Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

convert_to_ext4.sh: add sepolicy am: 07af2808d5

Browse source 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19391424

Change-Id: Id303addc42a444642f827605404dca79044efd37
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Konstantin Vyshetsky 2022-08-01 18:17:27 +00:00 committed by Automerger Merge Worker
commit a8e3ff791c
2 changed files with 48 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

47
whitechapel_pro/convert-to-ext4-sh.te Normal file
View file

@ -0,0 +1,47 @@
type convert-to-ext4-sh, domain, coredomain;
type convert-to-ext4-sh_exec, system_file_type, exec_type, file_type;
userdebug_or_eng(`
permissive convert-to-ext4-sh;
init_daemon_domain(convert-to-ext4-sh)
allow convert-to-ext4-sh block_device:dir search;
allow convert-to-ext4-sh e2fs_exec:file rx_file_perms;
allow convert-to-ext4-sh efs_block_device:blk_file rw_file_perms;
allow convert-to-ext4-sh kernel:process setsched;
allow convert-to-ext4-sh kmsg_device:chr_file rw_file_perms;
allow convert-to-ext4-sh persist_audio_file:dir { rw_file_perms search };
allow convert-to-ext4-sh persist_audio_file:file rw_file_perms;
allow convert-to-ext4-sh persist_block_device:blk_file rw_file_perms;
allow convert-to-ext4-sh persist_camera_file:dir { rw_file_perms search };
allow convert-to-ext4-sh persist_camera_file:file rw_file_perms;
allow convert-to-ext4-sh persist_display_file:dir { rw_file_perms search };
allow convert-to-ext4-sh persist_display_file:file rw_file_perms;
allow convert-to-ext4-sh persist_file:dir { getattr open read search };
allow convert-to-ext4-sh persist_file:file rw_file_perms;
allow convert-to-ext4-sh persist_haptics_file:dir { rw_file_perms search };
allow convert-to-ext4-sh persist_haptics_file:file rw_file_perms;
allow convert-to-ext4-sh persist_sensor_reg_file:dir { rw_file_perms search };
allow convert-to-ext4-sh persist_sensor_reg_file:file rw_file_perms;
allow convert-to-ext4-sh persist_ss_file:dir { rw_file_perms search };
allow convert-to-ext4-sh persist_ss_file:file rw_file_perms;
allow convert-to-ext4-sh persist_uwb_file:dir { rw_file_perms search };
allow convert-to-ext4-sh persist_uwb_file:file rw_file_perms;
allow convert-to-ext4-sh shell_exec:file rx_file_perms;
allow convert-to-ext4-sh sysfs_fs_ext4_features:dir { read search };
allow convert-to-ext4-sh sysfs_fs_ext4_features:file read;
allow convert-to-ext4-sh tmpfs:dir { add_name create mounton open };
allow convert-to-ext4-sh tmpfs:dir { remove_name rmdir rw_file_perms setattr };
allow convert-to-ext4-sh tmpfs:file { create rw_file_perms unlink };
allow convert-to-ext4-sh toolbox_exec:file rx_file_perms;
allowxperm convert-to-ext4-sh { efs_block_device persist_block_device}:blk_file ioctl {
BLKDISCARD BLKPBSZGET BLKDISCARDZEROES BLKROGET LOOP_CLR_FD
};
dontaudit convert-to-ext4-sh labeledfs:filesystem { mount unmount };
dontaudit convert-to-ext4-sh self:capability { chown fowner fsetid dac_read_search sys_admin sys_rawio };
dontaudit convert-to-ext4-sh unlabeled:dir { add_name create mounton open rw_file_perms search setattr };
dontaudit convert-to-ext4-sh unlabeled:file { create rw_file_perms setattr };
')

1
whitechapel_pro/file_contexts
View file

@ -43,6 +43,7 @@
/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.fpc u:object_r:fingerprint_factory_service_exec:s0
/vendor/bin/hw/battery_mitigation u:object_r:battery_mitigation_exec:s0
/vendor/bin/hw/android\.hardware\.memtrack-service\.pixel u:object_r:hal_memtrack_default_exec:s0
/system_ext/bin/convert_to_ext4\.sh u:object_r:convert-to-ext4-sh_exec:s0
# Vendor Firmwares
/vendor/firmware(/.*)? u:object_r:vendor_fw_file:s0