From 5c2546b3a8f0340ae50d3d8ed0dfbd513d2e99cd Mon Sep 17 00:00:00 2001 From: Roman Lubij Date: Tue, 17 Jun 2025 12:00:00 +0000 Subject: [PATCH] pipa: address SELinux issues with peripheralmanager, xiaomikeyboard --- sepolicy/vendor/file.te | 1 + sepolicy/vendor/file_contexts | 2 ++ sepolicy/vendor/system_app.te | 1 + sepolicy/vendor/xiaomi_keyboard.te | 4 +++- 4 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 sepolicy/vendor/file.te diff --git a/sepolicy/vendor/file.te b/sepolicy/vendor/file.te new file mode 100644 index 0000000..46c09ae --- /dev/null +++ b/sepolicy/vendor/file.te @@ -0,0 +1 @@ +type xiaomi_keyboard_conf_file, file_type; \ No newline at end of file diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts index fd2e0ea..59087fa 100644 --- a/sepolicy/vendor/file_contexts +++ b/sepolicy/vendor/file_contexts @@ -9,3 +9,5 @@ # Xiaomi Keyboard /dev/nanodev0 u:object_r:xiaomi_keyboard_device:s0 + +/data/misc/xiaomi_keyboard.conf u:object_r:xiaomi_keyboard_conf_file:s0 \ No newline at end of file diff --git a/sepolicy/vendor/system_app.te b/sepolicy/vendor/system_app.te index cc5ce3e..89a7d36 100644 --- a/sepolicy/vendor/system_app.te +++ b/sepolicy/vendor/system_app.te @@ -1 +1,2 @@ set_prop(system_app, vendor_pen_prop) +allow system_app xiaomi_keyboard_conf_file:file { read write open getattr }; \ No newline at end of file diff --git a/sepolicy/vendor/xiaomi_keyboard.te b/sepolicy/vendor/xiaomi_keyboard.te index 523cc56..a5a56ce 100644 --- a/sepolicy/vendor/xiaomi_keyboard.te +++ b/sepolicy/vendor/xiaomi_keyboard.te @@ -21,4 +21,6 @@ allow xiaomi_keyboard servicemanager:binder { call transfer }; # Additional diagnostic permissions allow xiaomi_keyboard sysfs:dir { read open }; -allow xiaomi_keyboard sysfs_devices_system_cpu:file { read open }; \ No newline at end of file +allow xiaomi_keyboard sysfs_devices_system_cpu:file { read open }; + +allow xiaomi_keyboard xiaomi_keyboard_conf_file:file { read open }; \ No newline at end of file