pipa: address SELinux issues with peripheralmanager, xiaomikeyboard

2025-06-17 12:00:00 +00:00
parent cb92741ec1
commit 5c2546b3a8
4 changed files with 7 additions and 1 deletions
--- a/sepolicy/vendor/file.te
+++ b/sepolicy/vendor/file.te
@@ -0,0 +1 @@
+type xiaomi_keyboard_conf_file, file_type;
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -9,3 +9,5 @@

 # Xiaomi Keyboard
 /dev/nanodev0				u:object_r:xiaomi_keyboard_device:s0
+
+/data/misc/xiaomi_keyboard.conf  u:object_r:xiaomi_keyboard_conf_file:s0
--- a/sepolicy/vendor/system_app.te
+++ b/sepolicy/vendor/system_app.te
@@ -1 +1,2 @@
 set_prop(system_app, vendor_pen_prop)
+allow system_app xiaomi_keyboard_conf_file:file { read write open getattr };
--- a/sepolicy/vendor/xiaomi_keyboard.te
+++ b/sepolicy/vendor/xiaomi_keyboard.te
@@ -21,4 +21,6 @@ allow xiaomi_keyboard servicemanager:binder { call transfer };

 # Additional diagnostic permissions
 allow xiaomi_keyboard sysfs:dir { read open };
-allow xiaomi_keyboard sysfs_devices_system_cpu:file { read open };
+allow xiaomi_keyboard sysfs_devices_system_cpu:file { read open };
+
+allow xiaomi_keyboard xiaomi_keyboard_conf_file:file { read open };