diff options
| author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2023-04-18 01:06:52 +0000 |
|---|---|---|
| committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2023-04-18 01:06:52 +0000 |
| commit | bb7a14c5cdafe53992ebdb4602e2abf042023540 (patch) | |
| tree | 99a05b2c43601298da4e036ea56a28a42daa31c9 | |
| parent | c50fff5b6fccadc8718ef7c0433c17b57fc0461b (diff) | |
| parent | 23c711561de85f42b62b303cdbd10e404885ddf0 (diff) | |
| download | bluejay-sepolicy-android14-s2-release.tar.gz | |
Snap for 9957928 from 23c711561de85f42b62b303cdbd10e404885ddf0 to udc-releaseandroid-vts-14.0_r4android-vts-14.0_r3android-vts-14.0_r2android-vts-14.0_r1android-security-14.0.0_r8android-security-14.0.0_r7android-security-14.0.0_r6android-security-14.0.0_r5android-security-14.0.0_r4android-security-14.0.0_r3android-security-14.0.0_r2android-security-14.0.0_r1android-platform-14.0.0_r1android-cts-14.0_r4android-cts-14.0_r3android-cts-14.0_r2android-cts-14.0_r1android-14.0.0_r28android-14.0.0_r2android-14.0.0_r15android-14.0.0_r14android-14.0.0_r13android-14.0.0_r1android14-tests-releaseandroid14-security-releaseandroid14-s2-releaseandroid14-s1-releaseandroid14-releaseandroid14-platform-release
Change-Id: Ib539511c2e1a856678c7e290c4426eaae174d2bf
| -rw-r--r-- | bluejay/genfs_contexts | 5 | ||||
| -rw-r--r-- | vendor/device.te | 2 | ||||
| -rw-r--r-- | vendor/file_contexts | 5 | ||||
| -rw-r--r-- | vendor/ufs_firmware_update.te | 10 |
4 files changed, 22 insertions, 0 deletions
diff --git a/bluejay/genfs_contexts b/bluejay/genfs_contexts index 0e9b2a8..6b11056 100644 --- a/bluejay/genfs_contexts +++ b/bluejay/genfs_contexts @@ -4,3 +4,8 @@ genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/i2c-cs40l26a u:object genfscon sysfs /devices/platform/10970000.hsi2c/i2c-6/i2c-cs40l26a u:object_r:sysfs_vibrator:s0 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/i2c-cs40l26a u:object_r:sysfs_vibrator:s0 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/i2c-cs40l26a u:object_r:sysfs_vibrator:s0 + +# Storage +genfscon sysfs /devices/platform/14700000.ufs/vendor u:object_r:sysfs_scsi_devices_0000:s0 +genfscon sysfs /devices/platform/14700000.ufs/model u:object_r:sysfs_scsi_devices_0000:s0 +genfscon sysfs /devices/platform/14700000.ufs/rev u:object_r:sysfs_scsi_devices_0000:s0 diff --git a/vendor/device.te b/vendor/device.te new file mode 100644 index 0000000..d2a91db --- /dev/null +++ b/vendor/device.te @@ -0,0 +1,2 @@ +# Block Devices +type fips_block_device, dev_type; diff --git a/vendor/file_contexts b/vendor/file_contexts new file mode 100644 index 0000000..a273c79 --- /dev/null +++ b/vendor/file_contexts @@ -0,0 +1,5 @@ +# Binaries +/vendor/bin/ufs_firmware_update\.sh u:object_r:ufs_firmware_update_exec:s0 + +# Devices +/dev/block/platform/14700000\.ufs/by-name/fips u:object_r:fips_block_device:s0 diff --git a/vendor/ufs_firmware_update.te b/vendor/ufs_firmware_update.te new file mode 100644 index 0000000..53ceba5 --- /dev/null +++ b/vendor/ufs_firmware_update.te @@ -0,0 +1,10 @@ +type ufs_firmware_update, domain; +type ufs_firmware_update_exec, vendor_file_type, exec_type, file_type; + +init_daemon_domain(ufs_firmware_update) + +allow ufs_firmware_update vendor_toolbox_exec:file execute_no_trans; +allow ufs_firmware_update block_device:dir r_dir_perms; +allow ufs_firmware_update fips_block_device:blk_file rw_file_perms; +allow ufs_firmware_update sysfs:dir r_dir_perms; +allow ufs_firmware_update sysfs_scsi_devices_0000:file r_file_perms; |