34fe057526
tee policies were missing Bug: 263304957 Bug: 263429986 Bug: 264489524 Test: boot and scanAvcDeniedLogRightAfterReboot passed Change-Id: Ia3191496be005dbbbe331a14f7d45adace34b3fc Signed-off-by: Donnie Pollitz <donpollitz@google.com>
15 lines
470 B
Text
15 lines
470 B
Text
# Handle wake locks
|
|
wakelock_use(tee)
|
|
|
|
allow tee persist_ss_file:file create_file_perms;
|
|
allow tee persist_ss_file:dir create_dir_perms;
|
|
allow tee persist_file:dir r_dir_perms;
|
|
allow tee mnt_vendor_file:dir r_dir_perms;
|
|
allow tee tee_data_file:dir rw_dir_perms;
|
|
allow tee tee_data_file:lnk_file r_file_perms;
|
|
allow tee sg_device:chr_file rw_file_perms;
|
|
|
|
# Allow storageproxyd access to gsi_public_metadata_file
|
|
read_fstab(tee)
|
|
|
|
set_prop(tee, vendor_trusty_storage_prop)
|