Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

pixel-selinux: Port PRO SJTAG policies to tm-dev

Browse source 
These are the SELinux policies for the sysfs files of the SJTAG
kernel interface for WHI-PRO-based devices, now migrated to the
tm-dev branch. The files are in the following directories:

  /sys/devices/platform/sjtag_ap/interface/
  /sys/devices/platform/sjtag_gsa/interface/

Bug: 207571417
Bug: 224022297
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Merged-in: I5ec50d9ff7cd0e08ade7acce21e73751e93a0aff
Change-Id: I56da5763c31ab098859cbc633660897646fe7f3e
This commit is contained in:
Peter Csaszar 2022-02-14 20:29:23 -08:00 committed by TreeHugger Robot
parent 046601d414
commit 466adbb2da
4 changed files with 26 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

11
whitechapel_pro/file.te
View file

@ -97,3 +97,14 @@ type sysfs_usbc_throttling_stats, sysfs_type, fs_type;
# Touch
type proc_touch, proc_type, fs_type;
# Vendor sched files
userdebug_or_eng(`
typeattribute sysfs_vendor_sched mlstrustedobject;
')
# SJTAG
type sysfs_sjtag, fs_type, sysfs_type;
userdebug_or_eng(`
typeattribute sysfs_sjtag mlstrustedobject;
')

4
whitechapel_pro/genfs_contexts
View file

@ -223,3 +223,7 @@ genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_t
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/cleared_time u:object_r:sysfs_usbc_throttling_stats:s0
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/hysteresis_time u:object_r:sysfs_usbc_throttling_stats:s0
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/trip_time u:object_r:sysfs_usbc_throttling_stats:s0
# SJTAG
genfscon sysfs /devices/platform/sjtag_ap/interface u:object_r:sysfs_sjtag:s0
genfscon sysfs /devices/platform/sjtag_gsa/interface u:object_r:sysfs_sjtag:s0

5
whitechapel_pro/shell.te Normal file
View file

@ -0,0 +1,5 @@
# Allow access to the SJTAG kernel interface from the shell
userdebug_or_eng(`
allow shell sysfs_sjtag:dir r_dir_perms;
allow shell sysfs_sjtag:file rw_file_perms;
')

5
whitechapel_pro/ssr_detector.te
View file

@ -12,6 +12,11 @@ userdebug_or_eng(`
allow ssr_detector_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
allow ssr_detector_app sscoredump_vendor_data_coredump_file:file r_file_perms;
get_prop(ssr_detector_app, vendor_aoc_prop)
allow ssr_detector_app sysfs_sjtag:dir r_dir_perms;
allow ssr_detector_app sysfs_sjtag:file rw_file_perms;
allow ssr_detector_app sysfs_vendor_sched:dir search;
allow ssr_detector_app sysfs_vendor_sched:file rw_file_perms;
allow ssr_detector_app cgroup:file write;
')
get_prop(ssr_detector_app, vendor_ssrdump_prop)