From c598db170cfd2fa22df344d1aa78ccbd34d42516 Mon Sep 17 00:00:00 2001 From: Alex Hong Date: Mon, 21 Jun 2021 17:29:50 +0800 Subject: [PATCH] Move the genfs_contexts of sched nodes from vendor to product For sched nodes, "proc_vendor_sched" and "sysfs_vendor_sched", their type definition is in product sepolicy, while genfs_contexts is in vendor sepolicy. In this case, genfs_contexts cannot be resolved after product sepolicy is replaced by Dynamic System Update. Need to keep the type definition and genfs_contexts in the same partition. Now move genfs_contexts because the type definition has to be in product for now since other private domains are accessing these sched nodes. Test: $ make selinux_policy The device can boot to home after replacing with GSI. Bug: 191236468 Change-Id: I02ea78b04dfcade4ceb426ff6ebf498daa81ac32 --- private/genfs_contexts | 3 +++ whitechapel/vendor/google/genfs_contexts | 4 ---- 2 files changed, 3 insertions(+), 4 deletions(-) create mode 100644 private/genfs_contexts diff --git a/private/genfs_contexts b/private/genfs_contexts new file mode 100644 index 00000000..448ca5e3 --- /dev/null +++ b/private/genfs_contexts @@ -0,0 +1,3 @@ +# Vendor sched files +genfscon sysfs /kernel/vendor_sched u:object_r:sysfs_vendor_sched:s0 +genfscon proc /vendor_sched u:object_r:proc_vendor_sched:s0 diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 4fcd1ab1..7c705b82 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -109,10 +109,6 @@ genfscon proc /fts/driver_test genfscon proc /fts_ext/driver_test u:object_r:proc_touch:s0 genfscon sysfs /devices/virtual/sec/tsp u:object_r:sysfs_touch:s0 -# Vendor sched files -genfscon sysfs /kernel/vendor_sched u:object_r:sysfs_vendor_sched:s0 -genfscon proc /vendor_sched u:object_r:proc_vendor_sched:s0 - # GPS genfscon sysfs /devices/platform/10940000.spi/spi_master/spi5/spi5.0/nstandby u:object_r:sysfs_gps:s0