diff options
author | Sebastian Pickl <spickl@google.com> | 2023-12-01 11:30:35 +0000 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2023-12-01 11:30:45 +0000 |
commit | fbe923d20a8886d6900eda6f09c7a760c87a15ca (patch) | |
tree | ce5db479851adb37f59d1e8588e0ccdddba142bb | |
parent | 23feade4db0884aadcd2a3924cdd07cf3799cd0d (diff) | |
download | zuma-sepolicy-fbe923d20a8886d6900eda6f09c7a760c87a15ca.tar.gz |
Revert "zuma: move sepolicy related to bootctrl hal to gs-common"
Revert submission 25477883-gs-common_bootctrl-aidl
Reason for revert: breaking builds b/314240126
Bug: 314240126
Reverted changes: /q/submissionid:25477883-gs-common_bootctrl-aidl
Change-Id: I84dda0a7c98ed1d1f7958734761c9c1a0bd9d169
-rw-r--r-- | vendor/device.te | 4 | ||||
-rw-r--r-- | vendor/file.te | 1 | ||||
-rw-r--r-- | vendor/file_contexts | 1 | ||||
-rw-r--r-- | vendor/hal_bootctl_default.te | 8 |
4 files changed, 14 insertions, 0 deletions
diff --git a/vendor/device.te b/vendor/device.te index fdb4957..ee136aa 100644 --- a/vendor/device.te +++ b/vendor/device.te @@ -1,6 +1,7 @@ type persist_block_device, dev_type; type tee_persist_block_device, dev_type; type custom_ab_block_device, dev_type; +type devinfo_block_device, dev_type; type mfg_data_block_device, dev_type; type ufs_internal_block_device, dev_type; type logbuffer_device, dev_type; @@ -20,3 +21,6 @@ type gcma_camera_heap_device, dmabuf_heap_device_type, dev_type; # SecureElement SPI device type st54spi_device, dev_type; + +# OTA +type sda_block_device, dev_type; diff --git a/vendor/file.te b/vendor/file.te index 6498f82..81d41c1 100644 --- a/vendor/file.te +++ b/vendor/file.te @@ -50,6 +50,7 @@ userdebug_or_eng(` # sysfs type sysfs_fabric, sysfs_type, fs_type; type sysfs_em_profile, sysfs_type, fs_type; +type sysfs_ota, sysfs_type, fs_type; type sysfs_ospm, sysfs_type, fs_type; # GSA diff --git a/vendor/file_contexts b/vendor/file_contexts index 488cc40..ba6f2bc 100644 --- a/vendor/file_contexts +++ b/vendor/file_contexts @@ -1,5 +1,6 @@ # Binaries /vendor/bin/hw/android\.hardware\.health-service\.zuma u:object_r:hal_health_default_exec:s0 +/vendor/bin/hw/android\.hardware\.boot-service\.default-zuma u:object_r:hal_bootctl_default_exec:s0 /vendor/bin/hw/android\.hardware\.power\.stats-service\.pixel u:object_r:hal_power_stats_default_exec:s0 /vendor/bin/hw/android\.hardware\.secure_element-service\.thales u:object_r:hal_secure_element_st54spi_aidl_exec:s0 /vendor/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.goodix u:object_r:hal_fingerprint_default_exec:s0 diff --git a/vendor/hal_bootctl_default.te b/vendor/hal_bootctl_default.te new file mode 100644 index 0000000..2ffeb27 --- /dev/null +++ b/vendor/hal_bootctl_default.te @@ -0,0 +1,8 @@ +allow hal_bootctl_default devinfo_block_device:blk_file rw_file_perms; +allow hal_bootctl_default sda_block_device:blk_file rw_file_perms; +allow hal_bootctl_default sysfs_ota:file rw_file_perms; +allow hal_bootctl_default tee_device:chr_file rw_file_perms; + +recovery_only(` + allow hal_bootctl_default rootfs:dir r_dir_perms; +') |