diff options
| author | Dario Freni <dariofreni@google.com> | 2023-12-01 13:00:07 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2023-12-01 13:00:07 +0000 |
| commit | 2584e99c58df505635489f2ebe69a306bb379843 (patch) | |
| tree | c752d2fa0cd1d6b310100983b6291611bd2f3ab0 | |
| parent | 421b5abf9715743b586716ee8155b1afba5e350d (diff) | |
| parent | fbe923d20a8886d6900eda6f09c7a760c87a15ca (diff) | |
| download | zuma-sepolicy-2584e99c58df505635489f2ebe69a306bb379843.tar.gz | |
Merge "Revert "zuma: move sepolicy related to bootctrl hal to gs-common"" into main
| -rw-r--r-- | vendor/device.te | 4 | ||||
| -rw-r--r-- | vendor/file.te | 1 | ||||
| -rw-r--r-- | vendor/file_contexts | 1 | ||||
| -rw-r--r-- | vendor/hal_bootctl_default.te | 8 |
4 files changed, 14 insertions, 0 deletions
diff --git a/vendor/device.te b/vendor/device.te index fdb4957..ee136aa 100644 --- a/vendor/device.te +++ b/vendor/device.te @@ -1,6 +1,7 @@ type persist_block_device, dev_type; type tee_persist_block_device, dev_type; type custom_ab_block_device, dev_type; +type devinfo_block_device, dev_type; type mfg_data_block_device, dev_type; type ufs_internal_block_device, dev_type; type logbuffer_device, dev_type; @@ -20,3 +21,6 @@ type gcma_camera_heap_device, dmabuf_heap_device_type, dev_type; # SecureElement SPI device type st54spi_device, dev_type; + +# OTA +type sda_block_device, dev_type; diff --git a/vendor/file.te b/vendor/file.te index 6498f82..81d41c1 100644 --- a/vendor/file.te +++ b/vendor/file.te @@ -50,6 +50,7 @@ userdebug_or_eng(` # sysfs type sysfs_fabric, sysfs_type, fs_type; type sysfs_em_profile, sysfs_type, fs_type; +type sysfs_ota, sysfs_type, fs_type; type sysfs_ospm, sysfs_type, fs_type; # GSA diff --git a/vendor/file_contexts b/vendor/file_contexts index 488cc40..ba6f2bc 100644 --- a/vendor/file_contexts +++ b/vendor/file_contexts @@ -1,5 +1,6 @@ # Binaries /vendor/bin/hw/android\.hardware\.health-service\.zuma u:object_r:hal_health_default_exec:s0 +/vendor/bin/hw/android\.hardware\.boot-service\.default-zuma u:object_r:hal_bootctl_default_exec:s0 /vendor/bin/hw/android\.hardware\.power\.stats-service\.pixel u:object_r:hal_power_stats_default_exec:s0 /vendor/bin/hw/android\.hardware\.secure_element-service\.thales u:object_r:hal_secure_element_st54spi_aidl_exec:s0 /vendor/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.goodix u:object_r:hal_fingerprint_default_exec:s0 diff --git a/vendor/hal_bootctl_default.te b/vendor/hal_bootctl_default.te new file mode 100644 index 0000000..2ffeb27 --- /dev/null +++ b/vendor/hal_bootctl_default.te @@ -0,0 +1,8 @@ +allow hal_bootctl_default devinfo_block_device:blk_file rw_file_perms; +allow hal_bootctl_default sda_block_device:blk_file rw_file_perms; +allow hal_bootctl_default sysfs_ota:file rw_file_perms; +allow hal_bootctl_default tee_device:chr_file rw_file_perms; + +recovery_only(` + allow hal_bootctl_default rootfs:dir r_dir_perms; +') |