From 5742be1014f3cb37b462495ccae45506d6f64de7 Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Mon, 5 Sep 2022 11:38:18 +0800 Subject: [PATCH] move insmod script to gs-common Bug: 243763292 Test: boot to home Change-Id: If676806d806adcd7f1fcecc1199255788e8858ef --- whitechapel/vendor/google/file_contexts | 3 ++- whitechapel/vendor/google/init-display-sh.te | 10 ++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) create mode 100644 whitechapel/vendor/google/init-display-sh.te diff --git a/whitechapel/vendor/google/file_contexts b/whitechapel/vendor/google/file_contexts index 119b1253..049df568 100644 --- a/whitechapel/vendor/google/file_contexts +++ b/whitechapel/vendor/google/file_contexts @@ -280,7 +280,8 @@ /mnt/vendor/persist/modem(/.*)? u:object_r:persist_modem_file:s0 # Kernel modules related -/vendor/bin/init\.insmod\.sh u:object_r:init-insmod-sh_exec:s0 +/vendor/bin/insmod\.sh u:object_r:init-insmod-sh_exec:s0 +/vendor/bin/init\.display\.sh u:object_r:init-display-sh_exec:s0 # USB /vendor/bin/hw/disable_contaminant_detection\.sh u:object_r:disable-contaminant-detection-sh_exec:s0 diff --git a/whitechapel/vendor/google/init-display-sh.te b/whitechapel/vendor/google/init-display-sh.te new file mode 100644 index 00000000..54ff7d6e --- /dev/null +++ b/whitechapel/vendor/google/init-display-sh.te @@ -0,0 +1,10 @@ +type init-display-sh, domain; +type init-display-sh_exec, vendor_file_type, exec_type, file_type; +init_daemon_domain(init-display-sh) + +allow init-display-sh self:capability sys_module; +allow init-display-sh vendor_kernel_modules:system module_load; +allow init-display-sh vendor_toolbox_exec:file execute_no_trans; + +dontaudit init-display-sh proc_cmdline:file r_file_perms; +