Add 'sepolicy/' from tag 'android-15.0.0_r1'
git-subtree-dir: sepolicy git-subtree-mainline:42aa39292fgit-subtree-split:9a45b302acChange-Id: I39b2f757982eab6d860a1cfe1ce87bc6ec3b10fd
This commit is contained in:
Michael Bestas
commit
ffaa74cc5c
8 changed files with 28 additions and 0 deletions
4
sepolicy/OWNERS
Normal file
4
sepolicy/OWNERS
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
include device/google/gs-common:/sepolicy/OWNERS
|
||||
|
||||
adamshih@google.com
|
||||
|
||||
2
sepolicy/bluejay-sepolicy.mk
Normal file
2
sepolicy/bluejay-sepolicy.mk
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
BOARD_VENDOR_SEPOLICY_DIRS += device/google/bluejay-sepolicy/bluejay
|
||||
BOARD_VENDOR_SEPOLICY_DIRS += device/google/bluejay-sepolicy/tracking_denials
|
||||
2
sepolicy/bluejay/device.te
Normal file
2
sepolicy/bluejay/device.te
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
# Block Devices
|
||||
type fips_block_device, dev_type;
|
||||
5
sepolicy/bluejay/file_contexts
Normal file
5
sepolicy/bluejay/file_contexts
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
# Binaries
|
||||
/vendor/bin/ufs_firmware_update\.sh u:object_r:ufs_firmware_update_exec:s0
|
||||
|
||||
# Devices
|
||||
/dev/block/platform/14700000\.ufs/by-name/fips u:object_r:fips_block_device:s0
|
||||
4
sepolicy/bluejay/genfs_contexts
Normal file
4
sepolicy/bluejay/genfs_contexts
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
# Storage
|
||||
genfscon sysfs /devices/platform/14700000.ufs/vendor u:object_r:sysfs_scsi_devices_0000:s0
|
||||
genfscon sysfs /devices/platform/14700000.ufs/model u:object_r:sysfs_scsi_devices_0000:s0
|
||||
genfscon sysfs /devices/platform/14700000.ufs/rev u:object_r:sysfs_scsi_devices_0000:s0
|
||||
1
sepolicy/bluejay/grilservice_app.te
Normal file
1
sepolicy/bluejay/grilservice_app.te
Normal file
|
|
@ -0,0 +1 @@
|
|||
allow grilservice_app hal_bluetooth_coexistence_service:service_manager find;
|
||||
10
sepolicy/bluejay/ufs_firmware_update.te
Normal file
10
sepolicy/bluejay/ufs_firmware_update.te
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
type ufs_firmware_update, domain;
|
||||
type ufs_firmware_update_exec, vendor_file_type, exec_type, file_type;
|
||||
|
||||
init_daemon_domain(ufs_firmware_update)
|
||||
|
||||
allow ufs_firmware_update vendor_toolbox_exec:file execute_no_trans;
|
||||
allow ufs_firmware_update block_device:dir r_dir_perms;
|
||||
allow ufs_firmware_update fips_block_device:blk_file rw_file_perms;
|
||||
allow ufs_firmware_update sysfs:dir r_dir_perms;
|
||||
allow ufs_firmware_update sysfs_scsi_devices_0000:file r_file_perms;
|
||||
0
sepolicy/tracking_denials/bug_map
Normal file
0
sepolicy/tracking_denials/bug_map
Normal file
Loading…
Add table
Add a link
Reference in a new issue