add sepolicy for set_usb_irq.sh
Bug: 202103325 Test: build pass (synced from commit 714075eba72067489d08c36b87bfed9656092b2c) Change-Id: I309e24a5084ed33278d3fbe49e4ad1cc91b1255a
This commit is contained in:
Ray Chi
TreeHugger Robot
parent
019c8e6fcf
commit
6733f9667d
2 changed files with 16 additions and 0 deletions
|
|
@ -213,3 +213,6 @@
|
|||
/mnt/vendor/efs(/.*)? u:object_r:modem_efs_file:s0
|
||||
/mnt/vendor/efs_backup(/.*)? u:object_r:modem_efs_file:s0
|
||||
/mnt/vendor/modem_userdata(/.*)? u:object_r:modem_userdata_file:s0
|
||||
|
||||
# USB
|
||||
/vendor/bin/hw/set_usb_irq\.sh u:object_r:set-usb-irq-sh_exec:s0
|
||||
|
|
|
|||
13
whitechapel_pro/set-usb-irq-sh.te
Normal file
13
whitechapel_pro/set-usb-irq-sh.te
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
type set-usb-irq-sh, domain;
|
||||
type set-usb-irq-sh_exec, vendor_file_type, exec_type, file_type;
|
||||
init_daemon_domain(set-usb-irq-sh)
|
||||
|
||||
allow set-usb-irq-sh vendor_toolbox_exec:file execute_no_trans;
|
||||
|
||||
allow set-usb-irq-sh proc_irq:dir r_dir_perms;
|
||||
allow set-usb-irq-sh proc_irq:file w_file_perms;
|
||||
|
||||
# AFAICT this happens if /proc/irq updates as we're running
|
||||
# and we end up trying to write into non-existing file,
|
||||
# which implies creation...
|
||||
dontaudit set-usb-irq-sh self:capability dac_override;
|
||||
Loading…
Add table
Add a link
Reference in a new issue