Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

pixel-selinux: add SJTAG policies

Browse source 
These are the SELinux policies for the DebugFS files of the SJTAG
kernel interface.

Bug: 184768605
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Change-Id: I36996d6fd5fe09adb7a36be573cf57f15ea35756
This commit is contained in:
Peter Csaszar 2021-05-07 16:50:00 -07:00
parent 551505ae05
commit bc525e1a49
4 changed files with 10 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
whitechapel/vendor/google/file.te vendored
View file

@ -34,6 +34,7 @@ type vendor_maxfg_debugfs, fs_type, debugfs_type, sysfs_type;
type vendor_charger_debugfs, fs_type, debugfs_type, sysfs_type; type vendor_charger_debugfs, fs_type, debugfs_type, sysfs_type;
type vendor_votable_debugfs, fs_type, debugfs_type, sysfs_type; type vendor_votable_debugfs, fs_type, debugfs_type, sysfs_type;
type vendor_battery_debugfs, fs_type, debugfs_type, sysfs_type; type vendor_battery_debugfs, fs_type, debugfs_type, sysfs_type;
type vendor_sjtag_debugfs, fs_type, debugfs_type, sysfs_type;
# Exynos sysfs # Exynos sysfs
type sysfs_exynos_bts, sysfs_type, fs_type; type sysfs_exynos_bts, sysfs_type, fs_type;

1
whitechapel/vendor/google/genfs_contexts vendored
View file

@ -284,6 +284,7 @@ genfscon debugfs /usb
genfscon debugfs /google_charger u:object_r:vendor_charger_debugfs:s0 genfscon debugfs /google_charger u:object_r:vendor_charger_debugfs:s0
genfscon debugfs /gvotables u:object_r:vendor_votable_debugfs:s0 genfscon debugfs /gvotables u:object_r:vendor_votable_debugfs:s0
genfscon debugfs /google_battery u:object_r:vendor_battery_debugfs:s0 genfscon debugfs /google_battery u:object_r:vendor_battery_debugfs:s0
genfscon debugfs /sjtag u:object_r:vendor_sjtag_debugfs:s0
# tracefs # tracefs
genfscon tracefs /events/dmabuf_heap/dma_heap_stat u:object_r:debugfs_tracing:s0 genfscon tracefs /events/dmabuf_heap/dma_heap_stat u:object_r:debugfs_tracing:s0

6
whitechapel/vendor/google/shell.te vendored
View file

@ -1 +1,7 @@
allow shell eco_service:service_manager find; allow shell eco_service:service_manager find;
# Allow access to the SJTAG kernel interface from the shell
userdebug_or_eng(`
allow shell vendor_sjtag_debugfs:dir r_dir_perms;
allow shell vendor_sjtag_debugfs:file rw_file_perms;
')

2
whitechapel/vendor/google/ssr_detector.te vendored
View file

@ -12,6 +12,8 @@ userdebug_or_eng(`
allow ssr_detector_app sscoredump_vendor_data_coredump_file:dir r_dir_perms; allow ssr_detector_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
allow ssr_detector_app sscoredump_vendor_data_coredump_file:file r_file_perms; allow ssr_detector_app sscoredump_vendor_data_coredump_file:file r_file_perms;
get_prop(ssr_detector_app, vendor_aoc_prop) get_prop(ssr_detector_app, vendor_aoc_prop)
allow ssr_detector_app vendor_sjtag_debugfs:dir r_dir_perms;
allow ssr_detector_app vendor_sjtag_debugfs:file rw_file_perms;
') ')
get_prop(ssr_detector_app, vendor_ssrdump_prop) get_prop(ssr_detector_app, vendor_ssrdump_prop)