Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev am: 86cb19bb2f

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23341842 Change-Id: I6a938dee1103a1b2b445669a5258f7470729248c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-05-24 08:25:48 +00:00 · 2023-05-24 08:25:48 +00:00 · 9279426af4
commit 9279426af4
parent b4bac68874 86cb19bb2f
3 changed files with 11 additions and 0 deletions
--- a/vendor/disable-contaminant-detection-sh.te
+++ b/vendor/disable-contaminant-detection-sh.te
@ -0,0 +1,7 @@
+type disable-contaminant-detection-sh, domain;
+type disable-contaminant-detection-sh_exec, vendor_file_type, exec_type, file_type;
+init_daemon_domain(disable-contaminant-detection-sh)
+
+allow disable-contaminant-detection-sh vendor_toolbox_exec:file execute_no_trans;
+allow disable-contaminant-detection-sh sysfs_batteryinfo:dir r_dir_perms;
+allow disable-contaminant-detection-sh sysfs_batteryinfo:file rw_file_perms;
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@ -29,6 +29,7 @@
 /vendor/bin/hw/android\.hardware\.security\.keymint-service\.rust\.trusty         u:object_r:hal_keymint_default_exec:s0
 /vendor/bin/ufs_firmware_update\.sh                                         u:object_r:ufs_firmware_update_exec:s0
 /vendor/bin/hw/android\.hardware\.memtrack-service\.pixel                   u:object_r:hal_memtrack_default_exec:s0
+/vendor/bin/hw/disable_contaminant_detection\.sh                            u:object_r:disable-contaminant-detection-sh_exec:s0

 # Vendor Firmwares
 /vendor/firmware(/.*)?                                                      u:object_r:vendor_fw_file:s0
--- a/vendor/genfs_contexts
+++ b/vendor/genfs_contexts
@ -158,6 +158,9 @@ genfscon sysfs /devices/platform/13120000.pcie/link_stats/link_up_average
 genfscon sysfs /devices/platform/13120000.pcie/link_stats/link_up_failures              u:object_r:sysfs_pcie:s0
 genfscon sysfs /devices/platform/13120000.pcie/link_stats/pll_lock_average              u:object_r:sysfs_pcie:s0

+# disable contaminant detection
+genfscon sysfs /devices/platform/10cb0000.hsi2c                                         u:object_r:sysfs_batteryinfo:s0
+
 # Battery
 genfscon sysfs /devices/platform/google,battery/power_supply/battery                    u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /devices/platform/google,cpm                                             u:object_r:sysfs_batteryinfo:s0