pixel-selinux: Port PRO SJTAG policies to tm-dev am: 466adbb2da
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17299051 Change-Id: If1cc0d3afa539a104b2ad99b9bebdc18c98bd622
This commit is contained in:
Peter Csaszar
Automerger Merge Worker
commit
0b35cf6a3b
4 changed files with 26 additions and 1 deletions
|
|
@ -96,4 +96,15 @@ type sysfs_gpu, sysfs_type, fs_type;
|
|||
type sysfs_usbc_throttling_stats, sysfs_type, fs_type;
|
||||
|
||||
# Touch
|
||||
type proc_touch, proc_type, fs_type;
|
||||
type proc_touch, proc_type, fs_type;
|
||||
|
||||
# Vendor sched files
|
||||
userdebug_or_eng(`
|
||||
typeattribute sysfs_vendor_sched mlstrustedobject;
|
||||
')
|
||||
|
||||
# SJTAG
|
||||
type sysfs_sjtag, fs_type, sysfs_type;
|
||||
userdebug_or_eng(`
|
||||
typeattribute sysfs_sjtag mlstrustedobject;
|
||||
')
|
||||
|
|
|
|||
|
|
@ -223,3 +223,7 @@ genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_t
|
|||
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/cleared_time u:object_r:sysfs_usbc_throttling_stats:s0
|
||||
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/hysteresis_time u:object_r:sysfs_usbc_throttling_stats:s0
|
||||
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/trip_time u:object_r:sysfs_usbc_throttling_stats:s0
|
||||
|
||||
# SJTAG
|
||||
genfscon sysfs /devices/platform/sjtag_ap/interface u:object_r:sysfs_sjtag:s0
|
||||
genfscon sysfs /devices/platform/sjtag_gsa/interface u:object_r:sysfs_sjtag:s0
|
||||
|
|
|
|||
5
whitechapel_pro/shell.te
Normal file
5
whitechapel_pro/shell.te
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
# Allow access to the SJTAG kernel interface from the shell
|
||||
userdebug_or_eng(`
|
||||
allow shell sysfs_sjtag:dir r_dir_perms;
|
||||
allow shell sysfs_sjtag:file rw_file_perms;
|
||||
')
|
||||
|
|
@ -12,6 +12,11 @@ userdebug_or_eng(`
|
|||
allow ssr_detector_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
|
||||
allow ssr_detector_app sscoredump_vendor_data_coredump_file:file r_file_perms;
|
||||
get_prop(ssr_detector_app, vendor_aoc_prop)
|
||||
allow ssr_detector_app sysfs_sjtag:dir r_dir_perms;
|
||||
allow ssr_detector_app sysfs_sjtag:file rw_file_perms;
|
||||
allow ssr_detector_app sysfs_vendor_sched:dir search;
|
||||
allow ssr_detector_app sysfs_vendor_sched:file rw_file_perms;
|
||||
allow ssr_detector_app cgroup:file write;
|
||||
')
|
||||
|
||||
get_prop(ssr_detector_app, vendor_ssrdump_prop)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue