diff options
| author | Bart Van Assche <bvanassche@google.com> | 2021-08-13 11:37:38 -0700 |
|---|---|---|
| committer | Bart Van Assche <bvanassche@google.com> | 2021-08-13 11:37:49 -0700 |
| commit | 53bdd49fdc08b78f04b1da9a5843a01b698ead88 (patch) | |
| tree | a348943dcef2f016a5b23fffe1b81b867a022122 | |
| parent | 7c2989f9439f9255957b81fe5f4d9695e6bd05d4 (diff) | |
| download | crosshatch-sepolicy-53bdd49fdc08b78f04b1da9a5843a01b698ead88.tar.gz | |
Add the 'bdev_type' attribute to all block devices
The following patch iterates over all block devices:
https://android-review.googlesource.com/c/platform/system/core/+/1783847/9
The following patch grants 'init' and 'apexd' permission to iterate over
all block devices:
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1783947
The above SELinux policy change requires to add the 'bdev_type'
attribute to all block devices. Hence this patch.
Bug: 194450129
Test: Untested.
Change-Id: Ib5dcce36d0583445db9e92e9a5dbbc24e6f8551e
Signed-off-by: Bart Van Assche <bvanassche@google.com>
| -rw-r--r-- | vendor/qcom/common/device.te | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/vendor/qcom/common/device.te b/vendor/qcom/common/device.te index 2b65291..0dcd4fc 100644 --- a/vendor/qcom/common/device.te +++ b/vendor/qcom/common/device.te @@ -1,15 +1,15 @@ -type ab_block_device, dev_type; +type ab_block_device, dev_type, bdev_type; type at_device, dev_type; type avtimer_device, dev_type; type bt_device, dev_type; -type devinfo_block_device, dev_type; +type devinfo_block_device, dev_type, bdev_type; type diag_device, dev_type, mlstrustedobject; type dsp_device, dev_type; type easel_device, dev_type, mlstrustedobject; -type gpt_block_device, dev_type; +type gpt_block_device, dev_type, bdev_type; type ipa_dev, dev_type; -type modem_block_device, dev_type; -type persist_block_device, dev_type; +type modem_block_device, dev_type, bdev_type; +type persist_block_device, dev_type, bdev_type; type qsee_ipc_irq_spss_device, dev_type; type qdsp_device, dev_type, mlstrustedobject; type ramdump_device, dev_type; @@ -18,7 +18,7 @@ type seemplog_device, dev_type; type sg_device, dev_type; type smd_device, dev_type; type spcom_device, dev_type; -type ssd_block_device, dev_type; +type ssd_block_device, dev_type, bdev_type; type ssr_device, dev_type; type wlan_device, dev_type; -type xbl_block_device, dev_type; +type xbl_block_device, dev_type, bdev_type; |