Evolution-X-Tensor/device_google_bluejay
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge "bluejay: add sepolicy for ufs_firmware_update process" into udc-dev am: 23c711561d am: 3ae91d9c27

Browse source 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/bluejay-sepolicy/+/22158745

Change-Id: I2f3ae7593b78331cc25bb65ac10289a35c32bd43
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Leo Liou 2023-04-17 10:55:02 +00:00 committed by Automerger Merge Worker
commit 0f41bbae2a
4 changed files with 22 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
bluejay/genfs_contexts
View file

@ -4,3 +4,8 @@ genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/i2c-cs40l26a u:object
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-6/i2c-cs40l26a u:object_r:sysfs_vibrator:s0
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/i2c-cs40l26a u:object_r:sysfs_vibrator:s0
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/i2c-cs40l26a u:object_r:sysfs_vibrator:s0
# Storage
genfscon sysfs /devices/platform/14700000.ufs/vendor u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/model u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/rev u:object_r:sysfs_scsi_devices_0000:s0

2
vendor/device.te vendored Normal file
View file

@ -0,0 +1,2 @@
# Block Devices
type fips_block_device, dev_type;

5
vendor/file_contexts vendored Normal file
View file

@ -0,0 +1,5 @@
# Binaries
/vendor/bin/ufs_firmware_update\.sh u:object_r:ufs_firmware_update_exec:s0
# Devices
/dev/block/platform/14700000\.ufs/by-name/fips u:object_r:fips_block_device:s0

10
vendor/ufs_firmware_update.te vendored Normal file
View file

@ -0,0 +1,10 @@
type ufs_firmware_update, domain;
type ufs_firmware_update_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(ufs_firmware_update)
allow ufs_firmware_update vendor_toolbox_exec:file execute_no_trans;
allow ufs_firmware_update block_device:dir r_dir_perms;
allow ufs_firmware_update fips_block_device:blk_file rw_file_perms;
allow ufs_firmware_update sysfs:dir r_dir_perms;
allow ufs_firmware_update sysfs_scsi_devices_0000:file r_file_perms;