sh                                             u:object_r:init-firstboot_exec:s0
 /vendor/bin/ramoops                                                         u:object_r:ramoops_exec:s0
 /vendor/bin/init\.ramoops\.sh                                               u:object_r:ramoops_exec:s0
 /vendor/bin/pixelstats-vendor                                               u:object_r:pixelstats_vendor_exec:s0
diff --git a/vendor/google/init-firstboot.te b/vendor/google/init-firstboot.te
new file mode 100644
index 00000000..7ca7168b
--- /dev/null
+++ b/vendor/google/init-firstboot.te
@@ -0,0 +1,15 @@
+type init-firstboot, domain;
+type init-firstboot_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(init-firstboot)
+
+allow init-firstboot vendor_shell_exec:file rx_file_perms;
+allow init-firstboot vendor_toolbox_exec:file rx_file_perms;
+
+# Read USB connection state
+allow init-firstboot sysfs_msm_subsys:dir search;
+r_dir_file(init-firstboot, sysfs_batteryinfo)
+
+# Set property to trigger a shutdown
+set_prop(init-firstboot, powerctl_prop)
+
author	TreeHugger Robot <treehugger-gerrit@google.com>	2019-05-15 23:02:18 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2019-05-15 23:02:18 +0000
commit	d9b07f56e87f7dfa4c750e19ae2add4caf5e657d (patch)
tree	bea3cdbd537238bc062102968095be8b969c1175
parent	0801fb2d82b26c79779fafe4bd5052e0a4b1ce59 (diff)
parent	04ffbb1b89401bf6aead6eddace5f1ee38b5a5f9 (diff)
download	bonito-sepolicy-temp_b_132622481_stage-aosp-master.tar.gz