From 55bd05960fbe1ede48c15a1371e9cc959cb23756 Mon Sep 17 00:00:00 2001 From: Max Shi Date: Mon, 12 Apr 2021 23:02:31 -0700 Subject: [PATCH] Add sepolicy for sensor HAL accessing AOC reset sysfs node. Bug: 184858369 Test: Verify sensor HAL process can write to the sysfs node. Change-Id: I9700323bafa413b88f25e4117499bcc936bce9c6 --- usf/sensor_hal.te | 3 +++ whitechapel/vendor/google/file.te | 1 + whitechapel/vendor/google/genfs_contexts | 1 + 3 files changed, 5 insertions(+) diff --git a/usf/sensor_hal.te b/usf/sensor_hal.te index f8213133..f10cd46a 100644 --- a/usf/sensor_hal.te +++ b/usf/sensor_hal.te @@ -41,6 +41,9 @@ allow hal_sensors_default sysfs_aoc:dir search; # Allow use of the USF low latency transport. usf_low_latency_transport(hal_sensors_default) +# Allow sensor HAL to reset AOC. +allow hal_sensors_default sysfs_aoc_reset:file w_file_perms; + # # Suez type enforcements. # diff --git a/whitechapel/vendor/google/file.te b/whitechapel/vendor/google/file.te index a83e7817..ea239081 100644 --- a/whitechapel/vendor/google/file.te +++ b/whitechapel/vendor/google/file.te @@ -94,6 +94,7 @@ type sysfs_touch, sysfs_type, fs_type; type sysfs_aoc_boottime, sysfs_type, fs_type; type sysfs_aoc_firmware, sysfs_type, fs_type; type sysfs_aoc, sysfs_type, fs_type; +type sysfs_aoc_reset, sysfs_type, fs_type; # Audio type persist_audio_file, file_type, vendor_persist_type; diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 7d154e67..8d63ee7f 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -2,6 +2,7 @@ genfscon sysfs /devices/platform/19000000.aoc/aoc_clock_and_kernel_boottime u:object_r:sysfs_aoc_boottime:s0 genfscon sysfs /devices/platform/19000000.aoc/firmware u:object_r:sysfs_aoc_firmware:s0 genfscon sysfs /devices/platform/19000000.aoc u:object_r:sysfs_aoc:s0 +genfscon sysfs /devices/platform/19000000.aoc/reset u:object_r:sysfs_aoc_reset:s0 # WiFi genfscon sysfs /wifi u:object_r:sysfs_wifi:s0