bluejay: Rework sepolicy
Change-Id: Idb0636bce2392beb720e420055a7bcb838725a18
This commit is contained in:
Michael Bestas
2
sepolicy/vendor/bug_map
vendored
Normal file
2
sepolicy/vendor/bug_map
vendored
Normal file
@@ -0,0 +1,2 @@
|
||||
insmod-sh vendor_edgetpu_debugfs dir b/385858411
|
||||
ramdump_app privapp_data_file lnk_file b/385858431
|
||||
1
sepolicy/vendor/device.te
vendored
Normal file
1
sepolicy/vendor/device.te
vendored
Normal file
@@ -0,0 +1 @@
|
||||
type fips_block_device, dev_type;
|
||||
8
sepolicy/vendor/dump_stm.te
vendored
Normal file
8
sepolicy/vendor/dump_stm.te
vendored
Normal file
@@ -0,0 +1,8 @@
|
||||
get_prop(dump_stm, vendor_touch_dump_path_prop)
|
||||
|
||||
pixel_bugreport(dump_stm)
|
||||
|
||||
allow dump_stm proc_touch:file rw_file_perms;
|
||||
allow dump_stm sysfs_touch:dir search;
|
||||
allow dump_stm sysfs_touch:file rw_file_perms;
|
||||
allow dump_stm vendor_toolbox_exec:file execute_no_trans;
|
||||
1
sepolicy/vendor/file.te
vendored
Normal file
1
sepolicy/vendor/file.te
vendored
Normal file
@@ -0,0 +1 @@
|
||||
type proc_touch, fs_type, proc_type;
|
||||
3
sepolicy/vendor/file_contexts
vendored
Normal file
3
sepolicy/vendor/file_contexts
vendored
Normal file
@@ -0,0 +1,3 @@
|
||||
/dev/block/platform/14700000\.ufs/by-name/fips u:object_r:fips_block_device:s0
|
||||
/vendor/bin/dump/dump_stm\.sh u:object_r:dump_stm_exec:s0
|
||||
/vendor/bin/resku_rescue_kicker u:object_r:tee_exec:s0
|
||||
8
sepolicy/vendor/genfs_contexts
vendored
Normal file
8
sepolicy/vendor/genfs_contexts
vendored
Normal file
@@ -0,0 +1,8 @@
|
||||
genfscon proc /fts_ext/driver_test u:object_r:proc_touch:s0
|
||||
genfscon proc /fts/driver_test u:object_r:proc_touch:s0
|
||||
genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0 u:object_r:sysfs_touch:s0
|
||||
genfscon sysfs /devices/platform/10d40000.spi/spi_master/spi11/spi11.0 u:object_r:sysfs_touch:s0
|
||||
genfscon sysfs /devices/platform/10950000.spi/spi_master/spi6/spi6.0 u:object_r:sysfs_touch:s0
|
||||
genfscon sysfs /devices/platform/14700000.ufs/vendor u:object_r:sysfs_scsi_devices_0000:s0
|
||||
genfscon sysfs /devices/platform/14700000.ufs/model u:object_r:sysfs_scsi_devices_0000:s0
|
||||
genfscon sysfs /devices/platform/14700000.ufs/rev u:object_r:sysfs_scsi_devices_0000:s0
|
||||
1
sepolicy/vendor/init.te
vendored
Normal file
1
sepolicy/vendor/init.te
vendored
Normal file
@@ -0,0 +1 @@
|
||||
set_prop(vendor_init, vendor_touch_dump_path_prop)
|
||||
1
sepolicy/vendor/property.te
vendored
Normal file
1
sepolicy/vendor/property.te
vendored
Normal file
@@ -0,0 +1 @@
|
||||
vendor_internal_prop(vendor_touch_dump_path_prop)
|
||||
1
sepolicy/vendor/property_contexts
vendored
Normal file
1
sepolicy/vendor/property_contexts
vendored
Normal file
@@ -0,0 +1 @@
|
||||
ro.vendor.touch.dump. u:object_r:vendor_touch_dump_path_prop:s0
|
||||
3
sepolicy/vendor/ufs_firmware_update.te
vendored
Normal file
3
sepolicy/vendor/ufs_firmware_update.te
vendored
Normal file
@@ -0,0 +1,3 @@
|
||||
allow ufs_firmware_update block_device:dir r_dir_perms;
|
||||
allow ufs_firmware_update fips_block_device:blk_file rw_file_perms;
|
||||
allow ufs_firmware_update sysfs:dir r_dir_perms;
|
||||
Reference in New Issue
Block a user